Group Cooperative Route Filtering Capability for BGP-4 draft-muley-hares-idr-orf-order-01.txt

1. Praveen Muley (Alcatel), Susan Hares (NextHop) , Keyur Patel (Cisco), Luyuan Fang (AT&T), Benson Schliesser (Savvis), Nabil Bitar (Verizon) Group Cooperative Route Filtering Capability for BGP-4 draft-muley-hares-idr-orf-order-01.txt

2. Summary • Policies are being written with multiple ORF types that you want to group, but no grouping exists • Want something like a “route-map” function • This draft adds missing functionality of relation between the ORF entries • Draft was first presented in San Diego IETF60 • Feedback was to incorporate the deployment scenarios. • New Co-authors have joined.

3. Problem • Today ORFs expression does logical “AND” among the ORF types and logical “OR” among the ORF entries. • That may not provide adequate ORF filter expression of policy for processing. • Policies are being written with multiple ORF types • Want to Group and use OR/AND operators across ORF entries • Want something like a “route-map” function • Current operational procedures for filtering provides AFI/SAFI context only. • Grouping will give further context granularity in the same AFI/SAFI.

4. Solution • Create Groups of policies that are applied in a specific order • Apply Group policies numerical order (1, 2, 3) • Apply Group polices before Non-Group polices • Use defaults in standards or • Specify defaults (via a new Default ORFs)

5. Current ORF format AFI (2 octets) Reserved (1 octet) SAFI (1 octet) When to refresh (1 octet) ORF type (1 octet) Length of ORFs (2 octets) First ORF entry (variable) Second ORF entry (variable)

6. GROUP ORF ID format Common ORF Flag (OR) Group id (1 octet) ORF type (1 octet) Length of ORFs (2 octets) First ORF entry (variable) Second ORF entry (variable) N- ORF entry (variable) ORF type (1 octet) Length of ORFs (2 octets) First ORF entry (variable) Second ORF entry (variable)

7. ORF Entry within Group ID Action (2 bit) • AND/OR bit (0=OR, 1 = AND) • Semantics of the bits in Group ORF impact next ORF entries (last ignored) ORF-entry-1(AND), ORF-Entry-2 (OR) , ORF-Entry-3(AND) ORF-Entry-4 (I) = (ORF-Entry-1 AND ORF-Entry2) OR (ORF-Entry-3 and ORF-Entry-4) Match (1 bit) AND/OR (1 bit) Reserved (4 bits) Type specific part (variable)

8. Process • Group identified by Group id • Groups a set of ORFs • ORF procedure same within ORF with exception of the AND/OR bit operation • Apply ORFs in order of Group ID • Non-Grouped ORFs applied later

9. Uses of Group ORF • Layer 3 VPN policies • Policies for Global routing that include all ORFS

10. AFI/SAFI = IPVPN Group 1 (implicitly Red VPN) Extended ORF Type = Target Extended Community Permit Red (AND) ORF Type = Community Permit City1 Customer Site 4 (VRF) City 4 (COM) Two VPN Customer Site2, City2 CE –A2 PE 4 CE-A4 RR Customer Site 3 City 3 CE-B3 Customer Site 1, City1 CE -A1 PE 2 VRF Blue VRF Blue VRF Blue Customer Site 3 City 3 VRF- Red CustomerSite 1, City 1 PE 1 VRF Blue CE-A5 VRF Red VRF Red CE-B1 PE 3 CE-B2 Customer Site 5 City 5 PE 1 CustomerSite 2, City 2 CE-A5 Customer Site 5 City 5 CE-B2 (OR) Group 2 (implicitly Blue VPN) Extended ORF Type = Target Extended Community Permit BLUE (AND)ORF Type = Community Permit City2

11. Prefix and ASPATH AFI/SAFI = IPV4 Group 1 [permit action] ORF Type = Prefix match X, permit match Y, permit match Z, permit (AND) ORF Type = ASPATH match ASPATH 3,1.*, permit (OR) Group 2 [Deny Action] ORF Type = Prefix Match prefix( */25) or longer (OR) Group 3 [Permit Action] ORF Type = Prefix Match prefix(*) Net X, Y, Z AS 1 AS 2 AS 3 AS 4