draft-asati-bgp-mpls-blackhole-avoidance-00.txt 1

BGP/MPLS Traffic Blackhole Avoidance

Proposaldraft-asati-bgp-mpls-blackhole-avoidance-00

Rajiv AsatiRaymond Zhang

Tom NadeauAzhar Sayeed

IETF 68, March 21st 2007Prague

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 2

Agenda Background / Motivation Problem Statement Solution Scope Next Steps

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 3

Background / Motivation MPLS data plane failure may occur due to

LDP failure Label mismatch Forwarding entry corruption Misconfiguration..

The MPLS network pretends to have the reachability to the remote BGP prefixes, even during the (MPLS) data plane failure. The network continues to advertise the prefix reachability

to the outside world.

It is not optimal to attract the (VPN) customer traffic and blackhole it inside the MPLS network. Sub-optimal or Plain WRONG?

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 4

Background / Motivation Deployment scenario#1 – CE2 is dual-homed. The Site1->site2

traffic may get blackholed during the PE1->PE3 LSP failure. Without iBGP multipath at PE1, all site-to-site traffic get blackholed With iBGP multipath at PE1, some traffic get blackholed.

This blackholing may happen independent of whether the LSP is setup in an “ordered” or “independent” mode, though the ordered mode may help to avoid the blackholing during LDP failure.

MPLS Backbone

PE1PE2

CE1

CE2

P1

PE3

P3LSP failure

PE1->PE3 LSP

PE1->PE2 LSP

MP-BGPPE1 selects the

BGP path via PE3

Site#1 Site#2

Routing Protocol

Despite the MPLS data plane failure, PE1 is unaware and CE1 continues to prefer PE1 to deliver the CE2-destined traffic.

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 5

Background / Motivation Deployment Scenario#2 – Single-homed CE2 site connected to CE1

via a backup link, and PE1->P2 LSP fails. Site1->site2 traffic may get blackholed.

CE1 may not activate the backup path (via 2nd SP or ISP, or dial-up or p2p link etc.), since PE1 continues to advertise the reachability to the site#2.

MPLS Backbone

PE1PE2

CE1

CE2

P1P3

Backup link (dial-up/Internet/FR..)

MP-BGP

Site#1 Site#2

LSP failure

PE1->PE2 LSP Routing Protocol

Despite the MPLS data plane failure, CE1 continues to prefer PE1 to deliver the CE2-destined traffic.

Site-to-site Backup link

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 6

Problem Statement

Labeled BGP prefixes (such as VPNv4) depend on the MPLS path to the NEXT_HOP

BGP bestpath selection algorithm currently considers only IP reachability to the NEXT_HOP

BGP is not aware of the MPLS reachability to the NEXT_HOP.

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 7

Solution

BGP to be made aware of the MPLS reachability to the NEXT_HOP. The label availability doesn’t mean much.

‘BGP bestpath selection’ algorithm needs to include ‘MPLS reachability’ to the NEXT_HOP as an additional criterion.

The MPLS reachability to the NEXT_HOP could be validated and recorded in the “LSP Health Database” (LHD).

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 8

Scope of the Draft

Proposes a mechanism (within BGP) to consider the valid "MPLS path" to the NEXT_HOP of the BGP path, before qualifying that BGP path as the bestpath candidate. Valid MPLS path = Functional LSP (not just the label).

Does not intend to Assume that ‘LSP failure’ always equals ‘broken LDP session’. Enforce any particular LSP validation technique and frequency Replace the MPLS FRR Suggest the techniques to keep the LHD* up-to-date Explain how the ‘LSP validation’ should be performed

* LHD=LSP Health Database

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 9

Advantages

After detecting the LSP failure to PE2, PE1 disqualifies the BGP path from PE2.

After PE1 withdraws the route from CE1, CE1 can select the backup path (via 2nd SP, ISP, Dial-up etc), and restore the site-to-site connectivity.

MPLS Backbone

PE1PE2

CE1

CE2

P1P3

Backup link (dial-up/Internet/FR..)

MP-BGP

Site#1 Site#2

LSP failure

PE1->PE2 LSP Routing Protocol

PE1 disqualifies the BGP path via PE2 and withdraws it from CE2

CE1 can reroute the traffic over the alternative path

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 10

Next Step

WG to suggest…

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 11

draft-asati-bgp-mpls-blackhole-avoidance-00.txt

THANK YOU!

draft-asati-bgp-mpls-blackhole-avoidance-00.txt 12

Additional Slide#1

There are a lot of deployments that rely on out-of-band LSP health checks to detect the LSP failure Usage of internal or external toolkit to detect the

LSP failure Such out-of-band mechanisms don’t do

anything wrt MPLS VPN traffic blackholing