Network Working Group S. Zhuang Internet-Draft N. Geng Intended status: Standards Track H. Wang Expires: 9 May 2026 Huawei Technologies 5 November 2025 Enhancement for Monitoring VRF’s Loc-RIB draft-zhuang-grow-bmp-enhancement-for-vrf-loc-rib-00 Abstract BMP Loc-RIB [RFC9069] enforces that the BMP router sets the Peer Address value of a VPN route information to zero, and sets the Peer Distinguisher value of a VPN route information to the route distinguisher or unique locally defined value of the particular instance the Loc-RIB belongs to. This document introduces the option to communicate the Remote VRF Information from which a VPN route was received when reporting that VPN route information with BMP Loc-RIB. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 RFC 2119 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 9 May 2026. Zhuang, et al. Expires 9 May 2026 [Page 1] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. TLV Encoding . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1. Remote VRF Information TLV . . . . . . . . . . . . . . . 5 2.2. VPN Label TLV . . . . . . . . . . . . . . . . . . . . . . 6 2.3. VPN SRv6 SID TLV . . . . . . . . . . . . . . . . . . . . 6 3. Operations . . . . . . . . . . . . . . . . . . . . . . . . . 7 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 5. Security Considerations . . . . . . . . . . . . . . . . . . . 8 6. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 8 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 8.1. Normative References . . . . . . . . . . . . . . . . . . 9 8.2. Informative References . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 1. Introduction The generation of BGP Adj-RIB-In, Loc-RIB and Adj-RIB-Out comes from BGP route exchange and route policy processing. BGP Monitoring Protocol (BMP) provides the monitoring of BGP Adj-RIB-In [RFC7854], BGP Loc-RIB [RFC9069] and BGP Adj-RIB-Out [RFC8671]. Using BMP Loc- RIB [RFC9069], the Peer Address field of a Per-Peer header is Zero- filled, and the Peer Distinguisher value of a VPN route information is setted to the route distinguisher or unique locally defined value of the particular instance the Loc-RIB belongs to. The following usecase is used as an example to describe the problems faced by the current solution. Zhuang, et al. Expires 9 May 2026 [Page 2] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 +-------+ | BMP | |Server | +---+---+ / / /lo0:10.10.10.1 lo0:10.10.10.2 +---+---+ +-------+ | PE1 +-----+ +--------+ PE2 | +-------+ | | +-------+ VPN11(RD11,I-RT1)| | VPN21(RD21,E-RT1)---CE21(Prefix P1) | | VPN22(RD22,E-RT1)---CE22(Prefix P1) | | VPN23(RD23,E-RT1)---CE23(Prefix P1) +-+----+-+ | RR | lo0:10.10.10.100 +--------+ | | | +-------+ +------+ PE3 | lo0:10.10.10.3 +-------+ VPN31(RD31,E-RT1)---CE31(Prefix P1) Figure 1: Monitoring VRF?s Loc-RIB PE1, PE2, and PE3 establish BGP VPNv4 peer sessions with the RR, as shown in the above figure, PE1 receives multiple VPNv4 routes with the address prefix P1: +-----+-------+-----------+-----------+-------------+----+------+ | RD | Prefix| Nexthop | Originator| Peer Address| RT | Label| +-----+-------+-----------+-----------+-------------+----+------+ | RD21| P1 | 10.10.10.2| 10.10.10.2| 10.10.10.100| RT1| L21 | +-----+-------+-----------+-----------+-------------+----+------+ | RD22| P1 | 10.10.10.2| 10.10.10.2| 10.10.10.100| RT1| L22 | +-----+-------+-----------+-----------+-------------+----+------+ | RD23| P1 | 10.10.10.2| 10.10.10.2| 10.10.10.100| RT1| L23 | +-----+-------+-----------+-----------+-------------+----+------+ | RD31| P1 | 10.10.10.3| 10.10.10.3| 10.10.10.100| RT1| L31 | +-----+-------+-----------+-----------+-------------+----+------+ ... Figure 2: VPNv4 Routes in PE1 Zhuang, et al. Expires 9 May 2026 [Page 3] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 The above 4 routes carry the route target RT1 and the import route target of the VPN instance VPN11 of PE1 is RT1, VPN11 of PE1 will selects one route from the 4 routes as the best route, for example, the route with RD22, and import the route with RD22 to the routing table of the VPN instance VPN11 of PE1. +-------+-----------+-----------+-------------+----+------+----+ | Prefix| Nexthop | Originator| Peer Address| RT | Label|R-RD| +-------+-----------+-----------+-------------+----+------+----+ | P1 | 10.10.10.2| 10.10.10.2| 10.10.10.100| RT1| L22 |RD22| +-------+-----------------------+-------------+----+------+----+ ... Figure 3: VPN Routes in the routing table of the VPN instance VPN11 PE1 uses the solution defined in RFC9069 to report the Loc-RIB route information in VPN11 to the BMP server. Prefix: P1 Nexthop: 10.10.10.2 Peer Distinguisher: RD11 --> The RD of VPN11 on PE1 Peer Address: 0.0.0.0 Peer BGP ID: 10.10.10.1 --> The router-id of the VRF instance VPN11 Figure 4: The Loc-RIB routing information in VPN11 to the BMP server PE1 reports the Loc-RIB routing information in VPN11 to the BMP server through an RM message. Problem: After obtaining the above route information via the RM message, the BMP server cannot deduce the remote VPN instance information corresponding to the VPN route information because the reported information does not contain the remote device address and the RD of the remote VPN instance. When reporting the Loc-RIB routing information in VPN11 to the BMP server by using an RM message, PE1 reports the remote device address and the RD of the remote VPN instance by using TLVs newly added in this draft. 2. TLV Encoding This section describes a solution based on BMPv4 TLVs. Section 2.1 describes a BMPv4 TLV used to convey the Remote VRF Information TLV. Section 2.2 and 2.3 introduces optional TLVs to report the label/SRv6 ID carried in the remote VPN route. Zhuang, et al. Expires 9 May 2026 [Page 4] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 2.1. Remote VRF Information TLV The format of the Remote VRF Information TLV is defined as follows: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Information Type | Information Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |G| Index | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | AFI | SAFI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Remote BGP ID | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Remote Route Distinguisher | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Remote Route Distinguisher (Cont.) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 5: The format of the Remote VRF Information TLV Where: Information Type: indicates a Remote VRF Information TLV, the value is TBD1. Information Length: indicates the length of the value of the Remote VRF Information TLV, it excludes the 2 octets of the index field. Index: The Index field is 2-byte long of which the top-most bit, G-bit, is used to flag a Group Index. It is defined in [I-D.ietf-grow-bmp-tlv]. AFI: address family information SAFI: sub-address family information Remote BGP ID: remote peer address or BGP ID or Originater Remote Route Distinguisher: indicates the RD of the remote VPN instance. Zhuang, et al. Expires 9 May 2026 [Page 5] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 2.2. VPN Label TLV In some usecases, the label carried in the remote VPN route needs to be reported. Therefore, the following TLV are defined in this document: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Information Type | Information Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |G| Index | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | MPLS Label for Remote VPN Route | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 6: The format of the VPN Label TLV Where: Information Type: indicates a VPN Label TLV, the value is TBD2. Information Length: indicates the length of the value of the VPN Label TLV, it excludes the 2 octets of the index field. Index: The Index field is 2-byte long of which the top-most bit, G-bit, is used to flag a Group Index. It is defined in [I-D.ietf-grow-bmp-tlv]. MPLS Label for Remote VPN Route: indicates the MPLS Label of the remote VPN route. 2.3. VPN SRv6 SID TLV In some usecases, the SRv6 ID carried in the remote VPN route needs to be reported. Therefore, the following TLV are defined in this document: Zhuang, et al. Expires 9 May 2026 [Page 6] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Information Type | Information Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |G| Index | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | SRv6 SID for Remote VPN Route | | | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 7: The format of the VPN SRv6 SID TLV Where: Information Type: indicates a VPN SRv6 SID TLV, the value is TBD3. Information Length: indicates the length of the value of the VPN SRv6 SID TLV, it excludes the 2 octets of the index field. Index: The Index field is 2-byte long of which the top-most bit, G-bit, is used to flag a Group Index. It is defined in [I-D.ietf-grow-bmp-tlv]. SRv6 SID for Remote VPN Route: indicates the SRv6 SID of the remote VPN route. 3. Operations As described in section 1, when PE1 reports the Loc-RIB routing information in VPN11 to the BMP server through an RM message, PE1 reports the remote device address and the RD of the remote VPN instance through the Remote VRF Information TLV defined in this draft, as shown in the following: Prefix: P1 Nexthop: 10.10.10.2 Peer Distinguisher: RD11 --> The RD of VPN11 on PE1 Peer Address: 0.0.0.0 Peer BGP ID: 10.10.10.1 --> The router-id of the VRF instance VPN11 Remote BGP ID: 10.10.10.2 --> The remote peer address or BGP ID or Originater Remote Route Distinguisher: RD22 --> The RD of the remote VPN instance Figure 8: The Loc-RIB routing information in VPN11 to the BMP server Zhuang, et al. Expires 9 May 2026 [Page 7] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 After obtaining the above route information via the RM message, the BMP server can deduce the remote VPN instance information corresponding to the VPN route information via the reported information in the Remote VRF Information TLV. In some usecases, the label/SRv6 ID carried in the remote VPN route needs to be reported, as described in section 1, when PE1 reports the Loc-RIB routing information in VPN11 to the BMP server through an RM message, it can report the label/SRv6 ID carried in the remote VPN route as following: Prefix: P1 Nexthop: 10.10.10.2 Peer Distinguisher: RD11 --> The RD of VPN11 on PE1 Peer Address: 0.0.0.0 Peer BGP ID: 10.10.10.1 --> The router-id of the VRF instance VPN11 Remote BGP ID: 10.10.10.2 --> The remote peer address or BGP ID or Originater Remote Route Distinguisher: RD22 --> The RD of the remote VPN instance (Optional)Label: L22 or (Optional)SRv6 SID: SID22 Figure 9: The Loc-RIB routing information in VPN11 to the BMP server 4. IANA Considerations TBD 5. Security Considerations The same considerations as in Section 11 of [RFC7854] apply to this document. Implementations of this protocol SHOULD require that sessions only be established with authorized and trusted monitoring devices. It is also believed that this document does not introduce any additional security considerations. 6. Contributors The following people made significant contributions to this document: To be added. 7. Acknowledgements The authors would like to acknowledge the review and inputs from xxx. Zhuang, et al. Expires 9 May 2026 [Page 8] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 8. References 8.1. Normative References [I-D.ietf-grow-bmp-tlv] Lucente, P. and Y. Gu, "BMP v4: TLV Support for BGP Monitoring Protocol (BMP) Route Monitoring and Peer Down Messages", Work in Progress, Internet-Draft, draft-ietf- grow-bmp-tlv-19, 10 October 2025, . [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC2918] Chen, E., "Route Refresh Capability for BGP-4", RFC 2918, DOI 10.17487/RFC2918, September 2000, . [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, DOI 10.17487/RFC4271, January 2006, . [RFC7313] Patel, K., Chen, E., and B. Venkatachalapathy, "Enhanced Route Refresh Capability for BGP-4", RFC 7313, DOI 10.17487/RFC7313, July 2014, . [RFC7854] Scudder, J., Ed., Fernando, R., and S. Stuart, "BGP Monitoring Protocol (BMP)", RFC 7854, DOI 10.17487/RFC7854, June 2016, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . [RFC8671] Evens, T., Bayraktar, S., Lucente, P., Mi, P., and S. Zhuang, "Support for Adj-RIB-Out in the BGP Monitoring Protocol (BMP)", RFC 8671, DOI 10.17487/RFC8671, November 2019, . Zhuang, et al. Expires 9 May 2026 [Page 9] Internet-Draft bmp-vrf-loc-rib-enhancement November 2025 [RFC9069] Evens, T., Bayraktar, S., Bhardwaj, M., and P. Lucente, "Support for Local RIB in the BGP Monitoring Protocol (BMP)", RFC 9069, DOI 10.17487/RFC9069, February 2022, . 8.2. Informative References [RFC5291] Chen, E. and Y. Rekhter, "Outbound Route Filtering Capability for BGP-4", RFC 5291, DOI 10.17487/RFC5291, August 2008, . Authors' Addresses Shunwan Zhuang Huawei Technologies Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Email: zhuangshunwan@huawei.com Nan Geng Huawei Technologies Huawei Bld., No.156 Beiqing Rd. Beijing 100053 China Email: gengnan@huawei.com Haibo Wang Huawei Technologies Huawei Bld., No.156 Beiqing Rd. Beijing 100095 China Email: rainsword.wang@huawei.com Zhuang, et al. Expires 9 May 2026 [Page 10]