Internet DRAFT - draft-mohanty-bess-mutipath-interas

draft-mohanty-bess-mutipath-interas







BESS WorkGroup                                                S. Mohanty
Internet-Draft                                            A. Sreekantiah
Intended status: Informational                                    D. Rao
Expires: March 14, 2018                                    Cisco Systems
                                                                K. Patel
                                                             Arrcus, Inc
                                                      September 10, 2017


                   BGP Multipath in Inter-AS Option-B
                 draft-mohanty-bess-mutipath-interas-01

Abstract

   By default, The Border Gateway Protocol, BGP only installs the best-
   path to the IP Routing Table.  BGP multi-path is a well known feature
   that enables installation of multiple paths to the IP Routing Table.
   This is done to achieve load balancing while forwarding traffic.  For
   a path to be eligible as a multi-path, certain criteria need to be
   fulfilled.  Inter-AS VPNs are commonly deployed to span organizations
   across Service Provider boundaries.  In this draft, we describe an
   issue relating to multi-path load balancing that can arise in an
   Option B Inter-AS Deployment.  With the help of a representative
   topology, we illustrate the problem and then present two simple
   schemes as the solution to the problem.  We also note as a matter of
   independent interest that the same underlying issue is applicable to
   deployments that employ next-hop-self behavior (implicit or explicit)
   downstream and the multi-path feature upstream.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on March 14, 2018.






Mohanty, et al.          Expires March 14, 2018                 [Page 1]

Internet-Draft     BGP Multipath in Inter-AS Option-B     September 2017


Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Requirements Language . . . . . . . . . . . . . . . . . . . .   3
   3.  Topology notation . . . . . . . . . . . . . . . . . . . . . .   3
   4.  Problem Description . . . . . . . . . . . . . . . . . . . . .   4
   5.  BGP ADDpath with the non-unique RD case . . . . . . . . . . .   4
   6.  BGP Labeled unicast with Add-Path . . . . . . . . . . . . . .   5
   7.  BGP Multi-path Inter-As Solution 1  . . . . . . . . . . . . .   5
   8.  BGP Multi-path Inter-As Solution 2  . . . . . . . . . . . . .   5
   9.  Protocol Considerations . . . . . . . . . . . . . . . . . . .   6
   10. Operational Considerations  . . . . . . . . . . . . . . . . .   6
   11. Security Considerations . . . . . . . . . . . . . . . . . . .   6
   12. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   6
   13. References  . . . . . . . . . . . . . . . . . . . . . . . . .   6
     13.1.  Normative References . . . . . . . . . . . . . . . . . .   6
     13.2.  Informative References . . . . . . . . . . . . . . . . .   7
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   7

1.  Introduction

   By Default BGP [RFC4271] only advertises the best-path to a peer and
   also installs the best-path to the IP Routing Table (RIB) and thereby
   to the Forwarding Information Base (FIB).  BGP multi-path is a
   feature where more than one received BGP route, rather than only the
   one corresponding to the BGP best-path, are installed in the IP
   Routing Table and the Forwarding Information Base.  This offers
   benefits of load balancing, efficient utilization of system resources
   network-wide, and enabling high throughput for traffic flows which
   would be lacking otherwise.  It also has the added benefit of
   providing redundancy in case one of the BGP paths are withdrawn due
   to a link going down or some other event.  Often vendors have a




Mohanty, et al.          Expires March 14, 2018                 [Page 2]

Internet-Draft     BGP Multipath in Inter-AS Option-B     September 2017


   configurable knob which dictates how many paths to a given
   destination can be installed in the forwarding.

   BGP Multi-path is widely deployed in practice and when augmented with
   the Demilitarized Link Bandwidth (DMZ LB)
   [I-D.ietf-idr-link-bandwidth] can be used to provide unequal cost
   load balancing as per user control.

   The BGP best-path algorithm proceeds through a well-known and
   deterministic selection mechanism in determining the best-path.
   Typically, a path is deemed eligible as a multi-path, if it
   encounters a tie with the best-path, when it is determined that the
   IGP cost (metric) to the BGP next-hop is the same, as per the BGP
   best-path algorithm [RFC4271].  In addition, two paths, which match
   all criteria until the IGP metric but have the same next-hop IP
   address cannot both be considered as multi-paths.  This is regardless
   of EBGP or IBGP rules.  In this draft we point out an issue that
   limits the benefits of multi-path deployments arising out of above
   restrictions when the BGP path is propagated across Inter-AS Option B
   [RFC4364] Autonomous System Boundary Routers (ASBRs).

                                  \      /
                                   \    /
         |----PE1----|             |    |
         |           |             |    |
   CE1---|           RR-------ASBR1------ASBR2------PE3
         |----PE2----|             |    |
                                   |    |
             AS 100                             AS 200

   Inter-AS Option B.

                                 Figure 1

2.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

3.  Topology notation

   In the Figure 1. above, we consider a typical Inter-AS Option B
   topology, ASBR1 peering with ASBR2 over the inter-AS eBGPlink.  A
   VPN, vpn has a presence in both the Autonomous Systems, on all the PE
   routers shown; i.e. a Virtual routing Forwarding (VRF) tables
   associated with the VPN vpn exists at each of the Provider Routers




Mohanty, et al.          Expires March 14, 2018                 [Page 3]

Internet-Draft     BGP Multipath in Inter-AS Option-B     September 2017


   shown.  A dual-homed CE, CE1 is peering with PE1 and PE2 respectively
   in the context of vrf VRF1.

   Denote the Route-Distinguisher (RD) of the vrf VRF1 configured in PE1
   by RD1.  Denote the Route-Distinguisher of the vrf VRF2 configured in
   PE2 by RD2.  Assume that CE1 advertises an ipv4 prefix p, at ASBR1,
   the received VPN route prefix will be RD1:p and RD2:p, with next-hops
   PE1 and PE2 respectively, with the vpn (service) label as L1 and L2
   respectively.

4.  Problem Description

   As per EBGP rules at the advertising ASBR, ASBR1,the next-hop will be
   reset to the ASBR1 itself.  This causes the two routes RD1:p and
   RD2:p to be advertised to the receiving AS, AS2, with the mandatory
   attribute, the next-hop which points to ASBR1.

   Let's say the swapped label for RD1:p and RD2:p at ASBR1 is L1 and L2
   respectively.  If ASBR2 does not reset the next-hop (usual behavior),
   then the two paths will be received at PE3 with the same next-hop,
   i.e. ASBR1.  If ASBR2 does reset the next-hop, then the two paths
   will be received at PE3 with the next-hop set to ASBR2.

   In either case above, the two paths received at PE3 have the same
   next-hop, even though the labels are different.  As explained
   earlier, if two received BGP paths have the same next-hop, then both
   of them cannot be eligible for multi-paths at the same time.  This
   means that at the PE3, only one of the routes will be installed in
   the forwarding.

   In the Figure 1 above, even though the advertising AS (AS 100) has
   path redundancy, this is not visible to AS 200, and therefore load
   balancing cannot be done at ASBR1.  Note that this is different from
   the classic same RD problem which one often encounters in the Route-
   Reflector context.

5.  BGP ADDpath with the non-unique RD case

   The above scenario is described in the context of the unique-RD case.
   Now consider the case when one has non-unique RDs configured for the
   vpn VRF at PE1 and PE2, and BGP Add-Path [RFC7911] is used to
   propagate the paths to AS200 via RR, ASBR1 and ASBR2 respectively.
   In this case, the ASBR1 resets the next-hop to itself in both of the
   add-paths thus ensuring that the two add-paths cannot be installed as
   primary and backup in the FIB at PE3 in AS200.






Mohanty, et al.          Expires March 14, 2018                 [Page 4]

Internet-Draft     BGP Multipath in Inter-AS Option-B     September 2017


6.  BGP Labeled unicast with Add-Path

   A similar situation exists for non-VPN labeled traffic.  Figure 2
   shows a simple ebgp topology, in which R1 is in AS 1, R2 and R3 are
   in AS 2, R4 is in AS 3, and R5 is in AS 4.  A labeled unicast
   [RFC3107] prefix, p, is being advertised from R1 to R5.  Add-Path is
   configured at R4 and R5 and the capability is negotiated.  Both R2
   and R3, will set the next-hop to themselves.  When R4 receives the
   prefix p from R2 and R3, the situation is similar to the add-path
   scenario for the VPN case as described in the earlier section.  As a
   result only one of the paths will be advertised to R5.



         |===== R2 =====|
         |              |
   R1----|              R4---------- R5
         |              |
         |===== R3 =====|
   -AS1 -| - - AS2 - -|-AS3-|----AS4


   Inter-AS Option B.

                                 Figure 2

7.  BGP Multi-path Inter-As Solution 1

   The first solution is to consider the uniqueness of the label and the
   next-hop by considering the tuple (next-hop, label).  This translates
   to (ASBR1, L1) and (ASBR2, L2) and therefore they can be
   distinguished.  However many existing deployments today consider only
   the next-hop as the key.  Therefore this solution requires upgrade to
   existing deployment software.  An independent issue is that there
   should be no implications on hashing the weights assigned to the
   paths in the FIB due to the dependency on the label.

8.  BGP Multi-path Inter-As Solution 2

   The second solution is to inject two loopback ip addresses at ASBR1
   into the IBGP of the receiving AS corresponding to the PE1 and PE2's
   configured ip address or loopbacks that are in the next-hop attribute
   of the vpn routes RD1:p and RD2:p.  These loopback addresses need to
   be injected into the IGP of the receiving AS.  Also ASBR2 needs to be
   configured with a static route pointing to ASBR1 for this purpose.
   Alternatively, ASBR1 can redistribute these loopbacks into EBGP.
   This is also equivalent to doing next-hop-self.  The above solution
   won't require any software upgrade.  However it will require the



Mohanty, et al.          Expires March 14, 2018                 [Page 5]

Internet-Draft     BGP Multipath in Inter-AS Option-B     September 2017


   implementation to support policy and may have security implications
   since routes need to be leaked from one AS to the other.

9.  Protocol Considerations

   No Protocol Changes are necessary

10.  Operational Considerations

   Any of the two methods above can be adopted.  A note may be made that
   these solutions also are applicable to EVPN [RFC7432]

11.  Security Considerations

   This document raises no new security issues for L3VPN.

12.  Acknowledgements

   The authors would like to thank Yuri Tsier for his feedback and
   useful discussions

13.  References

13.1.  Normative References

   [I-D.ietf-idr-extcomm-iana]
              Rosen, E. and Y. Rekhter, "IANA Registries for BGP
              Extended Communities", draft-ietf-idr-extcomm-iana-02
              (work in progress), December 2013.

   [I-D.ietf-idr-link-bandwidth]
              Mohapatra, P. and R. Fernando, "BGP Link Bandwidth
              Extended Community", draft-ietf-idr-link-bandwidth-06
              (work in progress), January 2013.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC4271]  Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
              Border Gateway Protocol 4 (BGP-4)", RFC 4271,
              DOI 10.17487/RFC4271, January 2006,
              <https://www.rfc-editor.org/info/rfc4271>.

   [RFC4360]  Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended
              Communities Attribute", RFC 4360, DOI 10.17487/RFC4360,
              February 2006, <https://www.rfc-editor.org/info/rfc4360>.



Mohanty, et al.          Expires March 14, 2018                 [Page 6]

Internet-Draft     BGP Multipath in Inter-AS Option-B     September 2017


   [RFC7432]  Sajassi, A., Ed., Aggarwal, R., Bitar, N., Isaac, A.,
              Uttaro, J., Drake, J., and W. Henderickx, "BGP MPLS-Based
              Ethernet VPN", RFC 7432, DOI 10.17487/RFC7432, February
              2015, <https://www.rfc-editor.org/info/rfc7432>.

13.2.  Informative References

   [RFC3107]  Rekhter, Y. and E. Rosen, "Carrying Label Information in
              BGP-4", RFC 3107, DOI 10.17487/RFC3107, May 2001,
              <https://www.rfc-editor.org/info/rfc3107>.

   [RFC4364]  Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
              Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
              2006, <https://www.rfc-editor.org/info/rfc4364>.

   [RFC6624]  Kompella, K., Kothari, B., and R. Cherukuri, "Layer 2
              Virtual Private Networks Using BGP for Auto-Discovery and
              Signaling", RFC 6624, DOI 10.17487/RFC6624, May 2012,
              <https://www.rfc-editor.org/info/rfc6624>.

   [RFC7911]  Walton, D., Retana, A., Chen, E., and J. Scudder,
              "Advertisement of Multiple Paths in BGP", RFC 7911,
              DOI 10.17487/RFC7911, July 2016,
              <https://www.rfc-editor.org/info/rfc7911>.

Authors' Addresses

   Satya Ranjan Mohanty
   Cisco Systems
   170 W. Tasman Drive
   San Jose, CA  95134
   USA

   Email: satyamoh@cisco.com


   Arjun Sreekantiah
   Cisco Systems
   170 W. Tasman Drive
   San Jose, CA  95134
   USA

   Email: asreekan@cisco.com








Mohanty, et al.          Expires March 14, 2018                 [Page 7]

Internet-Draft     BGP Multipath in Inter-AS Option-B     September 2017


   Dhananjaya Rao
   Cisco Systems
   170 W. Tasman Drive
   San Jose, CA  95134
   USA

   Email: dhrao@cisco.com


   Keyur Patel
   Arrcus, Inc

   Email: keyur@arrcus.com






































Mohanty, et al.          Expires March 14, 2018                 [Page 8]