| Inter-Domain Routing | P. Lapukhov |
| Internet-Draft | |
| Intended status: Standards Track | E. Aries, Ed. |
| Expires: August 6, 2016 | P. Marques |
| Juniper Networks | |
| E. Nkposong | |
| Salesforce.com Inc | |
| February 3, 2016 |
Use of BGP for Opaque Signaling
draft-lapukhov-bgp-opaque-signaling-01
Border Gateway Protocol with multi-protocol extensions (MP-BGP) enables the use of the protocol for dissemination of virtually any information. This document proposes a new Address Family/Subsequent Address Family along with new optional transitive attribute to be used for distribution of opaque data. This functionality is intended to be used by applications other than BGP for exchange of their own data on top of BGP mesh. The structure of such data MAY to be interpreted by the regular BGP speakers, rather the goal is to use BGP purely as a convenient and scalable communication system.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 6, 2016.
Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
Implementation of Multiprotocol Extensions for BGP-4 [RFC4760] gives the ability to pass arbitrary data in BGP protocol messages. This capability has been leveraged by many for dissemination of non-routing related information over BGP (e.g. "Dissemination of Flow Specification Rules" [RFC5575] as well as "North-Bound Distribution of Link-State and TE Information using BGP" [I-D.ietf-idr-ls-distribution]). However, there has been no channel defined explicitly to disseminate data with arbitrary payload. The intended use case is for applications other than BGP to leverage the protocol machinery for distribution (broadcasting) of their own state in the network domain. Publishers and consumers will use BGP UPDATE messages to submit and receive opaque data. It is up to the BGP implementation to provide a custom API for message producers or consumers if needed.
One application of this extension could be auto-discovery of various services in the data-center network that uses BGP as the routing protocol of choice ([I-D.ietf-rtgwg-bgp-routing-large-dc]).
Another application is building and testing new routing protocols or BGP extensions within existing BGP implementation. The new protocol/extension may influence routing either by directly communicating to the RIB/FIB of the router it runs on, or by overriding BGP paths via BGP route injection. An example of such BGP extension could be [WISER]
This document introduces a new AFI known as a "BGP Opaque Data AFI" with the actual value to be assigned by IANA. The purpose of this AFI is to exchange opaque information within a BGP network.
This document introduces a new SAFI known as "BGP Key-Value SAFI" with the actual value to be assigned by IANA. The purpose of this SAFI is exchange of opaque information structured as a Key-Value binding.
A BGP speaker that wishes to exchange Opaque Data MUST use the Multiprotocol Extensions Capability Code, as defined in [RFC4760], to advertise the corresponding AFI/SAFI pair.
This document proposes to implement a distributed, eventually consistent Key-Value store on top of existing BGP protocol mechanics. The "Key" portion is to be encoded as the NLRI part of MP_REACH_NLRI attribute and "Value" encoded using a new optional transitive attribute.
Multiple publishers can advertise the same key (NLRI) bound to different values. It is also possible for the advertised binding to have the same Key-Value pairs but differ in some other BGP attributes. In that case, BGP would follow the best-path selection logic to prevent duplicate information in the network. A consumer will receive the value created by the publisher "closest" in terms of BGP best-path selection logic, based on the policies that exist in the routing domain. This document does not propose any method of achieving global consensus for all published values for a given key.
The encoding scheme proposed below follows the semantics of a Key-Value bindings. The "Key" is stored in the NLRI section of the MP_REACH_NLRI attribute, as shown on Figure 1.
+---------------------------------------------------------+
| Address Family Identifier (2 octets) |
+---------------------------------------------------------+
| Subsequent Address Family Identifier (1 octet) |
+---------------------------------------------------------+
| Length of Next Hop Address (1 octet), must be zero |
+---------------------------------------------------------+
| Reserved (1 octet), must be zero |
+---------------------------------------------------------+
| Opaque Key Length (1 octet) |
+---------------------------------------------------------+
| Opaque Key Data (variable) |
+---------------------------------------------------------+
Figure 1: MP_REACH_NLRI Layout
The "Value" portion of a published binding is to be encoded in a new optional transitive attribute as shown on Figure 2:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type |0 0 0 0| Opaque Value Length | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |
~ ~
| Opaque Value Data (variable) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+..........................
Figure 2: OPAQUE_VALUE attribute layout
Even when the OPAQUE_VALUE optional transitive attribute is not present in BGP advertisement, the BGP implementation MUST still retain Opaque Key (NLRI) in its LocRIB and propagate it further as usual. This case is to be interpreted as an announcement of the key existence.
The removal procedure follows the regular MP-BGP route withdrawal, using the MP_UNREACH_NLRI attribute. This section defines the attribute structure for the new AFI/SAFI.
The message shown on Figure 3 instructs the receiving BGP speaker to delete the N bindings corresponding to Key 1, Key 2 ... Key N if the keys have been previously learned from the withdrawing speaker. If any of the Keys is not found in the LocRIB or has not been previously received from the withdrawing BGP peer, such key removal request MUST be ignored.
+---------------------------------------------------------+
| Address Family Identifier (2 octets) |
+---------------------------------------------------------+
| Subsequent Address Family Identifier (1 octet) |
+---------------------------------------------------------+
| Opaque Key 1 Length (1 octet) |
+---------------------------------------------------------+
| Opaque Key 1 Data (variable) |
+---------------------------------------------------------+
~ ~
| Opaque Key N Length (1 octet) |
+---------------------------------------------------------+
| Opaque Key N Data (variable) |
+---------------------------------------------------------+
Figure 3: MP_UNREACH_NLRI attribute layout
It is possible to propagate multiple values associated with the same key using the Add-Path extension defined in [I-D.ietf-idr-add-paths]. However, this document recommends that instead unique key values be used for this purpose. It is up to the consumers and publishers of the opaque data to settle on single unique value using some kind of consensum protocol.
Limiting the scope of opaque information flooding is an important operational concern. BGP already has the mechanisms needed to control this process, and these mechanisms are briefly reviewed below.
One can leverage mechanics presented in [RFC4684] and use the route-target extended community attribute to identify "channels" where key-value bindings are published. The consumers would signal their interest in particular "channel" by advertising the corresponding router-target membership. The publications then need to contain the router-target extended community attribute to constrain information propagation.
Ad-doc message filtering could be implemented using BGP standard (see [RFC4271]) or extended community attributes (see [RFC4360]). The semantic of these attributes is to determined by the policy and publishers/consumers. Filtering could be done locally on receiving speaker, or on remote speaker, by using outbound route filtering feature defined in [RFC5291].
For the purpose of this work, IANA would be asked to allocate values for the new AFI and SAFI, as well as a value for the new optional transitive attribute.
TBD
This document does not introduce any changes in terms of BGP security.
TBD
| [RFC2119] | Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997. |
| [RFC4271] | Rekhter, Y., Li, T. and S. Hares, "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, DOI 10.17487/RFC4271, January 2006. |