bgp flowspec extensions for routing policy distribution
play

BGP FlowSpec extensions for Routing Policy Distribution(RPD) - PowerPoint PPT Presentation

Apr 10, 2024 •425 likes •575 views

BGP FlowSpec extensions for Routing Policy Distribution(RPD) draft-li-idr-flowspec-rpd-01 Zhenbin Li(lizhenbin@huawei.com) Liang Ou(oul@gsta.com) Yujia Luo(luoyuj@gsta.com) Sujian Lu(jasonlu@tencent.com) Shunwan

  1. BGP FlowSpec extensions for Routing Policy Distribution(RPD) draft-li-idr-flowspec-rpd-01 Zhenbin Li(lizhenbin@huawei.com) Liang Ou(oul@gsta.com) Yujia Luo(luoyuj@gsta.com) Sujian Lu(jasonlu@tencent.com) Shunwan Zhuang(zhuangshunwan@huawei.com) Nan Wu(eric.wu@huawei.com) IETF94, Yokohama

  2. Motivation  Provider’s requirements for traffic adjustment: • Business development or network failure introduces link congestion and overload. • Network transmission quality decreased as the result of delay, loss and need to adjust traffic to other paths. • To control OPEX and CPEX, prefer the transit provider with lower price.

  3. Motivation  Drawbacks using traditional routing policy: • Device-based manual provisioning will cause configuration burden and misconfiguration. • Complexity keeps increased gradually and difficulty to maintain. Automatic provisioning mechanism is needed.

  4. Solution  Routing Policy Distribution(RPD) • Taking effect on control plane • Impact decision on remote site  RPD protocol: BGP Flowspec • Filtering rule: destination for prefix1/prefix2 • Action: R-bit introduced, more info carried in new attribute +---+---+---+---+---+---+---+---+ | reserved | R | S | T | +---+---+---+---+---+---+---+---+

  5. Changed from 00 version  Alternate protocol extensions using enhanced Wide Community  One more operator, Tencent, has similar requirements and joined in. Maybe adding new use cases in next version.

  6. RPD Mechanism in Summary +------------------------------------------+ Option I: | BGP Update Message | | | 1. Effective on which routes  Filtered by | | | +-----------------------------------+ | Flowspec NLRI | | Path Attribute | | | | | | 2. Effective on which peers  Filtered by BGP | | | | | | +---------------------+ | | Policy Attribute | | |BGP Policy Attribute | | | | | | | | | 3. Take the action in BGP Policy Attribute | | | | | | | | | | | | | | +---------------------+ | | | | | | | | | | | | | | | | +---------------------+ | | | | |Flow Spec NLRI | | | | | | | | | | | | | | | | | | | | | | | +---------------------+ | | Option II: | | | | | | | | 1. Effective on which routes  Filtered by | | | | | | +---------------------+ | | Flowspec NLRI | | |Wide Community | | | | | | Attribute | | | 2. Effective on which peers  Filtered by | | | | | | | | | | | | | | | | | | Wide Community Attribute | | +---------------------+ | | | | | | 3. Take the action in Wide Community | | | | | +-----------------------------------+ | Attribute | | +------------------------------------------+

  7. Protocol extensions option I(v00)  BGP Policy Attribute • Action field +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ • Attribute structure | Action Type (2 octets) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Action Length (2 octets) | | Match fields (Variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Action Values (Variable) | | | | | | Action fields (Variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | • Action type 1: Route-Preference +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ • Action type 2: Route-Prepend-AS • Match field  Match type +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Match Type (2 octets) | • Value 0: Permit, specifies the permit mode of a match rule +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ • Value 1: Deny, specifies the deny mode of a match rule. | Number of Sub-TLVs (2 octets) |  Sub-TLVs +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ • Type 1: IPv4 Neighbor | | | Sub-TLVs (Variable) | • Type 2: IPv6 Neighbor | | • Type 3: ASN list +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

  8. Protocol extensions option II(v01)  Wide Community is enhanced to filter a set of target routes to apply actions other than act as the attributes of advertised routes.  New Wide Community Atoms 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+ | Type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Value (variable) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  Type 1: Autonomous System number list  Type 2: IPv4 prefix (1 octet prefix length + prefix) list  Type 3: IPv6 prefix (1 octet prefix length + prefix) list  Type 4: Integer list  Type 5: IEEE Floating Point Number list  Type 6: Neighbor Class list  Type 7: User-defined Class list7  Type 8: UTF-8 String  Type TBD: BGP IPv4 neighbor --- Newly introduced in this draft  Type TBD: BGP IPv6 neighbor --- Newly introduced in this draft  Actions of Wide Community can be reused and maybe enhanced in the future.

  9. Application (1)  Inbound traffic control Traffic from PE1 to Prefix1 ----------------------------------->  EBGP peering: +-----------------+ +-------------------------+ | +---------+ | L1 | +----+ +----------+| • Speaker1---L1---IGW1 | |Speaker1 | +------------+ |IGW1| |policy || | +---------+ |** L2**| +----+ |controller|| • Speaker2---L2---IGW1 | | ** ** | +----------+| | +---+ | **** | | • Speaker1---L3---IGW2 | |PE1| | **** | | • Speaker2---L4---IGW2 | +---+ | ** ** | | | +---------+ |** L3**| +----+ | | |Speaker2 | +------------+ |IGW2| AS100(self) |  Requirement: | +---------+ | L4 | +----+ | | | | | • Administration only on AS100 | AS200 | | | | | | ... | • Traffic enter AS100 through L3 | | | | | +---------+ | | +----+ +-------+ | | |Speakern | | | |IGWn| |Prefix1| | Traffic Direction | +---------+ | | +----+ +-------+ | +-----------------+ +-------------------------+ Prefix1 advertises from AS100 to AS200 <----------------------------------------

  10. Encoding Example (1)  Inbound Traffic Control encoding example 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Container Type 1 (1) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |1 0 0 0 0 0 0 0| +-+-+-+-+-+-+-+-+ | Hop Count: 0 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length: 36 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Community: PREPEND N TIMES TO AS 18 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+  As required in the case, | Own ASN 100 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ traffic from PE1 to | Context ASN# 100 | Prefix1 need to enter +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ through L3, so IGWs |ExcTargetTLV(2)| Length: 11 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ except IGW2 should | IPv4Neig(TBD)| Length: 8 | prepend ASN list to +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Prefix1 when populating | Local Speaker #IGW2 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ to AS100. | Remote Speaker #Speaker1 |  As shown in left figure, +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ community "PREPEND N | Param TLV (3) | Length: 7 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ TIMES TO AS" and | Integer (4) | Length: 4 | "Exclude Target(s) TLV" +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ are be used. | Prepend # 5 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

  11. Application (2)  Outbound traffic control Traffic from PE2 to Prefix2 ----------------------------------->  EBGP peering: +-------------------------+ +-----------------+ • IGW1---L1---Speaker1 |+----------+ +----+ |L1 | +---------+ | • IGW1---L2---Speaker2 ||policy | |IGW1| +------------+ |Speaker1 | | ||controller| +----+ |** **| +---------+ | • IGW2---L3---Speaker1 |+----------+ |L2** ** | +-------+| • IGW2---L4---Speaker2 | | **** | |Prefix2|| | | **** | +-------+| | |L3** ** | |  Requirement: | AS100(self) +----+ |** **| +---------+ | | |IGW2| +------------+ |Speaker2 | | • Administration only on AS100 | +----+ |L4 | +---------+ | • Traffic exit through L3 | | | | |+---+ | | AS200 | ||PE2| ... | | | |+---+ | | | | +----+ | | +---------+ | | |IGWn| | | |Speakern | | Traffic Direction | +----+ | | +---------+ | +-------------------------+ +-----------------+ Prefix advertise from AS200 to AS100 <----------------------------------------

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

PCEP Extensions for Service Segment Support in Segment Routing

PCEP Extensions for Service Segment Support in Segment Routing

PCEP Extensions for Service Segment Support in Segment Routing draft-dw-pce-service-segment-routing-00 Qin Wu(bill.wu@huawei.com) Dhruv Dhody (dhruv.ietf@gmail.com ) PCEP Extensions for Service Segment support Objective allow a stateful

380 views • 5 slides
FlowSpec MPLS Match draft-yong-idr-flowspec-mpls-match-00 Lucy Yong, Sue Hares, Qiangdeng Liang,

FlowSpec MPLS Match draft-yong-idr-flowspec-mpls-match-00 Lucy Yong, Sue Hares, Qiangdeng Liang,

FlowSpec MPLS Match draft-yong-idr-flowspec-mpls-match-00 Lucy Yong, Sue Hares, Qiangdeng Liang, Yinjie You @huawei April 2016, Buenos Aires April 2016 IDR WG, IETF 95, Buenos Aires 1 Why this proposal? MPLS is widely used For value

362 views • 13 slides
SSHIX Carrier Presentation April 2019 Agenda 1. GetInsured 834 Extensions and Changes 2.

SSHIX Carrier Presentation April 2019 Agenda 1. GetInsured 834 Extensions and Changes 2.

SSHIX Carrier Presentation April 2019 Agenda 1. GetInsured 834 Extensions and Changes 2. Transition-related Issues 3. Monthly Reconciliation 4. Issuer Enrollment Representative Role 834 Extensions Group or Policy Number Group or Policy

209 views • 20 slides
Fifty Years of Vehicle Routing by Gilbert Laporte Canada Research Chair in Distribution

Fifty Years of Vehicle Routing by Gilbert Laporte Canada Research Chair in Distribution

Fifty Years of Vehicle Routing by Gilbert Laporte Canada Research Chair in Distribution Management HEC Montr eal Vehicle Routing Problem Depot m (or at most m ) identical vehicles based at the depot n customers Distance

386 views • 24 slides
An Algorithm for Routing With Capacitance/Distance Constraints for Clock Distribution in

An Algorithm for Routing With Capacitance/Distance Constraints for Clock Distribution in

An Algorithm for Routing With Capacitance/Distance Constraints for Clock Distribution in Microprocessors Rupesh S. Shelar Technology &amp; Manufacturing Group Intel Corporation, Hillsboro, OR March 31 st 2009, ISPD 2009, San Diego Objective

936 views • 59 slides
Enhanced Efficiency of Mapping Distribution Protocols in Scalable Routing and Addressing

Enhanced Efficiency of Mapping Distribution Protocols in Scalable Routing and Addressing

Enhanced Efficiency of Mapping Distribution Protocols in Scalable Routing and Addressing Architectures K. Sriram, Patrick Gleichmann, Young-Tak Kim, and Doug Montgomery July 2010 National Institute of Standards and Technology National

363 views • 19 slides
4.3 Routing protocols We first look at Routing Tables and routing mechanisms. A routing table has

4.3 Routing protocols We first look at Routing Tables and routing mechanisms. A routing table has

4.3 Routing protocols We first look at Routing Tables and routing mechanisms. A routing table has columns for the destination network (or hosts) with the corresponding cost and the next router address to reach a destination. Additional

1.08k views • 84 slides
Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business

Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business

Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business relationships between ASes Interdomain routing using BGP Advertisements Routing policy Integration with intradomain routing Routing

748 views • 37 slides
Landmark Landmark-based routing based routing Landmark Landmark-based routing based routing

Landmark Landmark-based routing based routing Landmark Landmark-based routing based routing

Landmark Landmark-based routing based routing Landmark Landmark-based routing based routing [Kleinberg04] J. Kleinberg, A. Slivkins, T. Wexler. Triangulation and Embedding using Small Sets of Beacons. Proc. 45th IEEE Symposium on Foundations of

450 views • 32 slides
Glo lobal Routing Security and it its im impact on Policy Development Aftab Siddiqui Senior

Glo lobal Routing Security and it its im impact on Policy Development Aftab Siddiqui Senior

February 2019 Glo lobal Routing Security and it its im impact on Policy Development Aftab Siddiqui Senior Manager, Internet Technology siddiqui@isoc.org Lets understand the problem.. What is the connection between routing security

346 views • 19 slides
Scalable Routing Outline Routing Algorithms Scalability 1 Overview Forwarding vs Routing

Scalable Routing Outline Routing Algorithms Scalability 1 Overview Forwarding vs Routing

Scalable Routing Outline Routing Algorithms Scalability 1 Overview Forwarding vs Routing forwarding: to select an output port based on destination address and routing table routing: process by which routing table is built

543 views • 13 slides
Algebraic metalanguages for routing policy specification Alexander Gurney Computer Laboratory,

Algebraic metalanguages for routing policy specification Alexander Gurney Computer Laboratory,

Algebraic metalanguages for routing policy specification Alexander Gurney Computer Laboratory, University of Cambridge Multi-Service Networks 2006 Coseners House, Abingdon, UK The Metarouting Idea A language for policy Build up

434 views • 39 slides
1 Routing Table Routing Table Destination network Next router

1 Routing Table Routing Table Destination network Next router

Lecture 12. Lecture 12. Introduction to Introduction to IP Routing IP Routing Giuseppe Bianchi Why introduction? Why introduction? Routing: very complex issue need in-depth study entire books on routing our scope: give a

552 views • 19 slides
A Structured Overlay for Non uniform Node Identifier Distribution Based on Flexible Routing

A Structured Overlay for Non uniform Node Identifier Distribution Based on Flexible Routing

IEEE ISCC 2014 June 2014 A Structured Overlay for Non uniform Node Identifier Distribution Based on Flexible Routing Tables Takehiro Miyao, Hiroya Nagao, Kazuyuki Shudo Tokyo Tech Background: Structured Overlay An application level

389 views • 15 slides
Interplay between routing and forwarding routing algorithm Routing Algorithms and Routing local

Interplay between routing and forwarding routing algorithm Routing Algorithms and Routing local

Interplay between routing and forwarding routing algorithm Routing Algorithms and Routing local forwarding table header value output link in the Internet 0100 3 0101 2 0111 2 1001 1 value in arriving packets header 1 0111 2 3

403 views • 8 slides
Ad Hoc Wireless Routing CS 218- Fall 2003 Wireless multihop routing challenges Review of

Ad Hoc Wireless Routing CS 218- Fall 2003 Wireless multihop routing challenges Review of

Ad Hoc Wireless Routing CS 218- Fall 2003 Wireless multihop routing challenges Review of conventional routing schemes Proactive wireless routing Hierarchical routing Reactive (on demand) wireless routing Geographic routing

893 views • 60 slides
A Back-end System for an Autonomous Parking and Charging System for Electric Vehicles Julian

A Back-end System for an Autonomous Parking and Charging System for Electric Vehicles Julian

Institute of Operating Systems and Computer Networks A Back-end System for an Autonomous Parking and Charging System for Electric Vehicles Julian Timpner, Lars Wolf IEVC 2012 Motivation Software Architecture Conclusion V-Charge Project

462 views • 25 slides
Perturbations on autonomous and non-autonomous systems Francisco Balibrea balibrea@um.es

Perturbations on autonomous and non-autonomous systems Francisco Balibrea balibrea@um.es

Perturbations on autonomous and non-autonomous systems Francisco Balibrea balibrea@um.es Departamento de Matem aticas Universidad de Murcia (Spain) ICDEA, Barcelona. July 2012 Two introductory examples x n +1 = ax n where a &gt; 0 x n +1 =

584 views • 39 slides
PNT in smart cities are we ready for autonomous driving? Dorota A. Grejner-Brzezinska

PNT in smart cities are we ready for autonomous driving? Dorota A. Grejner-Brzezinska

PNT in smart cities are we ready for autonomous driving? Dorota A. Grejner-Brzezinska Satellite Positioning and Inertial Navigation (SPIN) Lab IGNSS 2018, February 5-9 , Sydney, Australia Content Smart and connected communities/smart

913 views • 42 slides
TU Wien Autonomous Emergency Braking: A System-of-Systems

TU Wien Autonomous Emergency Braking: A System-of-Systems

TU Wien Autonomous Emergency Braking: A System-of-Systems Perspec9ve H.Kopetz S. Poledna June2013 Outline Introduc9on Autonomous Emergency Braking

1.07k views • 21 slides
Internet Resource Certification (RPKI) Building a More Secure Internet Sint-Maarten Internet Week

Internet Resource Certification (RPKI) Building a More Secure Internet Sint-Maarten Internet Week

Internet Resource Certification (RPKI) Building a More Secure Internet Sint-Maarten Internet Week Carlos Mar2nez Cagnazzo carlos @ lacnic.net A9acks on rou;ng: IP hijacks How Internet number resources are managed IANA ARIN LACNIC APNIC

788 views • 31 slides
LACNIC LACNIC Regional Registry at your services Regional Registry at your services

LACNIC LACNIC Regional Registry at your services Regional Registry at your services

LACNIC LACNIC Regional Registry at your services Regional Registry at your services Sergio Rojas. Sergio Rojas. sergio@lacnic.net sergio@lacnic.net How the Internet work? Is a network of connected devices The

617 views • 16 slides
BGP AS / ISP Security Ranking Raphal Vinot raphael.vinot@gmail.com Conostix Workshop Hack.lu

BGP AS / ISP Security Ranking Raphal Vinot raphael.vinot@gmail.com Conostix Workshop Hack.lu

BGP AS / ISP Security Ranking Raphal Vinot raphael.vinot@gmail.com Conostix Workshop Hack.lu 2010 Raphal Vinot (Conostix) BGP AS / ISP Security Ranking Hack.lu 2010 1 / 33 Table of contents Introduction 1 Basics terms Resources

771 views • 33 slides
Verification of Robotics and Autonomous Deep Learning Verification Systems Safety Definition

Verification of Robotics and Autonomous Deep Learning Verification Systems Safety Definition

Verification of Robotics and Autonomous Systems Xiaowei Huang Challenges Verification of Robotics and Autonomous Deep Learning Verification Systems Safety Definition Challenges Approaches Experimental Results Verification in Xiaowei

1.21k views • 99 slides

More recommend