BGP Optimal Route Reflection (BGP-ORR)

Network Layer Reachability Information. Routing Information Base. Autonomous System number. Virtual Routing and Forwarding instance. Provider Edge router Route Reflector Point Of Presence Layer 3 Virtual Private Networks RFC4364 IPv6 Provider Edge Router Interior Gateway Protocol Shortest Path Tree The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in

Following authors substantially contributed to the current format of the document:

Stephane Litkowski Orange 9 rue du chene germain Cesson Sevigne, 35512 France stephane.litkowski@orange.com

Adam Chappell Interoute Communications 31st Floor 25 Canada Square London, E14 5LQ United Kingdom adam.chappell@interoute.com

There are three types of BGP deployments within Autonomous Systems today: full mesh, confederations and route reflection. BGP route reflection is the most popular way to distribute BGP routes between BGP speakers belonging to the same Autonomous System. However, in some situations, this method suffers from non-optimal path selection.

asserts that, because the Interior Gateway Protocol (IGP) cost to a given point in the network will vary across routers, "the route reflection approach may not yield the same route selection result as that of the full IBGP mesh approach." One practical implication of this assertion is that the deployment of route reflection may thwart the ability to achieve hot potato routing. Hot potato routing attempts to direct traffic to the best AS exit point in cases where no higher priority policy dictates otherwise. As a consequence of the route reflection method, the choice of exit point for a route reflector and its clients will be the exit point best for the route reflector - not necessarily the one best for the route reflector clients. Section 11 of describes a deployment approach and a set of constraints which, if satisfied, would result in the deployment of route reflection yielding the same results as the iBGP full mesh approach. This deployment approach makes route reflection compatible with the application of hot potato routing policy. In accordance with these design rules, route reflectors have traditionally often been deployed in the forwarding path and carefully placed on the POP to core boundaries. The evolving model of intra-domain network design has enabled deployments of route reflectors outside of the forwarding path. Initially this model was only employed for new address families, e.g. L3VPNs and L2VPNs, however it has been gradually extended to other BGP address families including IPv4 and IPv6 Internet using either native routing or 6PE. In such environments, hot potato routing policy remains desirable. Route reflectors outside of the forwarding path can be placed on the POP to core boundaries, but they are often placed in arbitrary locations in the core of large networks. Such deployments suffer from a critical drawback in the context of best path selection: A route reflector with knowledge of multiple paths for a given prefix will typically pick its best path and only advertise that best path to its clients. If the best path for a prefix is selected on the basis of an IGP tie break, the path advertised will be the exit point closest to the route reflector. However, the clients are in a different place in the network topology than the route reflector. In networks where the route reflectors are not in the forwarding path, this difference will be even more acute. In addition, there are deployment scenarios where service providers want to have more control in choosing the exit points for clients based on other factors, such as traffic type, traffic load, etc. This further complicates the issue and makes it less likely for the route reflector to select the best path from the client's perspective. It follows that the best path chosen by the route reflector is not necessarily the same as the path which would have been chosen by the client if the client had considered the same set of candidate paths as the route reflector.

One possible valid solution or workaround to the best path selection problem requires sending all domain external paths from the route reflector to all its clients. This approach suffers the significant drawback of pushing a large amount of BGP state to all edge routers. Many networks receive full Internet routing information in a large number of locations. This could easily result in tens of paths for each prefix that would need to be distributed to clients. Notwithstanding this drawback, there are a number of reasons for sending more than just the single best path to the clients. Improved path diversity at the edge is a requirement for fast connectivity restoration, and a requirement for effective BGP level load balancing. In practical terms, add/diverse path deployments are expected to result in the distribution of 2, 3, or n (where n is a small number) good paths rather than all domain external paths. While the route reflector chooses one set of n paths and distributes them to all its route reflector clients, those n paths may not be the right n paths for all clients. In the context of the problem described above, those n paths will not necessarily include the best exit point out of the network for each route reflector client. The mechanisms proposed in this document are likely to be complementary to mechanisms aimed at improving path diversity. Another possibility to optimize exit point selection is the implementation of distributed route reflector functionality at key IGP locations in order to ensure that these locations see their viewpoints respected in exit selection. Typically, however, this requires the installation of physical nodes to implement the reflection, and if exit policy subsequently changes, the reflector placement and position can become inappropriate. To counter the burden of physical installation, it is possible to build a logical overlay of tunnels with appropriate IGP metrics in order to simulate closeness to key locations required to implement exit policy. There is significant complexity overhead in this approach, however, enough so to make it typically undesirable. Trends in control plane decoupling are causing a shift from traditional routers to compute virtualization platforms, or even third-party cloud platforms. As a result, without this proposal, operators are left with a difficult choice for the distribution and reflection of address families with significant exit diversity: centralized path selection, and tolerate the associated suboptimal paths, or defer selection to end clients, but lose potential route scale capacity The latter can be a viable option, but it is clearly a decision that needs to be made on an application and address family basis, with strong consideration for the number of available paths per prefix (which may even vary per prefix range, depending on peering policy, e.g. consider bilateral peerings versus onward transit arrangements)

The goal of this document is to propose a solution to allow a route reflector to choose the best path for its clients that the clients themselves would have chosen had they considered the same set of candidate paths. For purposes of route selection, the perspective of a client can differ from that of a route reflector or another client in two distinct ways: it can, and usually will, have a different position in the IGP topology, and it can have a different routing policy. These factors correspond to the issues described earlier. Accordingly, we propose two distinct modifications to the best path algorithm, to address these two distinct factors. A route reflector can implement either or both of the modifications, as needed, in order to allow it to choose the best path for its clients that the clients themselves would have chosen given the same set of candidate paths. Both modifications rely upon all route reflectors learning all paths that are eligible for consideration. In order to satisfy this requirement, path diversity enhancing mechanisms such as add-path/diverse paths may need to be deployed between route reflectors. A significant advantage of these approaches is that the route reflector clients do not need to run new software or hardware.

The core of this solution is the ability for an operator to specify on a per route reflector basis or per peer/update group basis or per peer basis the virtual IGP location placement of the route reflector. This enables having a given group of clients receive routes with optimal distance to the next hops from the position of the configured virtual IGP location. This also provides for freedom of route reflector location, and allows transient or permanent migration of this network control plane function to an optimal location. The choice of specific granularity is left to the implementation decision. An implementation is considered compliant with the document if it supports at least one listed grouping of virtual IGP location. In this approach, optimal refers to the decision made during best path selection at the IGP metric to BGP next hop comparison step. This approach does not apply to path selection preference based on other policy steps and provisions. The computation of the virtual IGP location with any of the above described granularity is outside of the scope of this document. The operator may configure it manually, implementation may automate it based on specified heuristics, or it can be computed centrally and configured by an external system. In situations where BGP next hop is a BGP prefix itself the IGP metric of a route used for its resolution should be the final IGP cost to reach such next hop. Implementations which can not inform BGP of the final IGP metric to a recursive next hop should treat such paths to be least preferred during next hop metric comparison, however should be still considered valid for best path selection. This solution does not require any BGP or IGP protocol changes, as all required changes are contained within the route reflector implementation. This solution applies to NLRIs of all address families, that can be route reflected.

Optimal route reflection based on virtual IGP location could reflect the best path to the client from IGP cost perspective. However, there are also cases where the client might want the best path based on factors beyond IGP cost. Examples include, but not limited to: Selecting the best path for the clients from a traffic engineering perspective. Dedicating certain exit points for certain ingress points. The solution proposed here allows the user to apply a general policy on the route reflector to select a subset of exit points as the candidate exit points for its clients. For a given client, the policy should also allow the operator to select different candidate exit points for different address families. Regular path selection, including client's perspective IGP based best path selection stated above, will be applied to the candidate paths to select the final paths to advertise to the clients. Since the policy is applied on the route reflector on behalf of its clients, the route reflector will be able to reflect only the optimal paths to its clients. An additional advantage of this approach is that configuration need only be done on a small number of route reflectors, rather than on a significantly larger number of clients.

Depending on the actual deployment scenarios, service providers may configure IGP based optimal route reflection or policy based optimal route reflection. It is also possible to configure both approaches together. In cases where both are configured together, policy based optimal route reflection will be applied first to select the candidate paths, then IGP based optimal route reflection will be applied on top of the candidate paths to select the final path to advertise to the client. The expected use case for optimal route reflection is to avoid reflecting all paths to the client because the client either does not support add-paths or does not have the capacity to process all of the paths. Typically the route reflector would just reflect a single optimal route to the client. However, the solutions MUST NOT prevent reflecting more than one optimal path to the client as path diversity may be desirable for load balancing or fast restoration. In cases where add-path and optimal route reflection are configured together, the route reflector MUST reflect n optimal paths to a client, where n is the add-path count. The most complicated scenario is where add-path is configured together with both IGP based and policy based optimal route reflection. In this scenario, the policy based optimal route reflection will be applied first to select the candidate paths. Subsequently, IGP based optimal route reflection will be applied on top of the candidate paths to select the best n paths to advertise to the client. With IGP based optimal route reflection, even though the virtual IGP location could be specified on a per route reflector basis or per peer/update group basis or per peer basis, in reality, it's most likely to be specified per peer/update group basis. All clients with the same or similar IGP location can be grouped into the same peer/update group. A virtual IGP location is then specified for the peer/update group. The virtual location is usually specified as the location of one of the clients from the peer group or an ABR to the area where clients are located. Also, one or more backup virtual location SHOULD be allowed to be specified for redundancy. Implementations may wish to take advantage of peer group mechanisms in order to provide for better scalability of optimal route reflector client groups with similar properties.

For IGP based optimal route reflection, determining the shortest path and associated cost between any two arbitrary points in a network based on the IGP topology learned by a router is expected to add some extra cost in terms of CPU resources. However, current SPF tree generation code is implemented efficiently in a number of implementations, and therefore this is not expected to be a major drawback. The number of SPTs computed is expected to be of the order of the number of clients of a route reflector whenever a topology change is detected. Advanced optimizations like partial and incremental SPF may also be exploited. The number of SPTs computed is expected to be higher but comparable to some existing deployed features such as (Remote) Loop Free Alternate which computes a (r)SPT per IGP neighbor. For policy based optimal route reflection, there will be some overhead to apply the policy to select the candidate paths. This overhead is comparable to existing BGP export policies therefore should be manageable. By the nature of route reflection, the number of clients can be split arbitrarily by the deployment of more route reflectors for a given number of clients. While this is not expected to be necessary in existing networks with best in class route reflectors available today, this avenue to scaling up the route reflection infrastructure is available. If we consider the overall network wide cost/benefit factor, the only alternative to achieve the same level of optimality would require significantly increasing state on the edges of the network. This will consume CPU and memory resources on all BGP speakers in the network. Building this client perspective into the route reflectors seems appropriate.

The solutions described provide a model for integrating the client perspective into the best path computation for route reflectors. More specifically, the choice of BGP path factors in either the IGP cost between the client and the nexthop (rather than the IGP cost from the route reflector to the nexthop) or other user configured policies. Implementations considered compliant with this document allow the configuration of a logical location from which the best path will be computed, on the basis of either a peer, a peer group, or an entire routing instance. These solutions can be deployed in traditional hop-by-hop forwarding networks as well as in end-to-end tunneled environments. In the networks where there are multiple route reflectors and hop-by-hop forwarding without encapsulation, such optimizations should be enabled in a consistent way on all route reflectors. Otherwise, clients may receive an inconsistent view of the network, in turn leading to intra-domain forwarding loops. With this approach, an ISP can effect a hot potato routing policy even if route reflection has been moved out of the forwarding plane, and hop-by-hop switching has been replaced by end-to-end MPLS or IP encapsulation. As per above, these approaches reduce the amount of state which needs to be pushed to the edge of the network in order to perform hot potato routing. The memory and CPU resources required at the edge of the network to provide hot potato routing using these approaches is lower than what would be required to achieve the same level of optimality by pushing and retaining all available paths (potentially 10s) per each prefix at the edge. The solutions above allow for a fast and safe transition to a BGP control plane using centralized route reflection, without compromising an operator's closest exit operational principle. This enables edge-to-edge LSP/IP encapsulation for traffic to IPv4 and IPv6 prefixes. Regarding the client's IGP best-path selection, it should be self evident that this solution does not interfere with policies enforced above IGP tie breaking in the BGP best path algorithm.

No new security issues are introduced to the BGP protocol by this specification.

This document does not request any IANA allocations.

Authors would like to thank Keyur Patel, Eric Rosen, Clarence Filsfils, Uli Bornhauser, Russ White, Jakob Heitz, Mike Shand, Jon Mitchell, John Scudder, Jeff Haas, Martin Djernaes, Daniele Ceccarelli, Kieran Milne and Job Snijders for their valuable input.