One document matched: draft-lapukhov-bgp-routing-large-dc-00.xml
<?xml version="1.0"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?rfc toc="yes"?>
<?rfc compact="yes"?>
<?rfc symrefs="yes" ?>
<rfc category="info" ipr='trust200902' docName='draft-lapukhov-bgp-routing-large-dc-00'>
<front>
<title abbrev="draft-lapukhov-bgp-routing-large-dc">
Using BGP for routing in large-scale data centers
</title>
<author initials="P.L." surname="Lapukhov" fullname="Petr Lapukhov">
<organization>Microsoft Corp.</organization>
<address>
<postal>
<street>One Microsfot Way</street>
<city>Redmond</city> <region>WA</region>
<code>98052</code>
<country>US</country>
</postal>
<phone>+1 425 7032723 X 32723</phone>
<email>petrlapu@microsoft.com</email>
<uri>http://microsoft.com/</uri>
</address>
</author>
<author initials="A.P." surname="Premji" fullname="Ariff Premji">
<organization>Arista Networks</organization>
<address>
<postal>
<street>5470 Great America Parkway</street>
<city>Santa Clara</city> <region>CA</region>
<code>95054</code>
<country>US</country>
</postal>
<phone>+1 408-547-5699</phone>
<email>ariff@aristanetworks.com</email>
<uri>http://aristanetworks.com/</uri>
</address>
</author>
<date month='July' year='2012' day="7" />
<area >Routing</area>
<workgroup>IDR</workgroup>
<keyword>BGP</keyword>
<keyword>ECMP</keyword>
<keyword>Clos</keyword>
<abstract>
<t>
Some service providers build and operate data centers at the size exceeding 100,000 servers.
In this document, those data-centers are referred to as “large-scale” to differentiate them from more common smaller infrastructures.
The data centers of that scale have unique set of network design requirement, with primary focus on operational simplicity and stability.
</t>
<t>
This document attempts to summarize the authors' experiences in designing and supporting large data centers, using BGP as the only control-plane protocol.
The intent is to describe a proven and stable routing design that could be leveraged by others in the industry.
</t>
</abstract>
</front>
<middle>
<section title="Introduction" anchor="intro">
<t>
This document presents a practical routing design to be used in large-scale data centers, sometimes called hyperscale or warehousr-scale.
The most distinctive characterstic of these data center is having 100,000 or more end hosts connected to the network. While historically
only a few companies have been operating networks of that scale, recent trend in building large cloud data centers re-ignated interest
in network designs to support deployment of this scale.
In contrary to more traditional data center designs,
the approach proposed in this document does not depend on large Layer 2 domains and instead uses routing at every level of the network.
The reason to make that choice
is based on the unique set of design requirements, with primary focus on cost reduction. Furthermore, analyzing the requirements
the conclusion is that BGP best suits to accomplish this goal due primarily to its simplicity and broad vendor support.
</t>
</section>
<section title="Traditional data center designs">
<t>
This section provides an overview of two types of traditional data center designs - Layer-2 and fully routed Layer-3 topologies.
</t>
<section title="Layer 2 Designs">
<t>
In the networking industry, common design choice for data centers is using a mix of Ethernet-based Layer 2 technologies.
Network topology typically looks like a tree with redundant uplinks and three levels of hierarchy (see <xref target="typical-dc"></xref>) commonly named Core, Aggregation and Access.
To accommodate bandwidth demands, every next level has higher port density and bandwidth capacity.
In this document, the topology layers will be referenced as "tiers", e.g. Tier 1, Tier 2 and Tier 3 instead of Core, Aggregation or Access layers.
</t>
<figure title="Typical Data Center network layout" anchor="typical-dc">
<artwork>
+------+ +------+
| | | |
| |==| | Tier1
| | | |
+------+ +------+
| | | |
+---------+ | | +----------+
| +-------+--+------+--+-------+ |
| | | | | | | |
+----+ +----+ +----+ +----+
| | | | | | | |
| |=====| | | |=====| | Tier2
| | | | | | | |
+----+ +----+ +----+ +----+
| | | |
| | | |
| +-----+ | | +-----+ |
+-| |-+ +-| |-+ Tier3
+-----+ +-----+
| | | | | |
[Servers] [Servers]
</artwork>
</figure>
<t>
IP routing is normally used only at the upper layers of the topology, e.g. Tier 1 or Tier 2. The main reasons for introducing such large (sometimes called stretched) Level 2 domains, are the following:
</t>
<t>
<list style="symbols">
<t>Supporting legacy applications that may require direct Layer 2 adjacency or use non-IP protocols</t>
<t>Seamless mobility for virtual machines, to allow preserving IP address when a virtual machine changes physical host</t>
<t>Simplified IP addressing – less IP subnets is required for the data-center</t>
<t>Application load-balancing may require direct Layer 2 adjacency to perform some functions such as Level 2 Direct Server Return (DSR)</t>
</list>
</t>
</section>
<section title="Fully routed network designs">
<t>
Network designs that leverage IP routing down to the access layer (Tier 3) of the network gained some popularity,
mostly due to improved network stability, scalability (by means of information hiding) and convergence times.
A common choice of routing protocol for data center designs would be an IGP, such as OSPF or ISIS.
As data centers grow in scale, and server count exceeds tens of thousands, those fully routed designs become more attractive.
</t>
<t>
BGP is the de-facto standard protocol for routing on the Internet, having wide support from network equipment vendors and being well-understood by network engineers world-wide.
However, it is not common to see BGP being used in data centers that employ fully routed network design. There multiple reasons for that:
</t>
<t>
<list style="symbols">
<t>BGP is perceived as “WAN protocol only” and often not being considered for enterprise or data center application</t>
<t>BGP is believed to converge “slower” than traditional IGPs</t>
<t>BGP is assumed to have a dependency on the presence of an IGP, which assists with recursive next-hop resolution</t>
<t>BGP require a lot of configuration efforts as it does not support any form of neighbor auto-discovery</t>
</list>
</t>
<t>
In this document we argue benefits of choosing BGP as the single routing protocol, including acceptable convergence time.
</t>
</section>
</section>
<section title="Document structure">
<t>
The remaining of this document is organized as following.
First the design requirements for large scale data centers are presented.
Next, the document gives an overview of Clos network topology and its properties.
After that, the arguments for selecting BGP as the single routing protocols are presented.
Finally, the document goes over design detail and specific BGP policy features.
</t>
</section>
<section title="Network design requirements">
<t>
This section describes and summarizes network design requirement for a large-scale data center.
</t>
<section title="Traffic patterns">
<t>
The primary requirement when building an interconnection network for large number of servers is accommodating application bandwidth and latency requirements.
For long period of time, it was common to see traffic flowing mainly to and from the data center.
There were no intense (highly meshed flows) traffic patterns between the machines within the same tier.
As a result, traditional "tree" topology was sufficient to accommodate data flow, even with high oversubscription ratios in network equipment.
If more bandwidth was required, it was added by “scaling up” the network elements, e.g. by adding more line-cards or replacing existing devices with higher capacity switches.
</t>
<t>
In contrast, large-scale data centers often host applications that generate large amount of server to server traffic, also known as “east-west” traffic.
Examples of such applications could be compute clusters such as Hadoop or live virtual machine migration in “cloud” data-centers.
Scaling up traditional tree topology to match those bandwidth demands becomes either too expensive or impossible due to physical limitation.
</t>
</section>
<section title="CAPEX minimization">
<t>
Cost of networking component alone (CAPEX) constitutes about 10-15% of total data center cost <xref target="GREENBERG2009"/>.
Still, absolute numbers are significant, and hence the need to constantly drive cost of networking elements down. This is normally accomplished in two ways:
</t>
<t>
<list style="symbols">
<t>Unifying network elements, preferably using the same hardware type or even the same device. This allows for bulk purchases with discounted pricing.</t>
<t>Driving costs down by introducing diversity of networking vendors that may supply equipment for data center network</t>
</list>
</t>
<t>
In order to allow for vendor diversity, it is important to minimize the feature requirements for network equipment software.
In addition, the above strategy means that network equipment vendor choice may change often, or that the network may have to be multi-vendor and
interoperability becomes critical.
</t>
</section>
<section title="OPEX minimization">
<t>
Operating large scale infrastructure could be expensive, provide that larger amount of elements will statistically fail more often.
Therefore, it is important to operate on the simplest software and feature set possible.
</t>
<t>
An important aspect of OPEX minimization is reducing size of failure domains in the network.
Ethernet data-plane is known to be susceptible to massive impact due to broadcast or unicast storms.
The use of fully routed designs reduces the size of data-plane failure domains, but at the time introduces the problem of distributed control-plane failures.
This requirement calls for simpler control-plane protocols that are expected to have less chances of network meltdown.
</t>
</section>
<section title="Traffic Engineering">
<t>
In any data center, application load-balancing is critical function performed by network devices.
Traditionally, load-balancers are deployed as dedicated devices in traffic forwarding path.
A common problem is scaling load-balancers under growing traffic demand.
Preferable solution would be able to scale load-balancing layer horizontally, by adding more of the uniform nodes and distributing incoming traffic across them.
</t>
<t>
In situation like this, an ideal choice would be using network infrastructure to distribute traffic across a group of load-balancers.
A combination of features such Anycast prefix advertisement <xref target="RFC4786"/> along with Equal Cost Multipath (ECMP) functionality could be used to accomplish this.
To allow for more granular load-distribution, it is beneficial for the network to support the ability to perform controlled per-hop traffic engineering.
</t>
</section>
</section>
<section title="Requirement List">
<t>
This section summarizes the requirements in a list, based on the analysis made before
</t>
<t>
<list style="symbols">
<t>
REQ1: Select a network topology where capacity could be scaled “horizontally” by adding more links and network switches of the same type, without requiring upgrading the network elements themselves.
</t>
<t>
REQ2: Define a narrow set of software features/protocols supported by multitude of networking equipment vendors.
</t>
<t>
REQ3: Among the network protocols, select those having simpler implementation in terms of minimal programming code complexity.
</t>
<t>
REQ4: The selected network routing protocol should support per-hop change of forwarding behavior.
</t>
</list>
</t>
</section>
<section title="Network topology">
<t>
This section outlines the most common choice for horizontally scalable topology in large scale data centers.
</t>
<section title="Clos topology overview">
<t>
A common choice for horizontally scalable topology is folded Clos topology (sometimes called “fat-tree”).
This topology features odd number of stages (dimensions) and commonly made of the same uniform elements, e.g. switches of the same port count.
Therefore, the choice of Clos topology satisfies both REQ1 and REQ2. See <xref target="three-stage-clos"/> below for an example of folded 3-stage Clos topology:
</t>
<figure title="3-Stage Folded Clos topology" anchor="three-stage-clos">
<artwork>
+-------+
| |----------------------------+
| |------------------+ |
| |--------+ | |
+-------+ | | |
+-------+ | | |
| |--------+---------+-------+ |
| |--------+-------+ | | |
| |------+ | | | | |
+-------+ | | | | | |
+-------+ | | | | | |
| |------+-+-------+-+-----+ | |
| |------+-+-----+ | | | | |
| |----+ | | | | | | | |
+-------+ | | | | | | ---------> M links
Tier1 | | | | | | | | |
+-------+ +-------+ +-------+
| | | | | |
| | | | | | Tier2
| | | | | |
+-------+ +-------+ +-------+
| | | | | | | | |
| | | | | | ---------> N Links
| | | | | | | | |
O O O O O O O O O Servers
</artwork>
</figure>
<t>
In the networking industry, a topology like this is sometimes referred to as “Leaf and Spine”, where Spine is the name for the middle stage of the
Clos topology (Tier 1) and Leaf is the name of input/output stage (Tier 2).
However, for consistency, the document will be using "Tier n" notation.
</t>
</section>
<section title="Clos topology properties">
<t>
The following are some key properties of the Clos topology:
</t>
<t>
<list style="symbols">
<t>Topology is fully non-blocking (or more accurately - non-interfering) if M >= N and oversubscribed by a factor of N/M otherwise.
Here M and N is the uplink and downlink port count respectively, for Tier 2 switch, as shown on <xref target="three-stage-clos"/></t>
<t>Implementing Clos topology requires a routing protocol supporting ECMP with the fan-out of M or more</t>
<t>Every Tier 1 device has exactly one path to every end host (server) in this topology</t>
<t>Traffic flowing from server to server is naturally load-balanced over all available paths using simple ECMP behavior</t>
</list>
</t>
</section>
<section title="Scaling Clos topology">
<t>
Clos topology could be scaled either by increasing network switch radix or adding more stages, e.g. moving to a 5-stage Clos, as illustrated
on <xref target="five-stage-clos"/> below:
</t>
<figure title="5-Stage Clos topology" anchor="five-stage-clos">
<artwork>
Tier1
+-----+
| |
+--| |--+
| +-----+ |
Tier2 | | Tier2
+-----+ | +-----+ | +-----+
+-------------| DEV |--+--| |--+--| |-------------+
| +-----| C |--+ | | +--| |-----+ |
| | +-----+ +-----+ +-----+ | |
| | | |
| | +-----+ +-----+ +-----+ | |
| +-----+-----| DEV |--+ | | +--| |-----+-----+ |
| | | +---| D |--+--| |--+--| |---+ | | |
| | | | +-----+ | +-----+ | +-----+ | | | |
| | | | | | | | | |
+-----+ +-----+ | +-----+ | +-----+ +-----+
| DEV | | DEV | +--| |--+ | | | |
| A | | B | Tier3 | | Tier3 | | | |
+-----+ +-----+ +-----+ +-----+ +-----+
| | | | | | | |
O O O O <- Servers -> O O O O
</artwork>
</figure>
<t>
The topology on <xref target="five-stage-clos"/> is built from switches with radix 4 and provides full bisection bandwidth to all connected servers.
We’ll be referring to the collection of directly connected Tier 2 and Tier 3 switches as “cluster” in this document.
For example, devices A, B, C, and D on <xref target="five-stage-clos"/> form a cluster.
</t>
<t>
In practice, Tier 3 level of the network (typically top of rack switches, or ToRs) often introduces oversubscription to allow for packaging more servers in data center.
The main reason to oversubscribe only at a single layer of the network is to simplify application development that would need to account for two bandwidth pools:
within the same access switch (e.g. rack) and outside of the local switch. Oversubscription, however, does not affect routing design and hence not considered in more details in this document.
</t>
</section>
</section>
<section title="Routing design">
<t>
This section discusses the motivation for choosing BGP as the routing protocol and BGP configuration for routing in Clos topology.
</t>
<section title="Choosing the routing protocol">
<t>
The set of requirement provide above calls for a single routing protocol (REQ2) in the data center to reduce complexity and interdependencies.
While it’s common to rely on an IGP in this situation, the document proposes to use BGP only.
The advantages of using BGP are argued below.
</t>
<t>
<list style="symbols">
<t>
BGP has less complexity in protocol design – internal data structures and state-machines are simpler when compared to a link-state IGP.
For example, as opposed to implementing adjacency formation and maintenance, flow-control, etc. BGP simply relies on TCP as the underlying transport.
This also simplified protocol testing and fulfills REQ1 and REQ2.</t>
<t>
BGP information flooding overhead is less when compared to link-state IGPs.
Indeed, since every BGP router normally re-calculates and propagates best-paths only, a network failure is masked as soon as BGP speaker finds an alternate path.
On contrary, event propagation scope of a link-state IGP is single area/domain, regardless of the failure type.
Furthermore, all well-known link-state IGPs feature periodic refresh updates, while BGP does not expire routing state.
</t>
<t>
BGP supports third-party (recursively resolved) next-hops, which allows for injecting custom routing paths into any device in the network, using eBGP multi-hop peering session.
This satisfied REQ4 stated above.
Some IGPs, such as OSPF, support similar functionality using special concepts such as “Forwarding Address”, but do not satisfy other requirement, such as protocol simplicity.
</t>
<t>
BGP is easier to troubleshoot, mostly because of simplified protocol mechanics and database structures that directly map to forwarding tables structure.
For example, it is straightforward to dump contents of LocRIB and compare it to the router's RIB and FIB.
As another example, BGP routing updates translate directly into NLRI information, as compared to LSA/LSP information that describes network topology.
Thus BGP fully satisfies REQ3.
</t>
</list>
</t>
</section>
<section title="BGP configuration for Clos topology">
<t>
This section provides configuration guidelines for a 5-stage Clos topology. It is easy to reduce it to a 3-Stage Clos configuration, and having topology that
has more than 5 stages is very uncommon due to high link density of associated designs.
</t>
<section title="BGP Autonomous System numbering layout">
<t>
The diagram below illustrates suggests BGP Autonomous System Number (BGP ASN) allocation scheme. The following is a list of guiding principles:
</t>
<t>
<list style="symbols">
<t>
All BGP peering sessions are external BGP (eBGP) established over direct point-to-point links interconnecting the network switches.
</t>
<t>
16-bit (two octet) BGP ASNs are used, for the reason of wider vendor support and better vendor interoperability
(e.g. no need to support BGP capability negotiation).
</t>
<t>
Private BGP ASNs from the range 64512-64534 are used for the reasons of avoiding ASN conflicts and being able to use BGP private ASN
stripping feature (see below).
</t>
<t>
A single BGP ASN is allocated to the Clos middle stage (“Tier 1”), e.g. ASN 64534 on <xref target="bgp-five-stage-clos"/>
</t>
<t>
Unique BGP ASN is allocated per every group of “Tier 2” switches. All Tier 2 switches in the same group share the BGP ASN.
</t>
<t>
Unique BGP ASN is allocated to every Tier 3 switch (e.g. ToR) in this topology.
</t>
</list>
</t>
<figure title="BGP ASN layout for 5-stage Clos" anchor="bgp-five-stage-clos">
<artwork>
ASN 64534
+---------+
| +-----+ |
| | | |
+-|-| |-|-+
| | +-----+ | |
ASN 64XXX | | | | ASN 64XXX
+---------+ | | | | +---------+
| +-----+ | | | +-----+ | | | +-----+ |
+-----------|-| |-|-+-|-| |-|-+-|-| |-|-----------+
| +---|-| |-|-+ | | | | +-|-| |-|---+ |
| | | +-----+ | | +-----+ | | +-----+ | | |
| | | | | | | | | |
| | | | | | | | | |
| | | +-----+ | | +-----+ | | +-----+ | | |
| +-----+---|-| |-|-+ | | | | +-|-| |-|---+-----+ |
| | | +-|-| |-|-+-|-| |-|-+-|-| |-|-+ | | |
| | | | | +-----+ | | | +-----+ | | | +-----+ | | | | |
| | | | +---------+ | | | | +---------+ | | | |
| | | | | | | | | | | |
+-----+ +-----+ | | +-----+ | | +-----+ +-----+
| ASN | | | +-|-| |-|-+ | | | |
|65YYY| | ... | | | | | | ... | | ... |
+-----+ +-----+ | +-----+ | +-----+ +-----+
| | | | +---------+ | | | |
O O O O <- Servers -> O O O O
</artwork>
</figure>
</section>
<section title="Non-unique private BGP ASN’s">
<t>
The use of private BGP ASNs limits to a range of 1022 unique numbers.
It is possible that the number of network switches could exceed this value, and such situation requires a workaround.
One approach could be re-using the private ASN’s assigned to Tier 3 switches across different clusters.
For example, private BGP ASN’s 65001, 65003 ... 65032 could be used within every individual cluster to be assigned to Tier 3 switches.
</t>
<t>
To avoid Tier 3 route discards on the Tier 3 switches sharing the same ASN due to AS PATH loop prevention, upstream eBGP sessions on Tier 3 switches must
be configured with so-called “AllowAS In” feature. This BGP policy feature allows accepting device’s own ASN in incoming BGP path advertisements.
Introduction of this feature does not create the opportunity for permanent routing loops under misconfiguration since AS PATH is always increments when
routes are propagated from tier to tier.
</t>
<t>
Another solution to this problem would be switching over to using four-octet (32-bit) BGP ASNs.
However, there is no explicitly reserved private ASN range in four-octet numbering, but a work is in progress to request such an
allocation in <xref target="I-D.mitchell-idr-as-private-reservation"/>.
This will also require vendors to implement specific policy features, such as private AS removal from AS-PATH attribute.
</t>
</section>
<section title="Prefix advertisement">
<t>
Clos topology has large number of point-to-point links and associated prefixes.
Advertising all of them into BGP may create FIB sizing issues, and there are two possible solutions to overcome this:
</t>
<t>
<list style="symbols">
<t>
Do not advertise any of the point-to-point links into BGP.
Since eBGP peering changes next-hop address at every node, this will not create any reachability issues for subnets advertised from Tier 3 switches.
</t>
<t>
Advertising point-to-point links, but summarizing them on every advertising device.
This requires proper address allocation, for example allocating a consecutive block of IP addresses per Tier 1 and Tier 2 device
to be used for point-to-point interface numbering.
</t>
</list>
</t>
<t>
Server facing subnets on Tier 3 switches are announced into BGP without using summarization on Tier 2 and Tier 1 switches.
Summarizing subnets in the Clos topology will result in route black-holing under a single link failure (e.g. between Tier 2 and Tier 3 switch) and hence must be avoided.
The use of peer links within the same tier to resolve the black-holing problem is undesirable due to O(N^2) complexity of the peering mesh and waste of ports on the switches.
</t>
</section>
<section title="External connectivity">
<t>
A dedicate cluster (or clusters) in Clos topology could be selected solely for the purpose of connecting to the Wide Area Network (WAN) edge devices,
which we will call WAN Routers.
Tier 3 switches in such cluster would be replaced with WAN Routers, but eBGP peering will be used as usual, though WAN routers are likely to belong to a
public ASN.
</t>
<t>
The Tier 2 devices in such dedicated cluster will be referenced as “Border Routers” in this document. These devices have to perform a few special functions:
</t>
<t>
<list style="symbols">
<t>
Hide network topology information when advertising paths to WAN routers, i.e. remove some BGP AS-PATH information.
This is typically done to avoid BGP ASN number collisions across the data centers.
A BGP policy feature called “Remove Private AS” is commonly used to accomplish this. This feature strips contiguous sequence of private ASNs found
in AS PATH attribute prior to advertising the path to a neighbor. This assumes that all BGP ASN’s used for intra data center numbering are from private range.
</t>
<t>
Originate a default route to the data center devices.
This is the only place where default route could be originated, as route summarization is highly undesirable for the “scale-out” topology.
Alternatively, Border Routers may simply relay the default route learned from WAN routers.
</t>
</list>
</t>
</section>
</section>
<section title="ECMP Considerations">
<t>
This section goes over Equal Cost Multipath (ECMP) functionality for Clos topology and covers a few special requirements.
</t>
<section title="Basic ECMP">
<t>
ECMP is the key load-sharing mechanism leveraged by Clos topology.
Effectively, every lower-tier switch will use all of its directly attached upper-tier devices to load-share traffic to the same prefix.
Number of ECMP paths between two input/output switches in Clos topology equals to the number of the switches in the middle stage (Tier 1).
For example, <xref target="ecmp-fan-out"/> illustrates the topology where Tier 3 device A has four paths to reach servers X and Y, via Tier 2
devices B and C and then Tier 1 devices 1, 2, 3, and 4 respectively.
</t>
<figure title="ECMP fan-out tree from A to X and Y" anchor="ecmp-fan-out">
<artwork>
Tier 1
+-----+
| DEV |
+->| 1 |--+
| +-----+ |
Tier 2 | | Tier 2
+-----+ | +-----+ | +-----+
+------------>| DEV |--+->| DEV |--+--| |-------------+
| +-----| B |--+ | 2 | +--| |-----+ |
| | +-----+ +-----+ +-----+ | |
| | | |
| | +-----+ +-----+ +-----+ | |
| +-----+---->| DEV |--+ | DEV | +--| |-----+-----+ |
| | | +---| C |--+->| 3 |--+--| |---+ | | |
| | | | +-----+ | +-----+ | +-----+ | | | |
| | | | | | | | | |
+-----+ +-----+ | +-----+ | +-----+ +-----+
| DEV | | | Tier 3 +->| DEV |--+ Tier 3 | | | |
| A | | | | 4 | | | | |
+-----+ +-----+ +-----+ +-----+ +-----+
| | | | | | | |
O O O O <- Servers -> X Y O O
</artwork>
</figure>
<t>
The ECMP requirement implies that BGP implementation must support multi-path fan-out for up to the maximum number of devices directly attached
at any point in the topology. Normally, this number does not exceed half of the ports found on a switch in the topology, e.g. 32 for a 64-port switch.
</t>
<t>
Most implementations declare paths to be equal from ECMP perspective if they match up to and including step (e) in Section 9.1.2.2 of <xref target="RFC4271"/>.
In the proposed network design there is no underlying IGP, so all IGP costs are automatically assumed to be zero (or otherwise the same value across all paths).
Loop prevention is assumed to be handled by BGP best-path selection process.
</t>
</section>
<section title="BGP ECMP over multiple ASN">
<t>
For the purpose of application load-balancing purposes same prefix could be advertised from multiple Tier-3 switches.
From the perspective of other devices, such prefix would have BGP paths with different AS PATH attribute values, though having the same AS PATH length.
BGP implementation must support load-sharing for the paths having different AS PATH attribute values with equal attribute length.
This feature is sometimes known as “AS PATH multipath relax” and effectively allows for ECMP to be done across different neighboring ASNs.
</t>
</section>
</section>
<section title="BGP convergence properties">
<t>
This section reviews routing convergence properties of BGP in the proposed design.
A case is made that sub-second convergence is achievable provided that implementation supports fast BGP peering session shutdown upon failure of an associated link.
</t>
<section title="Convergence timing">
<t>
BGP typically relies on IGP to route around link/node failures inside an AS, and implements either polling based or event-driven mechanism to obtain updates on IGP state changes.
The proposed routing design lacks any IGP, so the only mechanism that could be used for fault detection is BGP keep-alive packet exchange.
</t>
<t>
Relying purely on BGP keep-alive packets may result in high convergence delays, on the order of multiple seconds (normally, the minimum recommended BGP hold time
value is 3 seconds).
However, many BGP implementations can shut down local eBGP peering sessions in response to the "link down" event for the outgoing interface used for BGP peering.
This feature is sometimes called as “fast fall-over”.
Since majority of the links in modern data centers are point to point fiber connections, a physical failure translates into interface going down within order
of milliseconds, and trigger BGP re-convergence. Furthermore, popular link technologies, such as 10Gbps Ethernet, may support simple form of OAM for failure signaling
such as <xref target="FAULTSIG10GE"/>, which makes failure detection more robust.
Alternatively, as opposed to relying on physical layer for fault signaling,
some platforms may support Bidirectional Forwarding Detection (<xref target="RFC5880"/>) to allow for sub-second failure detection and fault signaling to BGP process. This,
however, presents additional requirements to vendor software and possibly hardware, and may contradict REQ1.
</t>
</section>
<section title="Failure impact scope">
<t>
BGP is inherently a distance-vector protocol, and as such some of failures could be masked if the local node can immediately find a backup path.
Worst case is that all devices would have to either withdraw a prefix completely, or update the ECMP paths in the FIB.
That fault domain cannot be reduced by using summarization, since using this technique may create route black-holing issues as mentioned previously.
</t>
</section>
<section title="Third-party route injection">
<t>
BGP allows for a third-party BGP speaker (not necessarily directly attached to the network devices) to inject routes at any point of network topology.
This could be achieved by peering an external speaker using eBGP multi-hop session with some or even all devices in the topology.
Furthermore, BGP diverse path distribution <xref target="I-D.ietf-grow-diverse-bgp-path-dist"/> could be used to inject multiple next-hop for the same
prefix and facilitate load-balancing.
Using that technique, it is possible to implement unequal-cost load-balancing across multiple clusters in the data-center, by associating the same
prefix with next-hops mapping to different clusters.
</t>
<t>
For example, a third-party BGP speaker may peer with Tier 3 and Tier 1 switches, injecting the same prefix, but using a special set of BGP next-hops
for Tier 1 devices.
Those next-hops are assumed to resolve recursively via BGP, and could be, for example, IP addresses on Tier 3 switches.
The resulting forwarding table programming could provide desired traffic proportion distribution among different clusters.
</t>
</section>
</section>
</section>
<section title="Security Considerations">
<t>
The design does not introduce any special security concerns others than normally associated with BGP deployments.
For control plane security, BGP peering sessions could be authenticated using TCP MD5 signature extension header <xref target="RFC2385"/>.
Furthermore, BGP TTL security <xref target="I-D.gill-btsh"/> could be used to reduce the risk of session spoofing and TCP SYN flooding attacks against the control plane.
</t>
</section>
<section title="IANA Considerations">
<t>
There are no considerations associated with IANA for this document.
</t>
</section>
<section title="Acknowledgements">
<t>
This publication summarizes work of many people who participated in developing, testing and deploying the proposed design. Their names, in alphabetical order, are
George Chen, Parantap Lahiri, Dave Maltz, Edet Nkposong, Robert Toomey, and Lihua Yuan. Authors would also like to thank Jon Mitchell for reviewing and providing
valuable feedback on the document.
</t>
</section>
</middle>
<back>
<references title="Informative References">
<?rfc include="reference.RFC.4786.xml"?>
<?rfc include="reference.RFC.4271.xml"?>
<?rfc include="reference.RFC.2385.xml"?>
<?rfc include="reference.RFC.5880.xml"?>
<?rfc include="reference.I-D.ietf-grow-diverse-bgp-path-dist"?>
<?rfc include="reference.I-D.mitchell-idr-as-private-reservation"?>
<?rfc include="reference.I-D.gill-btsh"?>
<reference anchor="GREENBERG2009" target="">
<front>
<title>The Cost of a Cloud: Research Problems in Data Center Networks</title>
<author initials="A" surname="Greenberg" fullname="Albert Greenberg">
<organization />
</author>
<author initials="J" surname="Hamilton" fullname="James Hamilton">
<organization />
</author>
<author initials="D" surname="Maltz" fullname="Dave Maltz">
<organization />
</author>
<date month="January" year="2009" />
</front>
</reference>
<reference anchor="FAULTSIG10GE" target="">
<front>
<title>Remote Fault & Break Link Proposal for 10-Gigabit Ethernet</title>
<author initials="H" surname="Frazier" fullname="Howard Frazier">
<organization />
</author>
<author initials="S" surname="Muller" fullname="Shimon Muller">
<organization />
</author>
<date month="September" year="2000" />
</front>
</reference>
</references>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 21:50:00 |