Transcript PPT Version
BGP/MPLS Traffic
Blackhole Avoidance
Proposal
draft-asati-bgp-mpls-blackhole-avoidance-00
Rajiv Asati
Raymond Zhang
Tom Nadeau
Azhar Sayeed
IETF 68, March 21st 2007
Prague
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
1
Agenda
Background / Motivation
Problem Statement
Solution
Scope
Next Steps
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
2
Background / Motivation
MPLS data plane failure may occur due to
The MPLS network pretends to have the reachability to the remote
BGP prefixes, even during the (MPLS) data plane failure.
LDP failure
Label mismatch
Forwarding entry corruption
Misconfiguration..
The network continues to advertise the prefix reachability
to the outside world.
It is not optimal to attract the (VPN) customer traffic and blackhole it
inside the MPLS network.
Sub-optimal or Plain WRONG?
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
3
Background / Motivation
Deployment scenario#1 – CE2 is dual-homed. The Site1->site2
traffic may get blackholed during the PE1->PE3 LSP failure.
Without iBGP multipath at PE1, all site-to-site traffic get blackholed
With iBGP multipath at PE1, some traffic get blackholed.
This blackholing may happen independent of whether the LSP is
setup in an “ordered” or “independent” mode, though the ordered
mode may help to avoid the blackholing during LDP failure.
MP-BGP
PE1 selects the
BGP path via PE3
PE1
PE2
P1
P3
LSP failure
MPLS Backbone
CE1
Site#1
PE1->PE3 LSP
PE1->PE2 LSP
Routing Protocol
PE3
Despite the MPLS data plane failure, PE1
is unaware and CE1 continues to prefer
PE1 to deliver the CE2-destined traffic.
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
CE2
Site#2
4
Background / Motivation
Deployment Scenario#2 – Single-homed CE2 site connected to CE1
via a backup link, and PE1->P2 LSP fails.
Site1->site2 traffic may get blackholed.
CE1 may not activate the backup path (via 2nd SP or ISP, or dial-up
or p2p link etc.), since PE1 continues to advertise the reachability to
the site#2.
MP-BGP
PE1
P1 LSP failure
P3
PE2
CE2
MPLS Backbone
CE1
Backup link
Site#1
PE1->PE2 LSP
Routing Protocol
Site-to-site Backup link
Despite the MPLS data plane
failure, CE1 continues to prefer (dial-up/Internet/FR..)
PE1 to deliver the CE2-destined
traffic.
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
Site#2
5
Problem Statement
Labeled BGP prefixes (such as VPNv4)
depend on the MPLS path to the NEXT_HOP
BGP bestpath selection algorithm currently
considers only IP reachability to the
NEXT_HOP
BGP is not aware of the MPLS reachability to
the NEXT_HOP.
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
6
Solution
BGP to be made aware of the MPLS
reachability to the NEXT_HOP.
The label availability doesn’t mean much.
‘BGP bestpath selection’ algorithm needs to
include ‘MPLS reachability’ to the
NEXT_HOP as an additional criterion.
The MPLS reachability to the NEXT_HOP
could be validated and recorded in the “LSP
Health Database” (LHD).
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
7
Scope of the Draft
Proposes a mechanism (within BGP) to consider the valid "MPLS
path" to the NEXT_HOP of the BGP path, before qualifying that
BGP path as the bestpath candidate.
Valid MPLS path = Functional LSP (not just the label).
Does not intend to
Assume that ‘LSP failure’ always equals ‘broken LDP session’.
Enforce any particular LSP validation technique and frequency
Replace the MPLS FRR
Suggest the techniques to keep the LHD* up-to-date
Explain how the ‘LSP validation’ should be performed
* LHD=LSP Health Database
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
8
Advantages
After detecting the LSP failure to PE2, PE1
disqualifies the BGP path from PE2.
After PE1 withdraws the route from CE1, CE1 can
select the backup path (via 2nd SP, ISP, Dial-up etc),
and restore the site-to-site connectivity.
PE1 disqualifies the
BGP path via PE2 and
withdraws it from CE2
MP-BGP
PE1
P1 LSP failure
P3
PE2
MPLS Backbone
CE2
CE1
Site#1
PE1->PE2 LSP
Routing Protocol
Backup link
CE1 can reroute
(dial-up/Internet/FR..)
the traffic over the
alternative path
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
Site#2
9
Next Step
WG to suggest…
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
10
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
THANK YOU!
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
11
Additional Slide#1
There are a lot of deployments that rely on
out-of-band LSP health checks to detect the
LSP failure
Usage of internal or external toolkit to detect the
LSP failure
Such out-of-band mechanisms don’t do
anything wrt MPLS VPN traffic blackholing
draft-asati-bgp-mpls-blackhole-avoidance-00.txt
12