One Administrative Domain using BGP

One Administrative Domain using BGP AT&T

ju1738@att.com

AT&T

ar977m@att.com

Futurewei Technologies, Inc.

alvaro.retana@futurewei.com

Google

pradosh@google.com

Arrcus, Inc.

keyur@arrcus.com

Comcast

bin_wen@comcast.com

Cisco Systems

dhrao@cisco.com

Juniper Networks

ssangli@juniper.net

Routing Inter-Domain Routing BGP OAD This document defines a new External BGP (EBGP) peering type known as EBGP-OAD. EBGP-OAD peering is used between two EBGP peers that belong to One Administrative Domain (OAD).

Introduction At each EBGP boundary, BGP path attributes are modified as per standard BGP rules . This includes prepending the AS_PATH attribute with the autonomous-system number of the BGP speaker and stripping any IBGP-only attributes. Some networks span more than one autonomous system and require more flexibility in the propagation of path attributes. It is worth noting that these multi-AS networks have a common or single administrative entity. These networks are said to belong to One Administrative Domain (OAD). It is desirable to carry IBGP-only attributes across EBGP peering when the peers belong to OAD. This document defines a new EBGP peering type known as EBGP-OAD. EBGP-OAD peering is used between two EBGP peers that belong to OAD. This document also defines rules for route announcement and processing for EBGP-OAD peers.

Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here.

Discussion Networks have traditionally been demarcated by an autonomous system/BGP border which correlates to an administrative boundary. This paradigm no longer serves the needs of network designers or customers due to the decoupling of IGP from BGP, BGP-free core in the underlay (e.g. using BGP labeled unicast ), the use of BGP to facilitate multiple service overlays (e.g., L2VPN, L3VPN, etc.) spanning multiple regions and AS domains, and the instantiation of customer sites on multiple content service providers (CSPs). For example, sites in a BGP/MPLS VPN may be distributed across different AS domains. In some cases, the administrator of the VPN may prefer that some attributes are propagated to all their sites to influence the BGP decision process. An example could be LOCAL_PREF which is ignored if received on an EBGP session .

Operation defines two types of BGP peerings used during a BGP protocol session. As part of the extensions defined in this document, the EBGP peering is divided into two types:

EBGP as defined in .
EBGP-OAD as defined below.

The EBGP-OAD session is a BGP connection between two external peers in different Autonomous Systems that belong to OAD. In general, the EBGP-OAD speakers follow the EBGP route advertisement, route processing, path attribute announcement and processing rules as defined in . In particular, the handling of all attributes with the Transitive bit set should be done in accordance to the announcement and processing rules defined in . EBGP-OAD speakers are also allowed to announce and receive any IBGP-only or non-transitive attributes . Unless explicitly specified, all non-transitive path attributes MAY be advertised over an EBGP-OAD session. The reception of any path attribute over an EBGP-OAD session MUST NOT result in an error, unless it is malformed. Received path attributes SHOULD NOT be ignored by the receiver, unless directed to by local policy. Unless explicitly specified, the current processes for the advertisement of path attributes remains unchanged when advertised through an EBGP-OAD peering. The process for EBGP advertisement MUST take priority over the process for IBGP advertisement. For example, the AS_PATH attribute is modified as specified in Section 5.1.2 of , bullet b ("BGP speaker advertises the route to an external peer"). An EBGP-OAD speaker MUST support four-octet AS numbers and advertise the "support for four-octet AS number capability" . The following sections describe modifications to route advertisements and path attribute announcements that are specific to the EBGP-OAD peering.

Next Hop Handling It is reasonable for EBGP-OAD peers to share a common Interior Gateway Protocol (IGP). In such a case, the NEXT_HOP attribute and the Next Hop in the MP_REACH_NLRI attribute MAY be left unchanged.

MULTI_EXIT_DISC (MED) Handling The determination of the neighboring AS for the purpose of BGP Route Selection MAY also consider the ASN of the EBGP-OAD peer. If so, all the peers in the receiving ASN MUST be configured to use the same criteria.

Route Reflection BGP Route Reflection is an alternative to full-mesh IBGP. The ORIGINATOR_ID and CLUSTER_LIST attributes MUST NOT be advertised over an EBGP-OAD session. If received, the procedures in apply.

Tunnel Encapsulation Attribute Handling The Tunnel Encapsulation attribute provides information needed to create tunnels and their corresponding tunnel headers. resticts the scope of the attribute announcement within a set of ASes that belong to a single adminstrative entity. Since EBGP-OAD peers belong to a single adminstrative entity, EBGP-OAD peers MUST implement the EBGP-related Tunnel Encapsulation attribute procedures defined in .

PMSI Tunnel Attribute Handling The P-Multicast Service Interface Tunnel (PMSI Tunnel) attribute provides information needed to create multicast tunnels and their corresponding tunnel headers. EBGP-OAD peers MUST impement the EBGP-related PMSI Tunnel attribute procedures defined in .

PE Distinguisher Labels Attribute Handling PE Distinguisher Labels Attribute attribute provides information needed to carry upstream assigned Label values that identifies another PE multicast router. As such, this attribute is only defined to be used inside an AS . EBGP-OAD peers MUST implement the procedures defined in and .

BGPsec_PATH Attribute Handling BGPsec_PATH attribute provides security for the path of Autonomous systems through which a BGP UPDATE message passes. EBGP-OAD peers MUST implement the EBGP-related procedures defined in .

BGP COMMUNITIES Attribute BGP COMMUNITIES is a transitive attribute used to pass additional information to BGP peers. The advertisement semantics do not change. In particular, routes received carrying the COMMUNITIES attribute containing the well-known NO_EXPORT value MUST NOT be advertised across an EBGP-OAD session.

Extended Communities Attribute Handling The Extended Communities Attribute is a transitive attribute that provides a mechanism for labeling information carried in BGP. The Transitive bit is used to indicate whether a particular community is transitive or non-transitive across an Autonomous System (AS) boundary. As described in , the advertisement of transitive extended communities is subject to local policy for EBGP-OAD peerings. Non-transitive extended communities MAY be advertised to peers over an EBGP-OAD session. For example, the Origin Validation State Extended Community can be advertised to peers in the same OAD.

Traffic Engineering Attribute Handling The Traffic Engineering attribute is a non-transitive attribute that enables BGP to carry Traffic Engineering information . This attribute MAY be advertised to peers over an EBGP-OAD session.

IPv6 Address Specific Extended Community Attribute Handling The IPv6 Address Specific Extended Community Attribute is a transitive attribute that carries address information to be used in IPv6-only environments . Modeled after Extended Communities , a particular community in this attribute can be transitive or non-transitive across an Autonomous System (AS) boundary. Non-transitive extended communities MAY be advertised to peers over an EBGP-OAD session.

Accumulated IGP Metric Attribute Handling The Accumulated IGP Metric (AIGP) Attribute allows the advertisement of an accumulated internal routing metric across AS boundaries in an "AIGP administrative domain" . The AIGP attribute is enabled or dissabled on a session by the AIGP_SESSION configuration item. For EBGP-OAD sessions, the default value of AIGP_SESSION SHOULD be "enabled".

BGP-LS Attribute Handling The BGP Link-State (BGP-LS) attribute is used to carry link, node, and prefix parameters and attributes when distributing link-state and TE information using BGP . This attribute MAY be advertised to peers over an EBGP-OAD session.

BGP Role Negotiation Given the intent of OAD, the BGP Role negotiation and OTC Attribute-based procedures specified in are NOT RECOMMENDED to be used between peers in an EBGP-OAD session. The OTC attribute, if present, MUST be preserved unchanged through an EBGP-OAD session. The use and negotiation of BGP Roles between EBGP-OAD peers is outside the scope of this document.

Deployment and Operational Considerations For the EBGP-OAD session to operate as expected, both BGP speakers MUST be configured with the same session type. If only one BGP speaker is configured that way, and the other uses an EBGP session, the result is that some path attributes may be ignored and others will be discarded, but the BGP session will remain operational. The default BGP peering type for a session that is across autonomous systems SHOULD be EBGP. BGP implementation SHOULD provide a configuration-time option to enable the EBGP-OAD session type. If the session type is changed once the BGP connection has been established, the BGP speaker MUST readvertise its entire Adj-RIB-Out to its peer. Requesting a route refresh is RECOMMENDED. The requirement that Import and Export Policies exist SHOULD be disabled if both peers are configured with the EBGP-OAD session type. If multiple peerings exist between two autonomous systems that belong to OAD, all SHOULD be configured consistently. Improper configuration may result in inconsistent or unexpected forwarding. The inconsistent use of EBGP-OAD sessions is out of scope of this document. BGP Confederations provide similar behavior, on a session by session basis, as what is specified in this document. The use of confederations with an EBGP-OAD peering is out of scope of this document. The consideration of the ASN of the EBGP-OAD peer to determine the neighboring AS for MED comparison may result in the creation of persistent route oscillations, similar to the Type II Churn described in . provides solutions and recommendations to address this issue.

IANA Considerations This memo includes no request to IANA.

Security Considerations This extension to BGP does not change the underlying security issues inherent in the existing BGP protocol, such as those described in and . This document defines a new BGP session type which combines the path attribute propagation rules for EBGP and IBGP peering. Any existing security considerations related to existing path attributes apply to the new EBGP-OAD session type. By combining the path attribute propagation rules, IBGP information may now be propagated to another autonomous system. However, it is expected that the new session type will only be enabled when peering with a router that also belongs to OAD. If misconfigured, the impact is minimal due to the fact that both and define mechanisms to deal with unexpected path attributes.

References Normative References Informative References

Acknowledgements TBD