summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc9069.txt
blob: 501e30d5fd0ad93a8b930c67b4e655e6f0daf863 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
Internet Engineering Task Force (IETF)                          T. Evens
Request for Comments: 9069                                 Cisco Systems
Updates: 7854                                               S. Bayraktar
Category: Standards Track                                 Menlo Security
ISSN: 2070-1721                                              M. Bhardwaj
                                                           Cisco Systems
                                                              P. Lucente
                                                      NTT Communications
                                                           February 2022


       Support for Local RIB in the BGP Monitoring Protocol (BMP)

Abstract

   The BGP Monitoring Protocol (BMP) defines access to local Routing
   Information Bases (RIBs).  This document updates BMP (RFC 7854) by
   adding access to the Local Routing Information Base (Loc-RIB), as
   defined in RFC 4271.  The Loc-RIB contains the routes that have been
   selected by the local BGP speaker's Decision Process.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc9069.

Copyright Notice

   Copyright (c) 2022 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Revised BSD License text as described in Section 4.e of the
   Trust Legal Provisions and are provided without warranty as described
   in the Revised BSD License.

Table of Contents

   1.  Introduction
     1.1.  Alternative Method to Monitor Loc-RIB
   2.  Terminology
   3.  Definitions
   4.  Per-Peer Header
     4.1.  Peer Type
     4.2.  Peer Flags
   5.  Loc-RIB Monitoring
     5.1.  Per-Peer Header
     5.2.  Peer Up Notification
       5.2.1.  Peer Up Information
     5.3.  Peer Down Notification
     5.4.  Route Monitoring
       5.4.1.  ASN Encoding
       5.4.2.  Granularity
     5.5.  Route Mirroring
     5.6.  Statistics Report
   6.  Other Considerations
     6.1.  Loc-RIB Implementation
       6.1.1.  Multiple Loc-RIB Peers
       6.1.2.  Filtering Loc-RIB to BMP Receivers
       6.1.3.  Changes to Existing BMP Sessions
   7.  Security Considerations
   8.  IANA Considerations
     8.1.  BMP Peer Type
     8.2.  BMP Loc-RIB Instance Peer Flags
     8.3.  Peer Up Information TLV
     8.4.  Peer Down Reason Code
     8.5.  Deprecated Entries
   9.  References
     9.1.  Normative References
     9.2.  Informative References
   Acknowledgements
   Authors' Addresses

1.  Introduction

   This document defines a mechanism to monitor the BGP Loc-RIB state of
   remote BGP instances without the need to establish BGP peering
   sessions.  BMP [RFC7854] does not define a method to send the BGP
   instance Loc-RIB.  It does define locally originated routes in
   Section 8.2 of [RFC7854], but these routes are defined as the routes
   that originated into BGP (e.g., Section 9.4 of [RFC4271]).  Loc-RIB
   includes all selected received routes from BGP peers in addition to
   locally originated routes.

   Figure 1 shows the flow of received routes from one or more BGP peers
   into the Loc-RIB.

              +------------------+      +------------------+
              | Peer-A           |      | Peer-B           |
          /-- |                  | ---- |                  | --\
          |   | Adj-RIB-In (Pre) |      | Adj-RIB-In (Pre) |   |
          |   +------------------+      +------------------+   |
          |                 |                         |        |
          | Filters/Policy -|         Filters/Policy -|        |
          |                 V                         V        |
          |   +------------------+      +------------------+   |
          |   | Adj-RIB-In (Post)|      | Adj-RIB-In (Post)|   |
          |   +------------------+      +------------------+   |
          |                |                          |        |
          |      Selected -|                Selected -|        |
          |                V                          V        |
          |    +-----------------------------------------+     |
          |    |                 Loc-RIB                 |     |
          |    +-----------------------------------------+     |
          |                                                    |
          | ROUTER/BGP Instance                                |
          \----------------------------------------------------/

               Figure 1: BGP Peering Adj-RIBs-In into Loc-RIB

   The following are some use cases for Loc-RIB access:

   *  The Adj-RIB-In for a given peer post-policy may contain hundreds
      of thousands of routes, with only a handful of routes selected and
      installed in the Loc-RIB after best-path selection.  Some
      monitoring applications, such as those that need only to correlate
      flow records to Loc-RIB entries, only need to collect and monitor
      the routes that are actually selected and used.

      Requiring the applications to collect all Adj-RIB-In post-policy
      data forces the applications to receive a potentially large
      unwanted data set and to perform the BGP decision process
      selection, which includes having access to the interior gateway
      protocol (IGP) next-hop metrics.  While it is possible to obtain
      the IGP topology information using BGP - Link State (BGP-LS), it
      requires the application to implement Shortest Path First (SPF)
      and possibly Constrained Shortest Path First (CSPF) based on
      additional policies.  This is overly complex for such a simple
      application that only needs to have access to the Loc-RIB.

   *  It is common to see frequent changes over many BGP peers, but
      those changes do not always result in the router's Loc-RIB
      changing.  The change in the Loc-RIB can have a direct impact on
      the forwarding state.  It can greatly reduce the time to
      troubleshoot and resolve issues if operators have the history of
      Loc-RIB changes.  For example, a performance issue might have been
      seen for only a duration of 5 minutes.  Post-facto troubleshooting
      this issue without Loc-RIB history hides any decision-based
      routing changes that might have happened during those 5 minutes.

   *  Operators may wish to validate the impact of policies applied to
      the Adj-RIB-In by analyzing the final decision made by the router
      when installing into the Loc-RIB.  For example, in order to
      validate if multipath prefixes are installed as expected for all
      advertising peers, the Adj-RIB-In post-policy and Loc-RIB need to
      be compared.  This is only possible if the Loc-RIB is available.
      Monitoring the Adj-RIB-In for this router from another router to
      derive the Loc-RIB is likely to not show the same installed
      prefixes.  For example, the received Adj-RIB-In will be different
      if ADD-PATH [RFC7911] is not enabled or if the maximum supported
      number of equal paths is different between Loc-RIB and advertised
      routes.

   This document adds Loc-RIB to the BGP Monitoring Protocol and
   replaces Section 8.2 of [RFC7854] ("Locally Originated Routes").

1.1.  Alternative Method to Monitor Loc-RIB

   Loc-RIB is used to build Adj-RIB-Out when advertising routes to a
   peer.  It is therefore possible to derive the Loc-RIB of a router by
   monitoring the Adj-RIB-In pre-policy from another router.  This
   becomes overly complex and error prone when considering the number of
   peers being monitored per router.


         /------------------------------------------------------\
         |  ROUTER1 BGP Instance                                |
         |                                                      |
         |     +--------------------------------------------+   |
         |     |                 Loc-RIB                    |   |
         |     +--------------------------------------------+   |
         |                    |                    |            |
         |    +------------------+     +------------------+     |
         |    |   Peer-ROUTER2   |     |   Peer-ROUTER3   |     |
         |    | Adj-RIB-Out (Pre)|     | Adj-RIB-Out (Pre)|     |
         |    +------------------+     +------------------+     |
         |    Filters/Policy -|    Filters/Policy -|            |
         |                    V                    V            |
         |   +-------------------+     +-------------------+    |
         |   | Adj-RIB-Out (Post)|     | Adj-RIB-Out (Post)|    |
         |   +-------------------+     +-------------------+    |
         |              |                          |            |
         \------------- | ------------------------ | -----------/
                   BGP  |                     BGP  |
                   Peer |                     Peer |
            +------------------+          +------------------+
            |   Peer-ROUTER1   |          |   Peer-ROUTER1   |
         /--|                  |--\    /--|                  | --\
         |  | Adj-RIB-In (Pre) |  |    |  | Adj-RIB-In (Pre) |   |
         |  +------------------+  |    |  +------------------+   |
         |                        |    |                         |
         | ROUTER2/BGP Instance   |    | ROUTER3/BGP Instance    |
         \------------------------/    \-------------------------/
                     |                              |
                     v                              v
             ROUTER2 BMP Feed               ROUTER3 BMP Feed

              Figure 2: Alternative Method to Monitor Loc-RIB

   The setup needed to monitor the Loc-RIB of a router requires another
   router with a peering session to the target router that is to be
   monitored.  As shown in Figure 2, the target router Loc-RIB is
   advertised via the Adj-RIB-Out to the BMP router over a standard BGP
   peering session.  The BMP router then forwards the Adj-RIB-In pre-
   policy to the BMP receiver.

   A BMP lacking access to Loc-RIB introduces the need for additional
   resources:

   *  Requires at least two routers when only one router was to be
      monitored.

   *  Requires additional BGP peering to collect the received updates
      when peering may not have even been required in the first place.
      For example, virtual routing and forwarding (VRF) tables with no
      peers, redistributed BGP-LS with no peers, and segment routing
      egress peer engineering where no peers have link-state address
      family enabled are all situations with no preexisting BGP peers.

   Many complexities are introduced when using a received Adj-RIB-In to
   infer a router Loc-RIB:

   *  Adj-RIB-Out received as Adj-RIB-In from another router may have a
      policy applied that generates aggregates, suppresses more specific
      prefixes, manipulates attributes, or filters routes.  Not only
      does this invalidate the Loc-RIB view, it adds complexity when
      multiple BMP routers may have peering sessions to the same router.
      The BMP receiver user is left with the error-prone task of
      identifying which peering session is the best representative of
      the Loc-RIB.

   *  BGP peering is designed to work between administrative domains and
      therefore does not need to include internal system-level
      information of each peering router (e.g., the system name or
      version information).  In order to derive the Loc-RIB of a router,
      the router name or other system information is needed.  The BMP
      receiver and user are forced to do some type of correlation using
      whatever information is available in the peering session (e.g.,
      peering addresses, autonomous system numbers, and BGP
      identifiers).  This leads to error-prone correlations.

   *  Correlating BGP identifiers (BGP-ID) and session addresses to a
      router requires additional data, such as router inventory.  This
      additional data provides the BMP receiver the ability to map and
      correlate the BGP-IDs and/or session addresses but requires the
      BMP receiver to somehow obtain this data outside of the BMP.  How
      this data is obtained and the accuracy of the data directly affect
      the integrity of the correlation.

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 RFC 2119 [RFC2119] RFC 8174 [RFC8174] when, and only when, they
   appear in all capitals, as shown here.

3.  Definitions

   BGP Instance:  Refers to an instance of BGP-4 [RFC4271], and
      considerations in Section 8.1 of [RFC7854] apply to it.

   Adj-RIB-In:  As defined in [RFC4271], "The Adj-RIBs-In contains
      unprocessed routing information that has been advertised to the
      local BGP speaker by its peers."  This is also referred to as the
      "pre-policy Adj-RIB-In" in this document.

   Adj-RIB-Out:  As defined in [RFC4271], "The Adj-RIBs-Out contains the
      routes for advertisement to specific peers by means of the local
      speaker's UPDATE messages."

   Loc-RIB:  As defined in Section 1.1 of [RFC4271], "The Loc-RIB
      contains the routes that have been selected by the local BGP
      speaker's Decision Process."  Note that the Loc-RIB state as
      monitored through BMP might also contain routes imported from
      other routing protocols such as an IGP or local static routes.

   Pre-Policy Adj-RIB-Out:  The result before applying the outbound
      policy to an Adj-RIB-Out. This normally represents a similar view
      of the Loc-RIB but may contain additional routes based on BGP
      peering configuration.

   Post-Policy Adj-RIB-Out:  The result of applying the outbound policy
      to an Adj-RIB-Out. This MUST be what is actually sent to the peer.

4.  Per-Peer Header

4.1.  Peer Type

   A new peer type is defined for Loc-RIB to indicate that it represents
   the router Loc-RIB, which may have a route distinguisher (RD).
   Section 4.2 of [RFC7854] defines a Local Instance Peer type, which is
   for the case of non-RD peers that have an instance identifier.

   This document defines the following new peer type:

   *  Peer Type = 3: Loc-RIB Instance Peer

4.2.  Peer Flags

   If locally sourced routes are communicated using BMP, they MUST be
   conveyed using the Loc-RIB Instance Peer Type.

   The per-peer header flags for the Loc-RIB Instance Peer Type are
   defined as follows:

                                0 1 2 3 4 5 6 7
                               +-+-+-+-+-+-+-+-+
                               |F| | | | | | | |
                               +-+-+-+-+-+-+-+-+

   *  The F flag indicates that the Loc-RIB is filtered.  This MUST be
      set when a filter is applied to Loc-RIB routes sent to the BMP
      collector.

      The unused bits are reserved for future use.  They MUST be
      transmitted as 0, and their values MUST be ignored on receipt.

5.  Loc-RIB Monitoring

   The Loc-RIB contains all routes selected by the BGP Decision Process
   as described in Section 9.1 of [RFC4271].  These routes include those
   learned from BGP peers via its Adj-RIBs-In post-policy, as well as
   routes learned by other means as per Section 9.4 of [RFC4271].
   Examples of these include redistribution of routes from other
   protocols into BGP or those otherwise locally originated (i.e.,
   aggregate routes).

   As described in Section 6.1.2, a subset of Loc-RIB routes MAY be sent
   to a BMP collector by setting the F flag.

5.1.  Per-Peer Header

   All peer messages that include a per-peer header as defined in
   Section 4.2 of [RFC7854] MUST use the following values:

   Peer Type:  Set to 3 to indicate Loc-RIB Instance Peer.

   Peer Distinguisher:  Zero-filled if the Loc-RIB represents the global
      instance.  Otherwise, set to the route distinguisher or unique
      locally defined value of the particular instance to which the Loc-
      RIB belongs.

   Peer Address:  Zero-filled.  The remote peer address is not
      applicable.  The V flag is not applicable with the Loc-RIB
      Instance Peer Type considering addresses are zero-filled.

   Peer Autonomous System (AS):  Set to the primary router BGP
      autonomous system number (ASN).

   Peer BGP ID:  Set the ID to the router-id of the VRF instance if VRF
      is used; otherwise, set to the global instance router-id.

   Timestamp:  The time when the encapsulated routes were installed in
      the Loc-RIB, expressed in seconds and microseconds since midnight
      (zero hour), January 1, 1970 (UTC).  If zero, the time is
      unavailable.  Precision of the timestamp is implementation
      dependent.

5.2.  Peer Up Notification

   Peer Up notifications follow Section 4.10 of [RFC7854] with the
   following clarifications:

   Local Address:  Zero-filled; the local address is not applicable.

   Local Port:  Set to 0; the local port is not applicable.

   Remote Port:  Set to 0; the remote port is not applicable.

   Sent OPEN Message:  This is a fabricated BGP OPEN message.
      Capabilities MUST include the 4-octet ASN and all necessary
      capabilities to represent the Loc-RIB Route Monitoring messages.
      Only include capabilities if they will be used for Loc-RIB
      monitoring messages.  For example, if ADD-PATH is enabled for IPv6
      and Loc-RIB contains additional paths, the ADD-PATH capability
      should be included for IPv6.  In the case of ADD-PATH, the
      capability intent of advertise, receive, or both can be ignored
      since the presence of the capability indicates enough that
      additional paths will be used for IPv6.

   Received OPEN Message:  Repeat of the same sent OPEN message.  The
      duplication allows the BMP receiver to parse the expected received
      OPEN message as defined in Section 4.10 of [RFC7854].

5.2.1.  Peer Up Information

   The following Peer Up Information TLV type is added:

   *  Type = 3: VRF/Table Name.  The Information field contains a UTF-8
      string whose value MUST be equal to the value of the VRF or table
      name (e.g., RD instance name) being conveyed.  The string size
      MUST be within the range of 1 to 255 bytes.

      The VRF/Table Name TLV is optionally included to support
      implementations that may not have defined a name.  If a name is
      configured, it MUST be included.  The default value of "global"
      MUST be used for the default Loc-RIB instance with a zero-filled
      distinguisher.  If the TLV is included, then it MUST also be
      included in the Peer Down notification.

   The Information field contains a UTF-8 string whose value MUST be
   equal to the value of the VRF or table name (e.g., RD instance name)
   being conveyed.  The string size MUST be within the range of 1 to 255
   bytes.

   The VRF/Table Name TLV is optionally included to support
   implementations that may not have defined a name.  If a name is
   configured, it MUST be included.  The default value of "global" MUST
   be used for the default Loc-RIB instance with a zero-filled
   distinguisher.  If the TLV is included, then it MUST also be included
   in the Peer Down notification.

   Multiple TLVs of the same type can be repeated as part of the same
   message, for example, to convey a filtered view of a VRF.  A BMP
   receiver should append multiple TLVs of the same type to a set in
   order to support alternate or additional names for the same peer.  If
   multiple strings are included, their ordering MUST be preserved when
   they are reported.

5.3.  Peer Down Notification

   The Peer Down notification MUST use reason code 6.  Following the
   reason is data in TLV format.  The following Peer Down Information
   TLV type is defined:

   *  Type = 3: VRF/Table Name.  The Information field contains a UTF-8
      string whose value MUST be equal to the value of the VRF or table
      name (e.g., RD instance name) being conveyed.  The string size
      MUST be within the range of 1 to 255 bytes.  The VRF/Table Name
      informational TLV MUST be included if it was in the Peer Up.

5.4.  Route Monitoring

   Route Monitoring messages are used for initial synchronization of the
   Loc-RIB.  They are also used to convey incremental Loc-RIB changes.

   As described in Section 4.6 of [RFC7854], "Following the common BMP
   header and per-peer header is a BGP Update PDU."

5.4.1.  ASN Encoding

   Loc-RIB Route Monitoring messages MUST use a 4-byte ASN encoding as
   indicated in the Peer Up sent OPEN message (Section 5.2) capability.

5.4.2.  Granularity

   State compression and throttling SHOULD be used by a BMP sender to
   reduce the amount of Route Monitoring messages that are transmitted
   to BMP receivers.  With state compression, only the final resultant
   updates are sent.

   For example, prefix 192.0.2.0/24 is updated in the Loc-RIB 5 times
   within 1 second.  State compression of BMP Route Monitoring messages
   results in only the final change being transmitted.  The other 4
   changes are suppressed because they fall within the compression
   interval.  If no compression was being used, all 5 updates would have
   been transmitted.

   A BMP receiver should expect that the granularity of Loc-RIB Route
   Monitoring can vary depending on the BMP sender implementation.

5.5.  Route Mirroring

   Section 4.7 of [RFC7854] defines Route Mirroring for verbatim
   duplication of messages received.  This is not applicable to Loc-RIB
   as PDUs are originated by the router.  Any received Route Mirroring
   messages SHOULD be ignored.

5.6.  Statistics Report

   Not all Stat Types are relevant to Loc-RIB.  The Stat Types that are
   relevant are listed below:

   *  Stat Type = 8: (64-bit Gauge) Number of routes in Loc-RIB.

   *  Stat Type = 10: Number of routes in per-AFI/SAFI Loc-RIB.  The
      value is structured as: 2-byte AFI, 1-byte SAFI, followed by a
      64-bit Gauge.

6.  Other Considerations

6.1.  Loc-RIB Implementation

   There are several methods for a BGP speaker to implement Loc-RIB
   efficiently.  In all methods, the implementation emulates a peer with
   Peer Up and Down messages to convey capabilities as well as Route
   Monitor messages to convey Loc-RIB.  In this sense, the peer that
   conveys the Loc-RIB is a locally emulated peer.

6.1.1.  Multiple Loc-RIB Peers

   There MUST be at least one emulated peer for each Loc-RIB instance,
   such as with VRFs.  The BMP receiver identifies the Loc-RIB by the
   peer header distinguisher and BGP ID.  The BMP receiver uses the VRF/
   Table Name from the Peer Up information to associate a name with the
   Loc-RIB.

   In some implementations, it might be required to have more than one
   emulated peer for Loc-RIB to convey different address families for
   the same Loc-RIB.  In this case, the peer distinguisher and BGP ID
   should be the same since they represent the same Loc-RIB instance.
   Each emulated peer instance MUST send a Peer Up with the OPEN message
   indicating the address family capabilities.  A BMP receiver MUST
   process these capabilities to know which peer belongs to which
   address family.

6.1.2.  Filtering Loc-RIB to BMP Receivers

   There may be use cases where BMP receivers should only receive
   specific routes from Loc-RIB.  For example, IPv4 unicast routes may
   include internal BGP (IBGP), external BGP (EBGP), and IGP, but only
   routes from EBGP should be sent to the BMP receiver.  Alternatively,
   it may be that only IBGP and EBGP should be sent and IGP
   redistributed routes excluded.  In these cases where the Loc-RIB is
   filtered, the F flag is set to 1 to indicate to the BMP receiver that
   the Loc-RIB is filtered.  If multiple filters are associated with the
   same Loc-RIB, a table name MUST be used in order to allow a BMP
   receiver to make the right associations.

6.1.3.  Changes to Existing BMP Sessions

   In case of any change that results in the alteration of behavior of
   an existing BMP session, i.e., changes to filtering and table names,
   the session MUST be bounced with a Peer Down / Peer Up sequence.

7.  Security Considerations

   The same considerations as in Section 11 of [RFC7854] apply to this
   document.  Implementations of this protocol SHOULD require that
   sessions only be established with authorized and trusted monitoring
   devices.  It is also believed that this document does not introduce
   any additional security considerations.

8.  IANA Considerations

   IANA has assigned new parameters to the "BGP Monitoring Protocol
   (BMP) Parameters" registry (https://www.iana.org/assignments/bmp-
   parameters/).

8.1.  BMP Peer Type

   IANA has registered the following new peer type (Section 4.1):

                   +===========+=======================+
                   | Peer Type | Description           |
                   +===========+=======================+
                   | 3         | Loc-RIB Instance Peer |
                   +-----------+-----------------------+

                           Table 1: BMP Peer Type

8.2.  BMP Loc-RIB Instance Peer Flags

   IANA has renamed "BMP Peer Flags" to "BMP Peer Flags for Peer Types 0
   through 2" and created a new registry named "BMP Peer Flags for Loc-
   RIB Instance Peer Type 3".

   This document defines peer flags that are specific to the Loc-RIB
   Instance Peer Type.  IANA has registered the following in the "BMP
   Peer Flags for Loc-RIB Instance Peer Type 3" registry:

                           +======+=============+
                           | Flag | Description |
                           +======+=============+
                           | 0    | F flag      |
                           +------+-------------+

                              Table 2: Loc-RIB
                             Instance Peer Type

   As noted in Section 4.2, the F flag indicates that the Loc-RIB is
   filtered.  This indicates that the Loc-RIB does not represent the
   complete routing table.

   Flags 1 through 7 are unassigned.  The registration procedure for the
   registry is Standards Action.

8.3.  Peer Up Information TLV

   IANA has renamed the "BMP Initiation Message TLVs" registry to "BMP
   Initiation and Peer Up Information TLVs".  Section 4.4 of [RFC7854]
   indicates that both Initiation and Peer Up share the same information
   TLVs.  This document defines the following new BMP Peer Up
   Information TLV type (Section 5.2.1):

                         +======+================+
                         | Type | Description    |
                         +======+================+
                         | 3    | VRF/Table Name |
                         +------+----------------+

                            Table 3: BMP Peer Up
                            Information TLV Type

   The Information field contains a UTF-8 string whose value MUST be
   equal to the value of the VRF or table name (e.g., RD instance name)
   being conveyed.  The string size MUST be within the range of 1 to 255
   bytes.

8.4.  Peer Down Reason Code

   IANA has registered the following new BMP Peer Down reason code
   (Section 5.3):

             +======+=======================================+
             | Type | Description                           |
             +======+=======================================+
             | 6    | Local system closed, TLV data follows |
             +------+---------------------------------------+

                    Table 4: BMP Peer Down Reason Code

8.5.  Deprecated Entries

   Per this document, IANA has marked the F Flag entry in the "BMP Peer
   Flags for Peer Types 0 through 2" registry as "deprecated".

9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC4271]  Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A
              Border Gateway Protocol 4 (BGP-4)", RFC 4271,
              DOI 10.17487/RFC4271, January 2006,
              <https://www.rfc-editor.org/info/rfc4271>.

   [RFC7854]  Scudder, J., Ed., Fernando, R., and S. Stuart, "BGP
              Monitoring Protocol (BMP)", RFC 7854,
              DOI 10.17487/RFC7854, June 2016,
              <https://www.rfc-editor.org/info/rfc7854>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

9.2.  Informative References

   [RFC7911]  Walton, D., Retana, A., Chen, E., and J. Scudder,
              "Advertisement of Multiple Paths in BGP", RFC 7911,
              DOI 10.17487/RFC7911, July 2016,
              <https://www.rfc-editor.org/info/rfc7911>.

Acknowledgements

   The authors would like to thank John Scudder, Jeff Haas, and Mukul
   Srivastava for their valuable input.

Authors' Addresses

   Tim Evens
   Cisco Systems
   2901 Third Avenue, Suite 600
   Seattle, WA 98121
   United States of America

   Email: tievens@cisco.com


   Serpil Bayraktar
   Menlo Security
   800 W El Camino Real, Suite 250
   Mountain View, CA 94040
   United States of America

   Email: serpil.bayraktar@menlosecurity.com


   Manish Bhardwaj
   Cisco Systems
   3700 Cisco Way
   San Jose, CA 95134
   United States of America

   Email: manbhard@cisco.com


   Paolo Lucente
   NTT Communications
   Siriusdreef 70-72
   2132 Hoofddorp
   Netherlands

   Email: paolo@ntt.net