Re: [OSPF] IETF OSPF YANG and BFD Configuration

"Acee Lindem (acee)" <> Tue, 20 June 2017 14:14 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id A6EF412ECA3; Tue, 20 Jun 2017 07:14:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.523
X-Spam-Status: No, score=-14.523 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 12NnJKf_MgQk; Tue, 20 Jun 2017 07:14:32 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 11C0C12EC9B; Tue, 20 Jun 2017 07:14:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=5638; q=dns/txt; s=iport; t=1497968071; x=1499177671; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=E1Nyft3AVxGnI/1NLcz0A4woydYIX0j0wl9r6BEw108=; b=L4XIylraqhxRQtAr+N6wZvW/mvJaUIb/AtFr+7c1oIjsW/YwzEzGAIeF gcps4pwQFrhvUuMuOg1V/kS+XKz3QdIMpbQM5YfQClu1o78DSDH4wlkbQ CBP/bJL32tylMLmdO20DqqmApdnlSSbweL3TMrnO2yzd46PZbAX41Bckw k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.39,364,1493683200"; d="scan'208";a="440190795"
Received: from ([]) by with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Jun 2017 14:14:30 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id v5KEETW2020036 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 20 Jun 2017 14:14:29 GMT
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1210.3; Tue, 20 Jun 2017 10:14:28 -0400
Received: from ([]) by ([]) with mapi id 15.00.1210.000; Tue, 20 Jun 2017 10:14:28 -0400
From: "Acee Lindem (acee)" <>
To: Jeffrey Haas <>, Mahesh Jethanandani <>
CC: "Reshad Rahman (rrahman)" <>, Jeffrey Haas <>, OSPF WG List <>, "" <>, "" <>, "" <>
Thread-Topic: IETF OSPF YANG and BFD Configuration
Thread-Index: AQHS6Syo68r6z3GylU2z1PR9VYBctaItArCAgAENr4D//7xOAA==
Date: Tue, 20 Jun 2017 14:14:28 +0000
Message-ID: <>
References: <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
Archived-At: <>
Subject: Re: [OSPF] IETF OSPF YANG and BFD Configuration
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 20 Jun 2017 14:14:34 -0000

Hi Jeff, Mahesh, 

See a couple inlines.

On 6/20/17, 10:16 AM, "Jeffrey Haas" <> wrote:

>On Mon, Jun 19, 2017 at 03:11:25PM -0700, Mahesh Jethanandani wrote:
>> > On Jun 19, 2017, at 11:57 AM, Jeffrey Haas <> wrote:
>> > Where we run into some issues are the cases highlighted: when the
>> > don't share common properties, how should the protocol pick what BFD
>> > to use?  
>> The issue that I hear most is the timer granularity. Is there something
>Potentially mode (async vs. echo) and authentication.  However, I believe
>timer granularity is the biggest one.
>> > The current BFD yang model only permits a single IP single-hop session
>> > to be configured.  (Key is interface/dst-ip)  This means that if
>> > parameters *were* desired, the BFD model won't permit it today.
>> > BFD sessions for many protocols tend not to be configured, but may
>> > forth from protocol state, such as IGP adjacencies.  Thus, it's not
>> > "configured" - it's solely operational state.  However, the BFD yang
>> > doesn't really make good provision for that as an "on”.
>> The idea is that a BFD session is configured a priori and before a IGP
>>session is configured with the most aggressive timer. IGP sessions then
>>refer to the BGP session configured. If a IGP session is added that
>>requires a more aggressive timer, we would have to renegotiate the more
>>aggressive timer value.
>Consider a broadcast network segment such as Ethernet.
>Consider a few dozen routers on such a segment.
>Is it your expectation that an IGP would require each of those routers to
>manually configured in the Yang module a priori?  That is, after all, much
>of the point of an IGP: automatic discovery.

I think the BFD model should support a wildcard for destination IP address
to avoid this problem.

>> > Where all endpoint state is known a priori, config state makes better
>> > 
>> > To pick the example of Juniper's configuration, if OSPF and eBGP were
>> > BFD, both can choose differing timers.  This represents two pieces of
>> > configuration state for the same endpoints.  Additionally, only one
>> > session is formed using the most aggressive timers.
>> That is what we are suggesting also.
>The distinguishing point is configuration vs. operational state.  The
>current model doesn't permit more than one set of parameters to be
>provisioned even if the implementation may choose to instantiate exactly

This could be supported with extensions to the BFD model.

>> > I partially point out the situation of multiple timers since there
>>have been
>> > prior list discussions on the situation where clients have different
>> > requirements.  I don't think we handle this operationally in the BFD
>> > protocol in the cleanest fashion right now - the session will go to
>> > when the aggressive timers fail and there's no clean way to
>>renegotiate to
>> > the less aggressive timers.
>> A BFD session would fail more likely because there is a real network
>>failure than because the timer was more aggressive than what IGP had
>Please note that I raise this point mostly because of prior discussion.
>well aware of the headaches this currently causes:
>Different protocols have different survivability requirements.  An IGP may
>very well want sub-second timers, potentially for repair behaviors.  BGP
>want fast failover, but may be fine with second level granularity.  This
>particularly true since the cost of too aggressively flapping BGP is of
>significantly greater impact to the network and the router.
>But moving to what *is* rather than what should be, if there are two
>different timing setups for the same endpoint: If you deprovision the more
>aggressive timer, the session should likely renegotiate to the less
>aggressive one rather than drop.
>-- Jeff