RE: Can Multihop BFD be protected using RLFA backup?

Alexander Vainshtein <Alexander.Vainshtein@ecitele.com> Thu, 17 January 2019 12:55 UTC

Return-Path: <Alexander.Vainshtein@ecitele.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B944D130E73 for <rtg-bfd@ietfa.amsl.com>; Thu, 17 Jan 2019 04:55:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.69
X-Spam-Level:
X-Spam-Status: No, score=-1.69 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (1024-bit key) reason="fail (body has been altered)" header.d=eci365.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8fu1h25XqAyP for <rtg-bfd@ietfa.amsl.com>; Thu, 17 Jan 2019 04:55:05 -0800 (PST)
Received: from mail1.bemta25.messagelabs.com (mail1.bemta25.messagelabs.com [195.245.230.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3504812F1AC for <rtg-bfd@ietf.org>; Thu, 17 Jan 2019 04:55:05 -0800 (PST)
Received: from [46.226.52.103] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-4.bemta.az-a.eu-west-1.aws.symcld.net id 93/1B-17209-72B704C5; Thu, 17 Jan 2019 12:55:03 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA1VTWUwTURTldabtSFqdFrWXKkbrjkylahQSl2q i6YeiifFDheggA20shXSKFP0QFBIVl7oQpYIVQ9TgrqhINBFEsZgILmjEAFYQFRcUVBYJONNX t5+b8+4599wzL28oQt0p01Kc08HZbaxVJwsmZ40qdTKTthhjI2vvTYjqvxIT1dV/DUV9v+WTG gnTDXej3FRc3CsxZbd5ZSuINVKLLT7FuV5qLvtYJUu9ni1x3q3egzJRT6ZkFwqmSPoEAQPVWa R4UNMuCdS7PxH40Iyg8kOZfBcaQsnoeXD5TKNMxMPpmVCa3ScVMUFvhPtnypGIQwSN6+sFoU8 JmvnQU5uI5UvgRVOh34akJ8KhU7tJESvpOHjwvAjhXXkSKLk06CcQPRK6a85KsL8GGlo9fgw0 DcU3awmMR8D7lgEp1sdD85sihPvj4EhTgRzjMHjsyfUvAHq7HLxd3oARA1/y8gJGy+Dbl8+kG Bro8VD6Lg7rGxC0umqkWBMOFQf3kRhbodPXEVg2Gqq8l2R44LAM2k66/ZvV9Aa4X9AVGBgDJX t8JBbVEeDprQtclxYan+5ELhTu/udLMbbB7UfX5W7/NanAm99KuoWABD0VLpRPx5JxcCjXJ8d 4CuQUFMr/7R9H8hI0J95uSTI7klmLlTFERjIGwwzGED2TmT1bz25mWD2XxqRzvIMx6Nl0Xs9n JG+wJuhtnOMyEt5ZQmrFojJ0/nRSJQqlJLoRSjrSGKseGp+SkGFmefM6e5qV4yvRaIrSgTJis 8Cp7FwS50y0WIXH+psGSqEbrnyYIdBKPpVN5i1JmKpBi6nbJ3yFBFXa3CbUcn/Nz38r1E8VQl WTthQbp9Uoc8VhWhw2p9n+WP/+FR6jMG2IEgUFBakVqZw92eL4n29HGgrpQpTRYkKFxeb4k6B dCCcRwtW9WiCGc7B/KW0mutO0KaLhXoNi/9pnAx1hTydb6guMD/ibnp/tmZ4DEYkxg/MW55oW pHXo6rdePRKT33f3qE7xQ7rs4vIrVYqPC3veK5aj1Yaf4WN35BS9GaZa8vqYqyz95Y/mJ91nT 7arBrfNdUzTrO4PdoZuK16pMk3IyzJSe2O1LZrpq+KCo6rPLW3RkbyZNYQTdp79BeTt4VgFBA AA
X-Env-Sender: Alexander.Vainshtein@ecitele.com
X-Msg-Ref: server-13.tower-267.messagelabs.com!1547729699!7268508!1
X-Originating-IP: [52.27.180.120]
X-SYMC-ESS-Client-Auth: mailfrom-relay-check=pass
X-StarScan-Received:
X-StarScan-Version: 9.14.24; banners=ecitele.com,-,-
X-VirusChecked: Checked
Received: (qmail 14906 invoked from network); 17 Jan 2019 12:55:01 -0000
Received: from us-west-2c.mta.dlp.protect.symantec.com (HELO EUR04-DB3-obe.outbound.protection.outlook.com) (52.27.180.120) by server-13.tower-267.messagelabs.com with AES256-SHA256 encrypted SMTP; 17 Jan 2019 12:55:01 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ECI365.onmicrosoft.com; s=selector1-ecitele-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=dnXlwyUsNBnpuATjbpX006N79X5dRfq3oPGxf1eF5Dw=; b=fwawBr29O9pKXABNlBgtGy9dJ/rtUcCSW6WRr/M0M7jDt+ILkNUOSfqGjC0taqoJlGKXOUuHchYZqH1PR6OTqetwP790d/Ivh/9iP6ss/Dauj6lP5/L69Jp87soZK1DCY2OGSCydRXlVKdPnSUdKrpWLMMpZOxI2eC+NcXBunFE=
Received: from AM0PR03MB3828.eurprd03.prod.outlook.com (52.135.146.29) by AM0PR03MB3521.eurprd03.prod.outlook.com (52.134.80.150) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1516.18; Thu, 17 Jan 2019 12:54:57 +0000
Received: from AM0PR03MB3828.eurprd03.prod.outlook.com ([fe80::11d6:b959:e9f4:efd3]) by AM0PR03MB3828.eurprd03.prod.outlook.com ([fe80::11d6:b959:e9f4:efd3%5]) with mapi id 15.20.1516.019; Thu, 17 Jan 2019 12:54:57 +0000
From: Alexander Vainshtein <Alexander.Vainshtein@ecitele.com>
To: Muthu Arul Mozhi Perumal <muthu.arul@gmail.com>
CC: "rtg-bfd@ietf.org" <rtg-bfd@ietf.org>, "stephane.litkowski@orange.com" <stephane.litkowski@orange.com>
Subject: RE: Can Multihop BFD be protected using RLFA backup?
Thread-Topic: Can Multihop BFD be protected using RLFA backup?
Thread-Index: AQHUrkVV9YV4BPwDHkKBLTtSD2VPtqWzOX+AgAASM4CAABBLYIAADsdg
Date: Thu, 17 Jan 2019 12:54:56 +0000
Message-ID: <AM0PR03MB38284DA99EE5F792983961849D830@AM0PR03MB3828.eurprd03.prod.outlook.com>
References: <CAKz0y8xNcx9AmS-kx4nM1YXnqk8+PDPrPrdBhMs4jtYVegoz8g@mail.gmail.com> <25009_1547719034_5C40517A_25009_420_1_9E32478DFA9976438E7A22F69B08FF924B78E8A2@OPEXCLILMA4.corporate.adroot.infra.ftgroup> <CAKz0y8yuVJ7t31OKKm7F1G1aGYMOyFqdE=5JWjWeBBTH_-9OQQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.234.241.1]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; AM0PR03MB3521; 6:EumZ4Vh9h74wC9b+p0m/kRPaErAa/53L6DYmYmcp1rP33VsEFYMZRpj6bTDIyvi8KdyaQ4by94lck5vMm1Fn8Zk+BBvPMd89Fj45ctSXXCdx+MIpVPY1kRJf7pX0wiA3v4l0HNw1SO6dyMsLbVHWSe8aSNihL85UMOhggF9VQkoyPycNHEWLNh54KhkjMeEkRnIkCCqXpgviINn3jRYCG8xtA6lhKJjb2LaSzYNgs+3agTzdSt5EsMAaXwWtMGaugmuHwaWHlqbKboIKc7Jh83K8+a4OkF3DF3TDtLbEedAh7dXoYQUFxUGXb4G84OJORcpg+vgdBLgZVkY6anjT6FuoOBeAsgz7UhGwsrjQ6OfC3e2qrCN0J3k0U4YM+4Z8Yd2B5WCyB23RIDZtKDtezWV5DSs9XxGfnVfJjgkWKPlKJTeBNxIhvEOKZNwkMPlaS61LGIo0JL686LCydeBQEg==; 5:HZwpPK0YNScRmAfChDouZfevDOfeM/P3Ns99XqHpZIlX7F258IydTsrO3Mj5IGBbg5zDpTTSN1SUQR1qbLnWktb6bTydprNo1IyV09lpzpfXkZj3PPTO8g0jrEWR8hiCX6pbeNTOkUZA9shG/RJ1brOVMZU3ryyXf/xvZjOULOJpSRcRNGe3iUnmf1YvNEsII+MhlmV1U2Sor82ze0tYSQ==; 7:VziRGSj6q+3ie+39cIwCnWC2ThEIKk94pJXpBTTcPbSH1tQ2OUuvvAmnyIwD9E+JDt8dlEU8D7uRYUL2k2i9F7GpSQF0D1g/kqQQ3a7drXYKJ33zDDDlGqYlGjJ/yCj0XzT9KryT/DqDpkaDdxMcOg==
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 0ddd1948-a876-49da-a6e8-08d67c7afbd0
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600109)(711020)(4618075)(2017052603328)(7153060)(7193020); SRVR:AM0PR03MB3521;
x-ms-traffictypediagnostic: AM0PR03MB3521:
x-microsoft-antispam-prvs: <AM0PR03MB35213C7C0D9DF9A02201F7E79D830@AM0PR03MB3521.eurprd03.prod.outlook.com>
x-forefront-prvs: 0920602B08
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(396003)(366004)(346002)(39860400002)(136003)(376002)(189003)(199004)(53754006)(51444003)(39060400002)(97736004)(66066001)(6246003)(53936002)(25786009)(71190400001)(71200400001)(74316002)(55016002)(316002)(14454004)(9686003)(236005)(33656002)(4326008)(14444005)(99286004)(2906002)(256004)(5660300001)(6306002)(54906003)(54896002)(66574012)(6436002)(5024004)(7736002)(6506007)(7696005)(102836004)(68736007)(6116002)(86362001)(53546011)(229853002)(105586002)(8676002)(8936002)(26005)(106356001)(6916009)(81166006)(81156014)(186003)(3846002)(790700001)(486006)(476003)(478600001)(446003)(76176011)(72206003); DIR:OUT; SFP:1102; SCL:1; SRVR:AM0PR03MB3521; H:AM0PR03MB3828.eurprd03.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ecitele.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: VDBYVCiA3yRmmNVrJuobqvItXUANj1syr6tZh2j9FlgWle0GES5WutCeigV6cm24ldNUPn1bj0I95wopXfO/yjDGHNPVFtXUlUHuqvIRznNiZ+SzPYYcU8L7yC8EQm1K1dK2CtPPxomoAJXDtVqJ56cO7O4t12ArJwN3yJEJvmkC69Iw0cBLuinGjbmytstHyphtdaWaX5irYrXslZN77YSDxaY3IfrK8lPJEWfQeq37brzDdOf9ekD4WtTfdHSdT9zpyEACLZ4TT92KNU/Bb2+ca9jmKMvY6sfYi71Dfx11EkLtcFi74bVpZjgjvvcaAVlZ0/L3oqj4PpZVa8f+rElT1UZ60BwVIys0LDUricHN8DF4RjPF6NvOwzJuWF5qmkM8xpYLDSG8PXavQG8Wv0p0axlYmWocSQUmw9HSNPE=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_AM0PR03MB38284DA99EE5F792983961849D830AM0PR03MB3828eurp_"
MIME-Version: 1.0
X-OriginatorOrg: ecitele.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0ddd1948-a876-49da-a6e8-08d67c7afbd0
X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jan 2019 12:54:56.9571 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 2c514a61-08de-4519-b4c0-921fef62c42a
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR03MB3521
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/h23ooAiYSz06Oyy4B8Fekp-PJ34>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Jan 2019 12:55:09 -0000

Muthu, and all,
A minor correction: s/iBGP peers/remote BGP Next Hops/ in my previous email.

Regards,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com

From: Alexander Vainshtein
Sent: Thursday, January 17, 2019 2:20 PM
To: 'Muthu Arul Mozhi Perumal' <muthu.arul@gmail.com>
Cc: rtg-bfd@ietf.org; stephane.litkowski@orange.com
Subject: RE: Can Multihop BFD be protected using RLFA backup?

Muthu,
Regarding the question in your 2nd email “Do we know of any implementation that provides RLFA FRR protection to multihop BFD packets?”
My employer (ECI Telecom) has implemented multi-hop IP BFD protected by IP FRR (including local and remote LFA) with encapsulation that follows RFC 5883.
(As explained by Stephane, IP FRR does not differentiate between multi-hop IP BFD and any other native IP traffic to the protected destination).
Multi-hop IP BFD is used for reliable and reasonably fast detection of failure of iBGP peers that, in its turn,  can trigger appropriate protection mechanisms.

Regards,
Sasha

Office: +972-39266302
Cell:      +972-549266302
Email:   Alexander.Vainshtein@ecitele.com<mailto:Alexander.Vainshtein@ecitele.com>

From: Rtg-bfd <rtg-bfd-bounces@ietf.org<mailto:rtg-bfd-bounces@ietf.org>> On Behalf Of Muthu Arul Mozhi Perumal
Sent: Thursday, January 17, 2019 1:02 PM
To: stephane.litkowski@orange.com<mailto:stephane.litkowski@orange.com>
Cc: rtg-bfd@ietf.org<mailto:rtg-bfd@ietf.org>
Subject: Re: Can Multihop BFD be protected using RLFA backup?

Hi Stephane,

Thanks for your response. Please see inline..

On Thu, Jan 17, 2019 at 3:27 PM <stephane.litkowski@orange.com<mailto:stephane.litkowski@orange.com>> wrote:
Hi,

I think that the fact that “control” packets can benefit of FRR is really implementation dependent. It is also linked to the place where BFD packets are created (RP or LC).
From a theoretical point of view, nothing prevents FRR to be used as for any packet generated by the router itself.

Do we know of any implementation that provides RLFA FRR protection to multihop BFD packets?

Regarding the encapsulation, if your BFD client is using RFC5883, this will not change during FRR, the FRR will just push labels on top independently.

The primary reason for my question on encapsulations is because RFC 4379 has the foll. as one of the reasons for using the destination address in 127/8 range for IPv4 (0:0:0:0:0:FFFF:7F00/104 range for IPv6) for diagnostic packets sent over MPLS LSP:
   1. Although the LSP in question may be broken in unknown ways, the
      likelihood of a diagnostic packet being delivered to a user of an
      MPLS service MUST be held to an absolute minimum.

Since multihop BFD uses a routable destination address, wondering whether there would be any issues if multihop BFD packets are sent over the RLFA backup path without following RFC 5884 encapsulation..

Regards,
Muthu

Again, the possibility to get FRR is really implementation dependent, as the forwarding decision of the BFD packet may not be taken by the network processor of the LC.

Brgds,

From: Rtg-bfd [mailto:rtg-bfd-bounces@ietf.org<mailto:rtg-bfd-bounces@ietf.org>] On Behalf Of Muthu Arul Mozhi Perumal
Sent: Thursday, January 17, 2019 10:16
To: rtg-bfd@ietf.org<mailto:rtg-bfd@ietf.org>
Subject: Can Multihop BFD be protected using RLFA backup?

Hi All,

Multihop BFD (RFC 5883) packets are sent over UDP/IP. The encapsulation used is identical to single hop BFD (RFC 5881) except that the UDP destination port is set to 4784.

Now, suppose on the ingress node there is no IP/LFA backup path for the destination address tracked by multihop BFD, but there exists an an RLFA backup path to that destination. In this case, is multihop BFD expected to be protected using the RLFA backup path i.e should multihop BFD packets be sent over the RLFA backup path if the primary path goes down?

If multihop BFD packets are to be sent over the RLFA backup path, what encapsulation should the ingress use? The encapsulation specified in RFC 5883 or the encapsulation specified in RFC 5884 (MPLS BFD)?

Please let me know you opinion.

Regards,
Muthu

_________________________________________________________________________________________________________________________



Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc

pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler

a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,

Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.



This message and its attachments may contain confidential or privileged information that may be protected by law;

they should not be distributed, used or copied without authorisation.

If you have received this email in error, please notify the sender and delete this message and its attachments.

As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.

Thank you.

___________________________________________________________________________

This e-mail message is intended for the recipient only and contains information which is 
CONFIDENTIAL and which may be proprietary to ECI Telecom. If you have received this 
transmission in error, please inform us by e-mail, phone or fax, and then delete the original 
and all copies thereof.
___________________________________________________________________________