Praveen%20Muley%20(Alcatel),%20Susan%20Hares%20(NextHop)%20,%20Keyur%20Patel%20(Cisco),%20%20Luyuan%20Fang%20(AT

1
Praveen Muley (Alcatel), Susan Hares (NextHop) ,
Keyur Patel (Cisco), Luyuan Fang (ATT),
Benson Schliesser (Savvis), Nabil Bitar
(Verizon)

• Group Cooperative Route Filtering Capability for
  BGP-4
• draft-muley-hares-idr-orf-order-01.txt

2
Summary

• Policies are being written with multiple ORF
  types that you want to group, but no grouping
  exists
• Want something like a route-map function
• This draft adds missing functionality of relation
  between the ORF entries
• Draft was first presented in San Diego IETF60
• Feedback was to incorporate the deployment
  scenarios.
• New Co-authors have joined.

3
Problem

• Today ORFs expression does logical AND among
  the ORF types and logical OR among the ORF
  entries.
• That may not provide adequate ORF filter
  expression of policy for processing.
• Policies are being written with multiple ORF
  types
• Want to Group and use OR/AND operators across
  ORF entries
• Want something like a route-map function
• Current operational procedures for filtering
  provides AFI/SAFI context only.
• Grouping will give further context granularity in
  the same AFI/SAFI.

4
Solution

• Create Groups of policies that are applied in a
  specific order
• Apply Group policies numerical order (1, 2, 3)
• Apply Group polices before Non-Group polices
• Use defaults in standards or
• Specify defaults (via a new Default ORFs)

5
Current ORF format
AFI (2 octets)
Reserved (1 octet)
SAFI (1 octet)
When to refresh (1 octet)
ORF type (1 octet)
Length of ORFs (2 octets)
First ORF entry (variable)
Second ORF entry (variable)
6
GROUP ORF ID format
Group id (1 octet)
Common ORF Flag (OR)
ORF type (1 octet)
Length of ORFs (2 octets)
First ORF entry (variable)
Second ORF entry (variable)
N- ORF entry (variable)
ORF type (1 octet)
Length of ORFs (2 octets)
First ORF entry (variable)
Second ORF entry (variable)
7
ORF Entry within Group ID
Action (2 bit)
Match (1 bit)
AND/OR (1 bit)
Reserved (4 bits)
Type specific part (variable)

• AND/OR bit (0OR, 1 AND)
• Semantics of the bits in Group ORF impact next
  ORF entries (last ignored)
• ORF-entry-1(AND), ORF-Entry-2 (OR) ,
  ORF-Entry-3(AND) ORF-Entry-4 (I)
• (ORF-Entry-1 AND ORF-Entry2) OR (ORF-Entry-3 and
  ORF-Entry-4)

8
Process

• Group identified by Group id
• Groups a set of ORFs
• ORF procedure same within ORF with exception of
  the AND/OR bit operation
• Apply ORFs in order of Group ID
• Non-Grouped ORFs applied later

9
Uses of Group ORF

• Layer 3 VPN policies
• Policies for Global routing that include all ORFS

10
Two VPN
Customer Site 4 (VRF) City 4 (COM)

CE A2
Customer Site2, City2
PE 4

CE-A4
RR
Customer Site 3 City 3
CE-B3
Customer Site 1, City1
CE -A1
PE 2
VRF Blue
VRF Blue
VRF Blue

Customer Site 3 City 3
VRF- Red
PE 1
CustomerSite 1, City 1
VRF Blue
CE-A5
VRF Red
VRF Red
CE-B1
PE 3
CE-B2
Customer Site 5 City 5
PE 1
CustomerSite 2, City 2
CE-A5
Customer Site 5 City 5
CE-B2

• AFI/SAFI IPVPN
• Group 1 (implicitly Red VPN)
• Extended ORF Type Target Extended Community
• Permit Red
• (AND) ORF Type Community
• Permit City1

(OR) Group 2 (implicitly Blue VPN)
Extended ORF Type Target Extended Community
Permit BLUE (AND)ORF Type
Community Permit City2
11
Prefix and ASPATH

• AFI/SAFI IPV4
• Group 1 permit action
• ORF Type Prefix
• match X, permit
• match Y, permit
• match Z, permit
• (AND) ORF Type ASPATH
• match ASPATH 3,1., permit
• (OR) Group 2 Deny Action
• ORF Type Prefix
• Match prefix( /25) or longer
• (OR) Group 3 Permit Action
• ORF Type Prefix
• Match prefix()

Net X, Y, Z
AS 1
AS 2
AS 3
AS 4