Title: Praveen%20Muley%20(Alcatel),%20Susan%20Hares%20(NextHop)%20,%20Keyur%20Patel%20(Cisco),%20%20Luyuan%20Fang%20(AT
1Praveen Muley (Alcatel), Susan Hares (NextHop) ,
Keyur Patel (Cisco), Luyuan Fang (ATT),
Benson Schliesser (Savvis), Nabil Bitar
(Verizon)
- Group Cooperative Route Filtering Capability for
BGP-4 - draft-muley-hares-idr-orf-order-01.txt
2Summary
- Policies are being written with multiple ORF
types that you want to group, but no grouping
exists - Want something like a route-map function
- This draft adds missing functionality of relation
between the ORF entries - Draft was first presented in San Diego IETF60
- Feedback was to incorporate the deployment
scenarios. - New Co-authors have joined.
3Problem
- Today ORFs expression does logical AND among
the ORF types and logical OR among the ORF
entries. - That may not provide adequate ORF filter
expression of policy for processing. - Policies are being written with multiple ORF
types - Want to Group and use OR/AND operators across
ORF entries - Want something like a route-map function
- Current operational procedures for filtering
provides AFI/SAFI context only. - Grouping will give further context granularity in
the same AFI/SAFI.
4Solution
- Create Groups of policies that are applied in a
specific order - Apply Group policies numerical order (1, 2, 3)
-
- Apply Group polices before Non-Group polices
- Use defaults in standards or
- Specify defaults (via a new Default ORFs)
5Current ORF format
AFI (2 octets)
Reserved (1 octet)
SAFI (1 octet)
When to refresh (1 octet)
ORF type (1 octet)
Length of ORFs (2 octets)
First ORF entry (variable)
Second ORF entry (variable)
6GROUP ORF ID format
Group id (1 octet)
Common ORF Flag (OR)
ORF type (1 octet)
Length of ORFs (2 octets)
First ORF entry (variable)
Second ORF entry (variable)
N- ORF entry (variable)
ORF type (1 octet)
Length of ORFs (2 octets)
First ORF entry (variable)
Second ORF entry (variable)
7ORF Entry within Group ID
Action (2 bit)
Match (1 bit)
AND/OR (1 bit)
Reserved (4 bits)
Type specific part (variable)
- AND/OR bit (0OR, 1 AND)
- Semantics of the bits in Group ORF impact next
ORF entries (last ignored) - ORF-entry-1(AND), ORF-Entry-2 (OR) ,
ORF-Entry-3(AND) ORF-Entry-4 (I) -
- (ORF-Entry-1 AND ORF-Entry2) OR (ORF-Entry-3 and
ORF-Entry-4)
8Process
- Group identified by Group id
- Groups a set of ORFs
- ORF procedure same within ORF with exception of
the AND/OR bit operation - Apply ORFs in order of Group ID
- Non-Grouped ORFs applied later
9Uses of Group ORF
- Layer 3 VPN policies
- Policies for Global routing that include all ORFS
10Two VPN
Customer Site 4 (VRF) City 4 (COM)
CE A2
Customer Site2, City2
PE 4
CE-A4
RR
Customer Site 3 City 3
CE-B3
Customer Site 1, City1
CE -A1
PE 2
VRF Blue
VRF Blue
VRF Blue
Customer Site 3 City 3
VRF- Red
PE 1
CustomerSite 1, City 1
VRF Blue
CE-A5
VRF Red
VRF Red
CE-B1
PE 3
CE-B2
Customer Site 5 City 5
PE 1
CustomerSite 2, City 2
CE-A5
Customer Site 5 City 5
CE-B2
- AFI/SAFI IPVPN
- Group 1 (implicitly Red VPN)
- Extended ORF Type Target Extended Community
- Permit Red
- (AND) ORF Type Community
- Permit City1
-
(OR) Group 2 (implicitly Blue VPN)
Extended ORF Type Target Extended Community
Permit BLUE (AND)ORF Type
Community Permit City2
11Prefix and ASPATH
- AFI/SAFI IPV4
- Group 1 permit action
- ORF Type Prefix
- match X, permit
- match Y, permit
- match Z, permit
- (AND) ORF Type ASPATH
- match ASPATH 3,1., permit
- (OR) Group 2 Deny Action
- ORF Type Prefix
- Match prefix( /25) or longer
- (OR) Group 3 Permit Action
- ORF Type Prefix
- Match prefix()
Net X, Y, Z
AS 1
AS 2
AS 3
AS 4