Advertising Node Admin Tags in BGP Link-State AdvertisementsArrcus, Inc.pushpasis.ietf@gmail.comRtBrick, Inc.hannes@rtbrick.comOrangestephane.litkowski@orange.comInter-Domain RoutingBGP-LSAdmin-TagTraffic EngineeringThis document describes the protocol extensions to collect node
administrative tags adevertised in IGP Link State advertisements and
disseminate the same in BGP Link-State advertisement protocol, to facilitate
inter-AS TE applications that may need the same node administrative tags
to associate a subset of network devices spanning across more than one AS
with a specific functionality.The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119. Advertising Node Administrative Tags in Link State protocols like
IS-IS and OSPF defines an optional
operational capability, that allows tagging and grouping of the nodes in
a IGP domain. This, among other applications, allows simple management and
easy control over route and path selection, based on local configured
policies. However, node administrative tags advertised in IGP
advertisements let network operators associate nodes within a single AS
(if not a single area). This limits the use of such node administrative
tags and applications that need to associate a subset of network devices
spanning across multiple AS with a specific functionality cannot use them.To address the need for applications that require visibility into
Link State Databases (LSDBs) across IGP areas, or even across ASes, the BGP-LS
address-family/sub-address-family have been defined that allows BGP to carry
LSDB information. The BGP Network Layer Reachability Information (NLRI)
encoding format for BGP-LS and a new BGP Path Attribute called BGP-LS
attribute are defined in . Please refer to
for more details. For the purpose of advertising node administrative tags within BGP
Link-State advertisements, a new Node Attribute TLV to be carried in the
corresponding BGP-LS Node NLRI is proposed. For more details on the Node
Attribute TLVs please refer to section 3.3.1 in
An administrative Tag is a 32-bit integer value that can be used to identify
a group of nodes in the entire routing domain. The new TLV and sub-TLV proposed
in IS-IS and OSPF respectively,
specifies one or more administrative tag values. A BGP Link-State speaker that also
participates in the IGP link state advertisements exchange may learn one or more
node administrative tags advertised by another router in the same IGP domain. Such
BGP-LS speaker shall encode the same set of node administrative tags in the
corresponding Node Attribute TLV representing the network device that originated
the node administrative tags. The node administrative tags advertised in IGP link state advertisements
will have either per-area(or per-level in IS-IS)scope or 'global' scope. An
operator may choose to advertise one set of node administrative tags across areas
(or levels in IS-IS) and advertise another set of node administrative tags within a
specific area (or level). But evidently two areas within the same AS or two
different AS's may use the same node administrative tag for different purposes.
In such a case, applications will need to distinguish between the per-area(or per-level)
scoped administrative tags originated from a specific node against those originated
from the same node with 'global' scope.A BGP-LS router in a given AS while copying the node administrative tags
learnt from IGP link-state advertisements, MUST also copy the scope associated
with the node administrative tags. Refer to
for how to encode the associated scope of a node administrative tags as well.To be able to distinguish between the significance of an administrative
tag learnt in one area, from that advertised in another area, or another
AS, any applications receiving such a BGP-LS advertisement MUST consider
the scope associated with each node administrative tag along with
the area(or level in IS-IS) and the AS number of the originating node
associated with corresponding IGP link state advertisement. The area(or
level) associated with the corresponding IGP link state advertisement
and the AS number associated with the originating node can be derived from
appropriate node attributes (already defined in
BGP-LS) attached with the
corresponding Node NLRI. specifies that ISIS level
information be encoded in Node NLRI
and OSPF Area Identifiers be encoded in
Node Descriptor Sub-TLVs.The BGP-LS NLRI can be a node NLRI, a link NLRI or a prefix NLRI. The
corresponding BGP-LS attribute is a node attribute, a link attribute or
a prefix attribute. BGP-LS
defines the TLVs that map link-state information to BGP-LS NLRI and BGP-LS
attribute. This document adds an new Node Attribute TLV called 'Node Admin
Tag TLV' to encode node administrative tags information. defines the 'Node
Admin Tag' sub-TLV in the Router Capability TLV (type 242) in IS-IS
Link State PDUs to encode node administrative tags. Similarly
defines the 'Node
Administrative Tag' TLV in OSPF Router Information LSAs to encode node
administrative tags in OSPF Link State update packets. The node
administrative tags TLVs learnt from the IGP link state advertisements
of a specific node will all be inserted in a new Node Admin Tag TLV
and added to the corresponding Node are mapped to the corresponding
BGP-LS Node NLRI. Node administrative tags from IGP advertisements are
mapped to the corresponding Node Admin Tag TLV in the following way.TLV Code PointDescriptionLengthIS-IS TLV/sub-TLVOSPF LSA/TLVTBDNode Admin Tag TLVVariable242/21RI-LSA/10The new Node Administrative Tag TLV, like other BGP-LS Node Attribute TLVs, is formatted
as Type/Length/Value (TLV)triplets. below shows the
format of the new TLV.This new type of 'Node Admin Tag' TLVs can ONLY be added to the Node
Attribute associated with the Node NLRI that originates the corresponding
node administrative tags in an IGP domain.All the node administrative tags with 'per-area' (or per-level) scope,
originated by a single node in an IGP domain SHALL be re-originated in a single
'Node Admin Tag' TLV and inserted in the Node NLRI generated for the same node.
Similarly, all the node administrative tags with 'global' scope originated
by the same node in IGP domain SHALL be re-originated in another 'Node Admin Tag'
TLV and inserted in the same Node NLRI generated for the originating node. Multiple
instances of a TLV may be generated by the BGP-LS router for a given node in the
IGP domain. This MAY happen if the original node's link state advertisement carries
more than 16383 node administrative groups and a single TLV does not
provide sufficient space. As such multiple occurence of the 'Node Admin Tag'
TLVs under a single BGP LS NLRI is cumulative.While copying node administrative tags from IGP link-state advertisements
to corresponding BGP-LS advertisements, the said BGP-LS speaker MAY run all the
node administrative flags through a locally configured policy that selects which
ones should be exported and which ones not. And then the node administrative
tag is copied to the BGP-LS advertisement if it is permitted to do so by the said
policy. Definition of such a policy is outside the scope of this document. Meaning of the Node administrative tags is generally opaque to the
BGP Link-State protocol. A router advertising the node administrative
tag (or tags) may be configured to do so without knowing (or even explicitly
supporting) functionality implied by the tag. Interpretation of tag values is specific to the administrative domain
of a particular network operator. The meaning of a node administrative
tag is defined by the network local policy. However multiple administrative
domain owners may agree on a common meaning implied by an administrative
tag for mutual benefit. The semantics of the tag order has no meaning. There is no implied
meaning to the ordering of the tags that indicates a certain operation
or set of operations that need to be performed based on the ordering. Each tag SHOULD be treated as an independent identifier that MAY be
used in policy to perform a policy action. Node administrative tags
carried by the Node Admin Tag TLV SHOULD be used to indicate independent
characteristics of the node in the IGP domain that originated it. The TLV
SHOULD be considered as an unordered list. Whilst policies may be implemented
based on the presence of multiple tags (e.g., if tag A AND tag B are present),
they MUST NOT be reliant upon the order of the tags (i.e., all policies
should be considered commutative operations, such that tag A preceding
or following tag B does not change their outcome). For more details on guidance regarding usage of node administrative
tags please refer to
section 4
in or
section 2.2.1
in . and
present some applications of node
administrative tags.The Policy-based Explicit routing use case can be extended to inter-area or
inter-AS scenarios where an end to end path needs to avoid or include nodes that
have particular properties. Following are some examples.
Geopolitical routing : preventing traffic from country A to country B
to cross country C. In this case, we may use node administrative tags to
encode geographical information (country). Path computation may be required
to take into account node administrative tag to permit avoidance of nodes
belonging to country C.Legacy node avoidance : in some specific cases, it is interesting for a
service-provider to force some traffic to avoid legacy nodes in the network.
For example, legacy nodes may not be carrier class (no high availability),
and a service provider may want to ensure that critical traffic only uses nodes
that are providing high availability.In case of inter-AS Traffic-Engineering applications, different ASes SHOULD
share their administrative tag policies. They MAY also need to agree upon some common
tagging policy for specific applications. For more details on some possible applications with node
administrative tags please refer to
section 3
in . This document requests assigning code-points from the registry
for BGP-LS attribute TLVs based on .
This section is structured as recommended in .Existing BGP and BGP-LS operational procedures apply.
No new operational procedures are defined in this document.This section contains the global table of all TLVs/Sub-TLVs defined in
this document.TLV Code PointDescriptionLength1040Node Admin TagvariableProcedures and protocol extensions defined in this document do not
affect the BGP security model. See the 'Security Considerations' section
of for a discussion of BGP security. Also refer
to and
for analysis of security issues for BGP.TBA.