Internet DRAFT - draft-xu-bess-virtual-subnet-rib-reduction
draft-xu-bess-virtual-subnet-rib-reduction
Network Working Group X. Xu
Internet-Draft Huawei
Intended status: Informational S. Hares
Expires: February 8, 2016 Individual
Y. Fan
China Telecom
C. Jacquenet
Orange
T. Boyes
Bloomberg LP
B. Fee
Extreme Networks
August 7, 2015
RIB Reduction in Virtual Subnet
draft-xu-bess-virtual-subnet-rib-reduction-01
Abstract
Virtual Subnet is a BGP/MPLS IP VPN-based subnet extension solution
which is intended for building Layer3 network virtualization overlays
within and/or across data centers. This document describes a
mechanism for reducing the RIB size of PE routers in the Virtual
Subnet context.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 8, 2016.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved.
Xu, et al. Expires February 8, 2016 [Page 1]
�
Internet-Draft RIB Reduction in Virtual Subnet August 2015
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Solution Description . . . . . . . . . . . . . . . . . . . . 3
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
6. Security Considerations . . . . . . . . . . . . . . . . . . . 5
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
7.1. Normative References . . . . . . . . . . . . . . . . . . 5
7.2. Informative References . . . . . . . . . . . . . . . . . 6
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction
Virtual Subnet [I-D.ietf-bess-virtual-subnet] is a BGP/MPLS IP VPN
[RFC4364] -based subnet extension solution which is intended for
building Layer3 network virtualization overlays within and/or across
data centers. In the Virtual Subnet context, since CE host routes of
a given VPN instance need to be exchanged among PE routers
participating in that VPN instance, the resulting routing table size
of PE routers may become a big concern, especially in large-scale
data center environment where they may need to install a huge amount
of host routes into their routing tables.
[I-D.ietf-bess-virtual-subnet-fib-reduction] describes a method to
reduce the FIB size of PE routers without any change to the RIB and
the routing table. This FIB reduction approach is applicable in the
case where the control plane of PE routers still needs to maintain
all host routes of the attached VPN instances for some reason (e.g.,
to support multicast VPN service). In the case where the control
plane of PE routers doesn't need to maintain all host routes of the
attached VPN instances, the RIB size of PE routers can be reduced as
well which would be beneficial for CPU and memory resource saving
purpose. This document proposes a very simple RIB reduction
mechanism. The basic idea of this mechanism is: remote host routes
Xu, et al. Expires February 8, 2016 [Page 2]
�
Internet-Draft RIB Reduction in Virtual Subnet August 2015
are learnt by PE routers on demand by using the L3VPN Address Prefix
ORF as described in [I-D.xu-bess-l3vpn-prefix-orf].
1.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2. Terminology
This memo makes use of the terms defined in [RFC4364].
3. Solution Description
+------+
+------+ RR +------+
+-----------------+ | +------+ | +-----------------+
|VPN_A:10.1.1.1/24| | | |VPN_A:10.1.1.1/24|
| \ | | | | / |
| +------+ \++---+-+ +-+---++/ +------+ |
| |Host A+------+ PE-1 | | PE-2 +------+Host B| |
| +------+\ ++-+-+-+ +-+-+-++ /+------+ |
| 10.1.1.2/24 | | | | | | 10.1.1.3/24 |
| | | | | | | |
| DC West | | | IP/MPLS Backbone | | | DC East |
+-----------------+ | | | | +-----------------+
| +--------------------+ |
| |
VRF_A : V VRF_A : V
+-------------+---------+--------+ +-------------+---------+--------+
| Prefix | Nexthop |Protocol| | Prefix | Nexthop |Protocol|
+-------------+---------+--------+ +-------------+---------+--------+
|10.1.1.1/32 |127.0.0.1| Direct | |10.1.1.1/32 |127.0.0.1| Direct |
+-------------+---------+--------+ +-------------+---------+--------+
|10.1.1.2/32 |10.1.1.2 | Direct | |10.1.1.3/32 |10.1.1.3 | Direct |
+-------------+---------+--------+ +-------------+---------+--------+
|10.1.1.0/25 | RR | IBGP | |10.1.1.0/25 | RR | IBGP |
+-------------+---------+--------+ +-------------+---------+--------+
|10.1.1.128/25| RR | IBGP | |10.1.1.128/25| RR | IBGP |
+-------------+---------+--------+ +-------------+---------+--------+
|10.1.1.0/24 |10.1.1.1 | Direct | |10.1.1.0/24 |10.1.1.1 | Direct |
+-------------+---------+--------+ +-------------+---------+--------+
Figure 1: RIB Reduction Example
To reduce the RIB size of PE routers in the Virtual Subnet context,
the L3VPN Address Prefix ORF mechanism is used to realize on-demand
Xu, et al. Expires February 8, 2016 [Page 3]
�
Internet-Draft RIB Reduction in Virtual Subnet August 2015
route announcement. Take the VPN instance as shown in Figure 1 as an
example, the RIB reduction procedures are described as follows:
1. PE routers as RR clients advertise host routes for their local CE
hosts to the RR by using Rout Target (RT) ORF [RFC4364] (i.e.,
the RR is configured to advertise route refresh messages
containing a RT-ORF entry corresponding to that VPN instance) or
Route Target (RT) Constrain [RFC4684] (i.e., the RR is configured
to advertise update messages containing RT membership information
corresponding to that VPN instance). Those PE routers belonging
to that VPN instance which don't want to receive remote CE host
routes of that VPN instance would notify the RR not to advertise
any host route to them by using the L3VPN Address Prefix ORF
mechanism (i.e., only requesting L3VPN routes with prefix length
less than 32 (in the VPNv4 case) or 128 (in the VPNv6 case)).
2. Meanwhile, the RR is configured with static routes for more
specific subnets (e.g., 10.1.1.0/25 and 10.1.1.128/25)
corresponding to the extended subnet (e.g., 10.1.1.0/24) with
next-hop being pointed to Null0 and then redistributes these
routes to BGP. In the case where the RR is not available for
transferring L3VPN traffic between PE routers for some reason
(e.g., the RR is running on a server), a particular PE router
other than the RR could be selected to advertise the above more
specific subnet routes as long as that PE router has learnt all
remote host routes belonging to that VPN instance.
3. Upon receiving a packet destined for a remote CE host from a
local CE host, if there is no host route for that remote CE host
in the FIB, the ingress PE router will forward the packet to the
RR according to the longest-matching subnet routes learnt from
the RR, which in turn forwards the packet to the relevant egress
PE router according to the host route learnt from that egress PE
router. As such, the RIB size of PE routers can be greatly
reduced at the cost of path stretch.
4. In order to forward packets destined for that remote CE host
directly to the corresponding egress PE router without any
potential path stretch penalty, ingress PE routers could perform
on-demand route learning of remote host routes by using one of
the following options:
A. Upon receiving an ARP request or Neighbor Solicitation (NS)
message from a local CE host, if there is no CE host route
for that target host in its RIB yetthe ingress PE router
would request the corresponding CE host route for the target
host from its RR by using the L3VPN Address Prefix ORF
mechanism.
Xu, et al. Expires February 8, 2016 [Page 4]
�
Internet-Draft RIB Reduction in Virtual Subnet August 2015
B. Upon receiving a packet whose longest-matching FIB entry is a
particular more specific subnet routes (e.g., 10.1.1.0/25 and
10.1.1.128/25) learnt from the RR, a copy of this packet
would be sent to the control plane while this original packet
is forwarded as normal. The above copy sent to the control
plane would trigger a route pull for that destination CE
host. To provide robust protection against DoS attacks on
the control plane, rate-limiting of the above packets sent to
the control plane MUST be enabled.
5. RIB entries of remote CE host routes would expire if they have
not been used for forwarding for a certain period of time. Once
the expiration time for a given RIB entry is approaching, the PE
router would notify its RR to remove the corresponding L3VPN
Address Prefix ORF entry for that CE host route by using the
L3VPN Address Prefix ORF mechanism.
4. Acknowledgements
TBD.
5. IANA Considerations
There is no requirement for any IANA action.
6. Security Considerations
This document doesn't introduce additional security risk to BGP/MPLS
IP VPN, nor does it provide any additional security feature for BGP/
MPLS IP VPN.
7. References
7.1. Normative References
[I-D.ietf-bess-virtual-subnet]
Xu, X., Raszuk, R., Jacquenet, C., Boyes, T., and B. Fee,
"Virtual Subnet: A BGP/MPLS IP VPN-based Subnet Extension
Solution", draft-ietf-bess-virtual-subnet-00 (work in
progress), June 2015.
[I-D.xu-bess-l3vpn-prefix-orf]
Xu, X., Jacquenet, C., and L. Fang, "L3VPN Address Prefix
Based Outbound Route Filter for BGP-4", draft-xu-bess-
l3vpn-prefix-orf-02 (work in progress), April 2015.
Xu, et al. Expires February 8, 2016 [Page 5]
�
Internet-Draft RIB Reduction in Virtual Subnet August 2015
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>.
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
2006, <http://www.rfc-editor.org/info/rfc4364>.
[RFC4684] Marques, P., Bonica, R., Fang, L., Martini, L., Raszuk,
R., Patel, K., and J. Guichard, "Constrained Route
Distribution for Border Gateway Protocol/MultiProtocol
Label Switching (BGP/MPLS) Internet Protocol (IP) Virtual
Private Networks (VPNs)", RFC 4684, DOI 10.17487/RFC4684,
November 2006, <http://www.rfc-editor.org/info/rfc4684>.
7.2. Informative References
[I-D.ietf-bess-virtual-subnet-fib-reduction]
Xu, X., Jacquenet, C., Boyes, T., Fee, B., and W.
Henderickx, "FIB Reduction in Virtual Subnet", draft-ietf-
bess-virtual-subnet-fib-reduction-01 (work in progress),
July 2015.
Authors' Addresses
Xiaohu Xu
Huawei
Email: xuxiaohu@huawei.com
Susan Hares
Individual
Email: shares@ndzh.com
Yongbing Fan
China Telecom
Email: fanyb@gsta.com
Christian Jacquenet
Orange
Email: christian.jacquenet@orange.com
Xu, et al. Expires February 8, 2016 [Page 6]
�
Internet-Draft RIB Reduction in Virtual Subnet August 2015
Truman Boyes
Bloomberg LP
Email: tboyes@bloomberg.net
Brendan Fee
Extreme Networks
Email: bfee@enterasys.com
Xu, et al. Expires February 8, 2016 [Page 7]
