draft-ietf-rtgwg-bgp-routing-large-dc-10.txt   draft-ietf-rtgwg-bgp-routing-large-dc-11.txt 
Routing Area Working Group P. Lapukhov Routing Area Working Group P. Lapukhov
Internet-Draft Facebook Internet-Draft Facebook
Intended status: Informational A. Premji Intended status: Informational A. Premji
Expires: October 29, 2016 Arista Networks Expires: December 6, 2016 Arista Networks
J. Mitchell, Ed. J. Mitchell, Ed.
April 27, 2016 June 4, 2016
Use of BGP for routing in large-scale data centers Use of BGP for routing in large-scale data centers
draft-ietf-rtgwg-bgp-routing-large-dc-10 draft-ietf-rtgwg-bgp-routing-large-dc-11
Abstract Abstract
Some network operators build and operate data centers that support Some network operators build and operate data centers that support
over one hundred thousand servers. In this document, such data over one hundred thousand servers. In this document, such data
centers are referred to as "large-scale" to differentiate them from centers are referred to as "large-scale" to differentiate them from
smaller infrastructures. Environments of this scale have a unique smaller infrastructures. Environments of this scale have a unique
set of network requirements with an emphasis on operational set of network requirements with an emphasis on operational
simplicity and network stability. This document summarizes simplicity and network stability. This document summarizes
operational experience in designing and operating large-scale data operational experience in designing and operating large-scale data
skipping to change at page 1, line 41 skipping to change at page 1, line 41
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 29, 2016. This Internet-Draft will expire on December 6, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 20 skipping to change at page 2, line 20
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Network Design Requirements . . . . . . . . . . . . . . . . . 4 2. Network Design Requirements . . . . . . . . . . . . . . . . . 4
2.1. Bandwidth and Traffic Patterns . . . . . . . . . . . . . 4 2.1. Bandwidth and Traffic Patterns . . . . . . . . . . . . . 4
2.2. CAPEX Minimization . . . . . . . . . . . . . . . . . . . 4 2.2. CAPEX Minimization . . . . . . . . . . . . . . . . . . . 4
2.3. OPEX Minimization . . . . . . . . . . . . . . . . . . . . 5 2.3. OPEX Minimization . . . . . . . . . . . . . . . . . . . . 5
2.4. Traffic Engineering . . . . . . . . . . . . . . . . . . . 5 2.4. Traffic Engineering . . . . . . . . . . . . . . . . . . . 5
2.5. Summarized Requirements . . . . . . . . . . . . . . . . . 5 2.5. Summarized Requirements . . . . . . . . . . . . . . . . . 6
3. Data Center Topologies Overview . . . . . . . . . . . . . . . 6 3. Data Center Topologies Overview . . . . . . . . . . . . . . . 6
3.1. Traditional DC Topology . . . . . . . . . . . . . . . . . 6 3.1. Traditional DC Topology . . . . . . . . . . . . . . . . . 6
3.2. Clos Network topology . . . . . . . . . . . . . . . . . . 7 3.2. Clos Network topology . . . . . . . . . . . . . . . . . . 7
3.2.1. Overview . . . . . . . . . . . . . . . . . . . . . . 7 3.2.1. Overview . . . . . . . . . . . . . . . . . . . . . . 7
3.2.2. Clos Topology Properties . . . . . . . . . . . . . . 8 3.2.2. Clos Topology Properties . . . . . . . . . . . . . . 8
3.2.3. Scaling the Clos topology . . . . . . . . . . . . . . 9 3.2.3. Scaling the Clos topology . . . . . . . . . . . . . . 9
3.2.4. Managing the Size of Clos Topology Tiers . . . . . . 10 3.2.4. Managing the Size of Clos Topology Tiers . . . . . . 10
4. Data Center Routing Overview . . . . . . . . . . . . . . . . 11 4. Data Center Routing Overview . . . . . . . . . . . . . . . . 11
4.1. Layer 2 Only Designs . . . . . . . . . . . . . . . . . . 11 4.1. Layer 2 Only Designs . . . . . . . . . . . . . . . . . . 11
4.2. Hybrid L2/L3 Designs . . . . . . . . . . . . . . . . . . 12 4.2. Hybrid L2/L3 Designs . . . . . . . . . . . . . . . . . . 12
4.3. Layer 3 Only Designs . . . . . . . . . . . . . . . . . . 12 4.3. Layer 3 Only Designs . . . . . . . . . . . . . . . . . . 12
5. Routing Protocol Selection and Design . . . . . . . . . . . . 13 5. Routing Protocol Design . . . . . . . . . . . . . . . . . . . 13
5.1. Choosing EBGP as the Routing Protocol . . . . . . . . . . 13 5.1. Choosing EBGP as the Routing Protocol . . . . . . . . . . 13
5.2. EBGP Configuration for Clos topology . . . . . . . . . . 15 5.2. EBGP Configuration for Clos topology . . . . . . . . . . 15
5.2.1. EBGP Configuration Guidelines and Example ASN Scheme 15 5.2.1. EBGP Configuration Guidelines and Example ASN Scheme 15
5.2.2. Private Use ASNs . . . . . . . . . . . . . . . . . . 16 5.2.2. Private Use ASNs . . . . . . . . . . . . . . . . . . 16
5.2.3. Prefix Advertisement . . . . . . . . . . . . . . . . 17 5.2.3. Prefix Advertisement . . . . . . . . . . . . . . . . 17
5.2.4. External Connectivity . . . . . . . . . . . . . . . . 18 5.2.4. External Connectivity . . . . . . . . . . . . . . . . 18
5.2.5. Route Summarization at the Edge . . . . . . . . . . . 19 5.2.5. Route Summarization at the Edge . . . . . . . . . . . 19
6. ECMP Considerations . . . . . . . . . . . . . . . . . . . . . 19 6. ECMP Considerations . . . . . . . . . . . . . . . . . . . . . 20
6.1. Basic ECMP . . . . . . . . . . . . . . . . . . . . . . . 20 6.1. Basic ECMP . . . . . . . . . . . . . . . . . . . . . . . 20
6.2. BGP ECMP over Multiple ASNs . . . . . . . . . . . . . . . 21 6.2. BGP ECMP over Multiple ASNs . . . . . . . . . . . . . . . 21
6.3. Weighted ECMP . . . . . . . . . . . . . . . . . . . . . . 21 6.3. Weighted ECMP . . . . . . . . . . . . . . . . . . . . . . 21
6.4. Consistent Hashing . . . . . . . . . . . . . . . . . . . 22 6.4. Consistent Hashing . . . . . . . . . . . . . . . . . . . 22
7. Routing Convergence Properties . . . . . . . . . . . . . . . 22 7. Routing Convergence Properties . . . . . . . . . . . . . . . 22
7.1. Fault Detection Timing . . . . . . . . . . . . . . . . . 22 7.1. Fault Detection Timing . . . . . . . . . . . . . . . . . 22
7.2. Event Propagation Timing . . . . . . . . . . . . . . . . 23 7.2. Event Propagation Timing . . . . . . . . . . . . . . . . 23
7.3. Impact of Clos Topology Fan-outs . . . . . . . . . . . . 23 7.3. Impact of Clos Topology Fan-outs . . . . . . . . . . . . 23
7.4. Failure Impact Scope . . . . . . . . . . . . . . . . . . 24 7.4. Failure Impact Scope . . . . . . . . . . . . . . . . . . 24
7.5. Routing Micro-Loops . . . . . . . . . . . . . . . . . . . 25 7.5. Routing Micro-Loops . . . . . . . . . . . . . . . . . . . 25
8. Additional Options for Design . . . . . . . . . . . . . . . . 26 8. Additional Options for Design . . . . . . . . . . . . . . . . 26
8.1. Third-party Route Injection . . . . . . . . . . . . . . . 26 8.1. Third-party Route Injection . . . . . . . . . . . . . . . 26
8.2. Route Summarization within Clos Topology . . . . . . . . 26 8.2. Route Summarization within Clos Topology . . . . . . . . 26
8.2.1. Collapsing Tier-1 Devices Layer . . . . . . . . . . . 27 8.2.1. Collapsing Tier-1 Devices Layer . . . . . . . . . . . 27
8.2.2. Simple Virtual Aggregation . . . . . . . . . . . . . 28 8.2.2. Simple Virtual Aggregation . . . . . . . . . . . . . 29
8.3. ICMP Unreachable Message Masquerading . . . . . . . . . . 29 8.3. ICMP Unreachable Message Masquerading . . . . . . . . . . 29
9. Security Considerations . . . . . . . . . . . . . . . . . . . 29 9. Security Considerations . . . . . . . . . . . . . . . . . . . 30
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 30
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 30 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 31
12.1. Normative References . . . . . . . . . . . . . . . . . . 30 12.1. Normative References . . . . . . . . . . . . . . . . . . 31
12.2. Informative References . . . . . . . . . . . . . . . . . 30 12.2. Informative References . . . . . . . . . . . . . . . . . 31
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 34 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 35
1. Introduction 1. Introduction
This document describes a practical routing design that can be used This document describes a practical routing design that can be used
in a large-scale data center ("DC") design. Such data centers, also in a large-scale data center (DC) design. Such data centers, also
known as hyper-scale or warehouse-scale data centers, have a unique known as hyper-scale or warehouse-scale data centers, have a unique
attribute of supporting over a hundred thousand servers. In order to attribute of supporting over a hundred thousand servers. In order to
accommodate networks of this scale, operators are revisiting accommodate networks of this scale, operators are revisiting
networking designs and platforms to address this need. networking designs and platforms to address this need.
The design presented in this document is based on operational The design presented in this document is based on operational
experience with data centers built to support large-scale distributed experience with data centers built to support large-scale distributed
software infrastructure, such as a Web search engine. The primary software infrastructure, such as a Web search engine. The primary
requirements in such an environment are operational simplicity and requirements in such an environment are operational simplicity and
network stability so that a small group of people can effectively network stability so that a small group of people can effectively
skipping to change at page 3, line 50 skipping to change at page 3, line 50
explores ideas for further enhancements. explores ideas for further enhancements.
This document first presents an overview of network design This document first presents an overview of network design
requirements and considerations for large-scale data centers. Then requirements and considerations for large-scale data centers. Then
traditional hierarchical data center network topologies are traditional hierarchical data center network topologies are
contrasted with Clos networks [CLOS1953] that are horizontally scaled contrasted with Clos networks [CLOS1953] that are horizontally scaled
out. This is followed by arguments for selecting EBGP with a Clos out. This is followed by arguments for selecting EBGP with a Clos
topology as the most appropriate routing protocol to meet the topology as the most appropriate routing protocol to meet the
requirements and the proposed design is described in detail. requirements and the proposed design is described in detail.
Finally, this document reviews some additional considerations and Finally, this document reviews some additional considerations and
design options. design options. A thorough understanding of BGP is assumed by a
reader planning on deploying the design described within the
document.
2. Network Design Requirements 2. Network Design Requirements
This section describes and summarizes network design requirements for This section describes and summarizes network design requirements for
large-scale data centers. large-scale data centers.
2.1. Bandwidth and Traffic Patterns 2.1. Bandwidth and Traffic Patterns
The primary requirement when building an interconnection network for The primary requirement when building an interconnection network for
a large number of servers is to accommodate application bandwidth and a large number of servers is to accommodate application bandwidth and
skipping to change at page 7, line 29 skipping to change at page 7, line 29
| | | | | | | |
| | | | | | | |
| +-----+ | | +-----+ | | +-----+ | | +-----+ |
+-| |-+ +-| |-+ Tier-3 +-| |-+ +-| |-+ Tier-3
+-----+ +-----+ +-----+ +-----+
| | | | | | | | | | | |
<- Servers -> <- Servers -> <- Servers -> <- Servers ->
Figure 1: Typical DC network topology Figure 1: Typical DC network topology
Unfortunately, as noted previously, it is not possible to scale a
tree based design to a large enough degree to handle large-scale
designs due to the inability to be able to acquire Tier-1 devices
with a large enough port density to sufficiently scale Tier-2. Also,
continous upgrades or replacement of the upper tier devices are
required as deployment size or bandwidth requirements increase which
is operationally complex. For this reason, REQ1 is in place,
eliminating this type of design from consideration.
3.2. Clos Network topology 3.2. Clos Network topology
This section describes a common design for horizontally scalable This section describes a common design for horizontally scalable
topology in large-scale data centers in order to meet REQ1. topology in large-scale data centers in order to meet REQ1.
3.2.1. Overview 3.2.1. Overview
A common choice for a horizontally scalable topology is a folded Clos A common choice for a horizontally scalable topology is a folded Clos
topology, sometimes called "fat-tree" (see, for example, [INTERCON] topology, sometimes called "fat-tree" (see, for example, [INTERCON]
and [ALFARES2008]). This topology features an odd number of stages and [ALFARES2008]). This topology features an odd number of stages
skipping to change at page 13, line 14 skipping to change at page 13, line 14
Choosing a Layer 3 only design greatly simplifies the network, Choosing a Layer 3 only design greatly simplifies the network,
facilitating the meeting of REQ1 and REQ2, and has widespread facilitating the meeting of REQ1 and REQ2, and has widespread
adoption in networks where large Layer 2 adjacency and larger size adoption in networks where large Layer 2 adjacency and larger size
Layer 3 subnets are not as critical compared to network scalability Layer 3 subnets are not as critical compared to network scalability
and stability. Application providers and network operators continue and stability. Application providers and network operators continue
to develop new solutions to meet some of the requirements that to develop new solutions to meet some of the requirements that
previously had driven large Layer 2 domains by using various overlay previously had driven large Layer 2 domains by using various overlay
or tunneling techniques. or tunneling techniques.
5. Routing Protocol Selection and Design 5. Routing Protocol Design
In this section the motivations for using External BGP (EBGP) as the In this section the motivations for using External BGP (EBGP) as the
single routing protocol for data center networks having a Layer 3 single routing protocol for data center networks having a Layer 3
protocol design and Clos topology are reviewed. Then, a practical protocol design and Clos topology are reviewed. Then, a practical
approach for designing an EBGP based network is provided. approach for designing an EBGP based network is provided.
5.1. Choosing EBGP as the Routing Protocol 5.1. Choosing EBGP as the Routing Protocol
REQ2 would give preference to the selection of a single routing REQ2 would give preference to the selection of a single routing
protocol to reduce complexity and interdependencies. While it is protocol to reduce complexity and interdependencies. While it is
skipping to change at page 14, line 34 skipping to change at page 14, line 34
o BGP supports third-party (recursively resolved) next-hops. This o BGP supports third-party (recursively resolved) next-hops. This
allows for manipulating multipath to be non-ECMP based or allows for manipulating multipath to be non-ECMP based or
forwarding based on application-defined paths, through forwarding based on application-defined paths, through
establishment of a peering session with an application establishment of a peering session with an application
"controller" which can inject routing information into the system, "controller" which can inject routing information into the system,
satisfying REQ5. OSPF provides similar functionality using satisfying REQ5. OSPF provides similar functionality using
concepts such as "Forwarding Address", but with more difficulty in concepts such as "Forwarding Address", but with more difficulty in
implementation and far less control of information propagation implementation and far less control of information propagation
scope. scope.
o Using a well-defined ASN allocation scheme and standard AS_PATH o Using a well-defined Autonomous System Number (ASN) allocation
loop detection, "BGP path hunting" (see [JAKMA2008]) can be scheme and standard AS_PATH loop detection, "BGP path hunting"
controlled and complex unwanted paths will be ignored. See (see [JAKMA2008]) can be controlled and complex unwanted paths
Section 5.2 for an example of a working ASN allocation scheme. In will be ignored. See Section 5.2 for an example of a working ASN
a link-state IGP accomplishing the same goal would require multi- allocation scheme. In a link-state IGP accomplishing the same
(instance/topology/process) support, typically not available in goal would require multi-(instance/topology/process) support,
all DC devices and quite complex to configure and troubleshoot. typically not available in all DC devices and quite complex to
Using a traditional single flooding domain, which most DC designs configure and troubleshoot. Using a traditional single flooding
utilize, under certain failure conditions may pick up unwanted domain, which most DC designs utilize, under certain failure
lengthy paths, e.g., traversing multiple Tier-2 devices. conditions may pick up unwanted lengthy paths, e.g., traversing
multiple Tier-2 devices.
o EBGP configuration that is implemented with minimal routing policy o EBGP configuration that is implemented with minimal routing policy
is easier to troubleshoot for network reachability issues. In is easier to troubleshoot for network reachability issues. In
most implementations, it is straightforward to view contents of most implementations, it is straightforward to view contents of
BGP Loc-RIB and compare it to the router's RIB. Also, in most BGP Loc-RIB and compare it to the router's RIB. Also, in most
implementations an operator can view every BGP neighbors Adj-RIB- implementations an operator can view every BGP neighbors Adj-RIB-
In and Adj-RIB-Out structures and therefore incoming and outgoing In and Adj-RIB-Out structures and therefore incoming and outgoing
NLRI information can be easily correlated on both sides of a BGP NLRI information can be easily correlated on both sides of a BGP
session. Thus, BGP satisfies REQ3. session. Thus, BGP satisfies REQ3.
skipping to change at page 16, line 48 skipping to change at page 16, line 48
network devices may exceed this number, a workaround is required. network devices may exceed this number, a workaround is required.
One approach is to re-use the ASNs assigned to the Tier-3 devices One approach is to re-use the ASNs assigned to the Tier-3 devices
across different clusters. For example, Private Use ASNs 65001, across different clusters. For example, Private Use ASNs 65001,
65002 ... 65032 could be used within every individual cluster and 65002 ... 65032 could be used within every individual cluster and
assigned to Tier-3 devices. assigned to Tier-3 devices.
To avoid route suppression due to the AS_PATH loop detection To avoid route suppression due to the AS_PATH loop detection
mechanism in BGP, upstream EBGP sessions on Tier-3 devices must be mechanism in BGP, upstream EBGP sessions on Tier-3 devices must be
configured with the "AllowAS In" feature [ALLOWASIN] that allows configured with the "AllowAS In" feature [ALLOWASIN] that allows
accepting a device's own ASN in received route advertisements. accepting a device's own ASN in received route advertisements.
Introducing this feature does not make it likely for routing loops in Although this feature is not standarized, it is widely available
the design since the AS_PATH is being added to by routers at each of accross multiple vendors implementations. Introducing this feature
the topology tiers and AS_PATH length is an early tie breaker in the does not make routing loops more likely in the design since the
BGP path selection process. Further loop protection is still in AS_PATH is being added to by routers at each of the topology tiers
place at the Tier-1 device, which will not accept routes with a path and AS_PATH length is an early tie breaker in the BGP path selection
including its own ASN and Tier-2 devices do not have direct process. Further loop protection is still in place at the Tier-1
connectivity with each other. device, which will not accept routes with a path including its own
ASN and Tier-2 devices do not have direct connectivity with each
other.
Another solution to this problem would be using Four-Octet ASNs Another solution to this problem would be using Four-Octet ASNs
([RFC6793]), where there are additional Private Use ASNs available, ([RFC6793]), where there are additional Private Use ASNs available,
see [IANA.AS]. Use of Four-Octet ASNs puts additional protocol see [IANA.AS]. Use of Four-Octet ASNs puts additional protocol
complexity in the BGP implementation and should be balanced against complexity in the BGP implementation and should be balanced against
the complexity of re-use when considering REQ3 and REQ4. Perhaps the complexity of re-use when considering REQ3 and REQ4. Perhaps
more importantly, they are not yet supported by all BGP more importantly, they are not yet supported by all BGP
implementations, which may limit vendor selection of DC equipment. implementations, which may limit vendor selection of DC equipment.
When supported, ensure that deployed implementations are able to When supported, ensure that deployed implementations are able to
remove the Private Use ASNs when external connectivity remove the Private Use ASNs when external connectivity
(Section 5.2.4) to these ASNs is required. (Section 5.2.4) to these ASNs is required.
5.2.3. Prefix Advertisement 5.2.3. Prefix Advertisement
A Clos topology features a large number of point-to-point links and A Clos topology features a large number of point-to-point links and
associated prefixes. Advertising all of these routes into BGP may associated prefixes. Advertising all of these routes into BGP may
create FIB overload in the network devices. Advertising these links create Forwarding Information Base (FIB) overload in the network
also puts additional path computation stress on the BGP control plane devices. Advertising these links also puts additional path
for little benefit. There are two possible solutions: computation stress on the BGP control plane for little benefit.
There are two possible solutions:
o Do not advertise any of the point-to-point links into BGP. Since o Do not advertise any of the point-to-point links into BGP. Since
the EBGP-based design changes the next-hop address at every the EBGP-based design changes the next-hop address at every
device, distant networks will automatically be reachable via the device, distant networks will automatically be reachable via the
advertising EBGP peer and do not require reachability to these advertising EBGP peer and do not require reachability to these
prefixes. However, this may complicate operations or monitoring: prefixes. However, this may complicate operations or monitoring:
e.g., using the popular "traceroute" tool will display IP e.g., using the popular "traceroute" tool will display IP
addresses that are not reachable. addresses that are not reachable.
o Advertise point-to-point links, but summarize them on every o Advertise point-to-point links, but summarize them on every
skipping to change at page 29, line 42 skipping to change at page 30, line 17
Another option is to make the network device perform IP address Another option is to make the network device perform IP address
masquerading, that is rewriting the source IP addresses of the masquerading, that is rewriting the source IP addresses of the
appropriate ICMP messages sent by the device with the "primary" IP appropriate ICMP messages sent by the device with the "primary" IP
address of the device. Specifically, the ICMP Destination address of the device. Specifically, the ICMP Destination
Unreachable Message (type 3) codes 3 (port unreachable) and ICMP Time Unreachable Message (type 3) codes 3 (port unreachable) and ICMP Time
Exceeded (type 11) code 0, which are required for correct operation Exceeded (type 11) code 0, which are required for correct operation
of the "traceroute" tool. With this modification, the "traceroute" of the "traceroute" tool. With this modification, the "traceroute"
probes sent to the devices will always be sent back with the probes sent to the devices will always be sent back with the
"primary" IP address as the source, allowing the operator to discover "primary" IP address as the source, allowing the operator to discover
the "reachable" IP address of the box. This has the downside of the "reachable" IP address of the box. This has the downside of
hiding the address of the "entry point" into the device. hiding the address of the "entry point" into the device. If the
devices support [RFC5837], this may allow the best of both worlds by
providing the information about the incoming interface even if the
return address is the "primary" IP address.
9. Security Considerations 9. Security Considerations
The design does not introduce any additional security concerns. The design does not introduce any additional security concerns.
General BGP security considerations are discussed in [RFC4271] and General BGP security considerations are discussed in [RFC4271] and
[RFC4272]. Furthermore, the Generalized TTL Security Mechanism [RFC4272]. Since a DC is a single operator domain, this document
[RFC5082] could be used to reduce the risk of BGP session spoofing. assumes that edge filtering is in place to prevent attacks against
the BGP sessions themselves from outside the perimeter of the DC.
This may be a more feasible option for most deployments than having
to deal with key management for TCP-MD5 as described in [RFC2385] or
dealing with the lack of implementations available at the time of
this document of [RFC5925]. The Generalized TTL Security Mechanism
[RFC5082] could also be used to further reduce the risk of BGP
session spoofing.
10. IANA Considerations 10. IANA Considerations
This document includes no request to IANA. This document includes no request to IANA.
11. Acknowledgements 11. Acknowledgements
This publication summarizes work of many people who participated in This publication summarizes work of many people who participated in
developing, testing and deploying the proposed network design, some developing, testing and deploying the proposed network design, some
of whom were George Chen, Parantap Lahiri, Dave Maltz, Edet Nkposong, of whom were George Chen, Parantap Lahiri, Dave Maltz, Edet Nkposong,
skipping to change at page 30, line 39 skipping to change at page 31, line 24
[RFC6996] Mitchell, J., "Autonomous System (AS) Reservation for [RFC6996] Mitchell, J., "Autonomous System (AS) Reservation for
Private Use", BCP 6, RFC 6996, DOI 10.17487/RFC6996, July Private Use", BCP 6, RFC 6996, DOI 10.17487/RFC6996, July
2013, <http://www.rfc-editor.org/info/rfc6996>. 2013, <http://www.rfc-editor.org/info/rfc6996>.
12.2. Informative References 12.2. Informative References
[RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328,
DOI 10.17487/RFC2328, April 1998, DOI 10.17487/RFC2328, April 1998,
<http://www.rfc-editor.org/info/rfc2328>. <http://www.rfc-editor.org/info/rfc2328>.
[RFC2385] Heffernan, A., "Protection of BGP Sessions via the TCP MD5
Signature Option", RFC 2385, DOI 10.17487/RFC2385, August
1998, <http://www.rfc-editor.org/info/rfc2385>.
[RFC2992] Hopps, C., "Analysis of an Equal-Cost Multi-Path [RFC2992] Hopps, C., "Analysis of an Equal-Cost Multi-Path
Algorithm", RFC 2992, DOI 10.17487/RFC2992, November 2000, Algorithm", RFC 2992, DOI 10.17487/RFC2992, November 2000,
<http://www.rfc-editor.org/info/rfc2992>. <http://www.rfc-editor.org/info/rfc2992>.
[RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis",
RFC 4272, DOI 10.17487/RFC4272, January 2006, RFC 4272, DOI 10.17487/RFC4272, January 2006,
<http://www.rfc-editor.org/info/rfc4272>. <http://www.rfc-editor.org/info/rfc4272>.
[RFC4277] McPherson, D. and K. Patel, "Experience with the BGP-4 [RFC4277] McPherson, D. and K. Patel, "Experience with the BGP-4
Protocol", RFC 4277, DOI 10.17487/RFC4277, January 2006, Protocol", RFC 4277, DOI 10.17487/RFC4277, January 2006,
skipping to change at page 31, line 14 skipping to change at page 31, line 49
[RFC4786] Abley, J. and K. Lindqvist, "Operation of Anycast [RFC4786] Abley, J. and K. Lindqvist, "Operation of Anycast
Services", BCP 126, RFC 4786, DOI 10.17487/RFC4786, Services", BCP 126, RFC 4786, DOI 10.17487/RFC4786,
December 2006, <http://www.rfc-editor.org/info/rfc4786>. December 2006, <http://www.rfc-editor.org/info/rfc4786>.
[RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., Ed., and C. [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., Ed., and C.
Pignataro, "The Generalized TTL Security Mechanism Pignataro, "The Generalized TTL Security Mechanism
(GTSM)", RFC 5082, DOI 10.17487/RFC5082, October 2007, (GTSM)", RFC 5082, DOI 10.17487/RFC5082, October 2007,
<http://www.rfc-editor.org/info/rfc5082>. <http://www.rfc-editor.org/info/rfc5082>.
[RFC5837] Atlas, A., Ed., Bonica, R., Ed., Pignataro, C., Ed., Shen,
N., and JR. Rivers, "Extending ICMP for Interface and
Next-Hop Identification", RFC 5837, DOI 10.17487/RFC5837,
April 2010, <http://www.rfc-editor.org/info/rfc5837>.
[RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection
(BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010, (BFD)", RFC 5880, DOI 10.17487/RFC5880, June 2010,
<http://www.rfc-editor.org/info/rfc5880>. <http://www.rfc-editor.org/info/rfc5880>.
[RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP
Authentication Option", RFC 5925, DOI 10.17487/RFC5925,
June 2010, <http://www.rfc-editor.org/info/rfc5925>.
[RFC6325] Perlman, R., Eastlake 3rd, D., Dutt, D., Gai, S., and A. [RFC6325] Perlman, R., Eastlake 3rd, D., Dutt, D., Gai, S., and A.
Ghanwani, "Routing Bridges (RBridges): Base Protocol Ghanwani, "Routing Bridges (RBridges): Base Protocol
Specification", RFC 6325, DOI 10.17487/RFC6325, July 2011, Specification", RFC 6325, DOI 10.17487/RFC6325, July 2011,
<http://www.rfc-editor.org/info/rfc6325>. <http://www.rfc-editor.org/info/rfc6325>.
[RFC6769] Raszuk, R., Heitz, J., Lo, A., Zhang, L., and X. Xu, [RFC6769] Raszuk, R., Heitz, J., Lo, A., Zhang, L., and X. Xu,
"Simple Virtual Aggregation (S-VA)", RFC 6769, "Simple Virtual Aggregation (S-VA)", RFC 6769,
DOI 10.17487/RFC6769, October 2012, DOI 10.17487/RFC6769, October 2012,
<http://www.rfc-editor.org/info/rfc6769>. <http://www.rfc-editor.org/info/rfc6769>.
skipping to change at page 32, line 8 skipping to change at page 32, line 52
2014, <http://www.rfc-editor.org/info/rfc7130>. 2014, <http://www.rfc-editor.org/info/rfc7130>.
[RFC7196] Pelsser, C., Bush, R., Patel, K., Mohapatra, P., and O. [RFC7196] Pelsser, C., Bush, R., Patel, K., Mohapatra, P., and O.
Maennel, "Making Route Flap Damping Usable", RFC 7196, Maennel, "Making Route Flap Damping Usable", RFC 7196,
DOI 10.17487/RFC7196, May 2014, DOI 10.17487/RFC7196, May 2014,
<http://www.rfc-editor.org/info/rfc7196>. <http://www.rfc-editor.org/info/rfc7196>.
[I-D.ietf-idr-add-paths] [I-D.ietf-idr-add-paths]
Walton, D., Retana, A., Chen, E., and J. Scudder, Walton, D., Retana, A., Chen, E., and J. Scudder,
"Advertisement of Multiple Paths in BGP", draft-ietf-idr- "Advertisement of Multiple Paths in BGP", draft-ietf-idr-
add-paths-13 (work in progress), December 2015. add-paths-15 (work in progress), May 2016.
[I-D.ietf-idr-link-bandwidth] [I-D.ietf-idr-link-bandwidth]
Mohapatra, P. and R. Fernando, "BGP Link Bandwidth Mohapatra, P. and R. Fernando, "BGP Link Bandwidth
Extended Community", draft-ietf-idr-link-bandwidth-06 Extended Community", draft-ietf-idr-link-bandwidth-06
(work in progress), January 2013. (work in progress), January 2013.
[I-D.ietf-rtgwg-bgp-pic] [I-D.ietf-rtgwg-bgp-pic]
Bashandy, A., Filsfils, C., and P. Mohapatra, "Abstract", Bashandy, A., Filsfils, C., and P. Mohapatra, "Abstract",
draft-ietf-rtgwg-bgp-pic-00 (work in progress), December draft-ietf-rtgwg-bgp-pic-00 (work in progress), December
2015. 2015.
skipping to change at page 33, line 14 skipping to change at page 34, line 9
[INTERCON] [INTERCON]
Dally, W. and B. Towles, "Principles and Practices of Dally, W. and B. Towles, "Principles and Practices of
Interconnection Networks", ISBN 978-0122007514, January Interconnection Networks", ISBN 978-0122007514, January
2004. 2004.
[ALFARES2008] [ALFARES2008]
Al-Fares, M., Loukissas, A., and A. Vahdat, "A Scalable, Al-Fares, M., Loukissas, A., and A. Vahdat, "A Scalable,
Commodity Data Center Network Architecture", August 2008. Commodity Data Center Network Architecture", August 2008.
[IANA.AS] IANA, , "Autonomous System (AS) Numbers", April 2016, [IANA.AS] IANA, , "Autonomous System (AS) Numbers", June 2016,
<http://www.iana.org/assignments/as-numbers/>. <http://www.iana.org/assignments/as-numbers/>.
[IEEE8023AD] [IEEE8023AD]
IEEE 802.3ad, , "IEEE Standard for Link aggregation for IEEE 802.3ad, , "IEEE Standard for Link aggregation for
parallel links", October 2000. parallel links", October 2000.
[ALLOWASIN] [ALLOWASIN]
Cisco Systems, , "Allowas-in Feature in BGP Configuration Cisco Systems, , "Allowas-in Feature in BGP Configuration
Example", April 2016, Example", June 2016,
<http://www.cisco.com/c/en/us/support/docs/ip/border- <http://www.cisco.com/c/en/us/support/docs/ip/border-
gateway-protocol-bgp/112236-allowas-in-bgp-config- gateway-protocol-bgp/112236-allowas-in-bgp-config-
example.html>. example.html>.
[VENDOR-REMOVE-PRIVATE-AS] [VENDOR-REMOVE-PRIVATE-AS]
Cisco Systems, , "Removing Private Autonomous System Cisco Systems, , "Removing Private Autonomous System
Numbers in BGP", August 2005, Numbers in BGP", August 2005,
<http://www.cisco.com/en/US/tech/tk365/ <http://www.cisco.com/en/US/tech/tk365/
technologies_tech_note09186a0080093f27.shtml>. technologies_tech_note09186a0080093f27.shtml>.
 End of changes. 25 change blocks. 
42 lines changed or deleted 80 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/