| Internet-Draft | bmp-vrf-loc-rib-enhancement | November 2025 |
| Zhuang, et al. | Expires 9 May 2026 | [Page] |
BMP Loc-RIB [RFC9069] enforces that the BMP router sets the Peer Address value of a VPN route information to zero, and sets the Peer Distinguisher value of a VPN route information to the route distinguisher or unique locally defined value of the particular instance the Loc-RIB belongs to. This document introduces the option to communicate the Remote VRF Information from which a VPN route was received when reporting that VPN route information with BMP Loc-RIB.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 RFC 2119 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 9 May 2026.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The generation of BGP Adj-RIB-In, Loc-RIB and Adj-RIB-Out comes from BGP route exchange and route policy processing. BGP Monitoring Protocol (BMP) provides the monitoring of BGP Adj-RIB-In [RFC7854], BGP Loc-RIB [RFC9069] and BGP Adj-RIB-Out [RFC8671]. Using BMP Loc-RIB [RFC9069], the Peer Address field of a Per-Peer header is Zero-filled, and the Peer Distinguisher value of a VPN route information is setted to the route distinguisher or unique locally defined value of the particular instance the Loc-RIB belongs to. The following usecase is used as an example to describe the problems faced by the current solution.¶
+-------+
| BMP |
|Server |
+---+---+
/
/
/lo0:10.10.10.1 lo0:10.10.10.2
+---+---+ +-------+
| PE1 +-----+ +--------+ PE2 |
+-------+ | | +-------+
VPN11(RD11,I-RT1)| | VPN21(RD21,E-RT1)---CE21(Prefix P1)
| | VPN22(RD22,E-RT1)---CE22(Prefix P1)
| | VPN23(RD23,E-RT1)---CE23(Prefix P1)
+-+----+-+
| RR | lo0:10.10.10.100
+--------+
|
|
| +-------+
+------+ PE3 | lo0:10.10.10.3
+-------+
VPN31(RD31,E-RT1)---CE31(Prefix P1)
Figure 1: Monitoring VRF?s Loc-RIB
¶
PE1, PE2, and PE3 establish BGP VPNv4 peer sessions with the RR, as shown in the above figure, PE1 receives multiple VPNv4 routes with the address prefix P1:¶
+-----+-------+-----------+-----------+-------------+----+------+
| RD | Prefix| Nexthop | Originator| Peer Address| RT | Label|
+-----+-------+-----------+-----------+-------------+----+------+
| RD21| P1 | 10.10.10.2| 10.10.10.2| 10.10.10.100| RT1| L21 |
+-----+-------+-----------+-----------+-------------+----+------+
| RD22| P1 | 10.10.10.2| 10.10.10.2| 10.10.10.100| RT1| L22 |
+-----+-------+-----------+-----------+-------------+----+------+
| RD23| P1 | 10.10.10.2| 10.10.10.2| 10.10.10.100| RT1| L23 |
+-----+-------+-----------+-----------+-------------+----+------+
| RD31| P1 | 10.10.10.3| 10.10.10.3| 10.10.10.100| RT1| L31 |
+-----+-------+-----------+-----------+-------------+----+------+
...
Figure 2: VPNv4 Routes in PE1
¶
The above 4 routes carry the route target RT1 and the import route target of the VPN instance VPN11 of PE1 is RT1, VPN11 of PE1 will selects one route from the 4 routes as the best route, for example, the route with RD22, and import the route with RD22 to the routing table of the VPN instance VPN11 of PE1.¶
+-------+-----------+-----------+-------------+----+------+----+
| Prefix| Nexthop | Originator| Peer Address| RT | Label|R-RD|
+-------+-----------+-----------+-------------+----+------+----+
| P1 | 10.10.10.2| 10.10.10.2| 10.10.10.100| RT1| L22 |RD22|
+-------+-----------------------+-------------+----+------+----+
...
Figure 3: VPN Routes in the routing table of the VPN instance VPN11
¶
PE1 uses the solution defined in RFC9069 to report the Loc-RIB route information in VPN11 to the BMP server.¶
Prefix: P1
Nexthop: 10.10.10.2
Peer Distinguisher: RD11 --> The RD of VPN11 on PE1
Peer Address: 0.0.0.0
Peer BGP ID: 10.10.10.1 --> The router-id of the VRF instance VPN11
Figure 4: The Loc-RIB routing information in VPN11 to the BMP server
¶
PE1 reports the Loc-RIB routing information in VPN11 to the BMP server through an RM message.¶
Problem: After obtaining the above route information via the RM message, the BMP server cannot deduce the remote VPN instance information corresponding to the VPN route information because the reported information does not contain the remote device address and the RD of the remote VPN instance.¶
When reporting the Loc-RIB routing information in VPN11 to the BMP server by using an RM message, PE1 reports the remote device address and the RD of the remote VPN instance by using TLVs newly added in this draft.¶
This section describes a solution based on BMPv4 TLVs. Section 2.1 describes a BMPv4 TLV used to convey the Remote VRF Information TLV. Section 2.2 and 2.3 introduces optional TLVs to report the label/SRv6 ID carried in the remote VPN route.¶
The format of the Remote VRF Information TLV is defined as follows:¶
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Information Type | Information Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|G| Index |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AFI | SAFI |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote BGP ID |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote Route Distinguisher |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Remote Route Distinguisher (Cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 5: The format of the Remote VRF Information TLV
¶
Where:¶
Information Type: indicates a Remote VRF Information TLV, the value is TBD1.¶
Information Length: indicates the length of the value of the Remote VRF Information TLV, it excludes the 2 octets of the index field.¶
Index: The Index field is 2-byte long of which the top-most bit, G-bit, is used to flag a Group Index. It is defined in [I-D.ietf-grow-bmp-tlv].¶
AFI: address family information¶
SAFI: sub-address family information¶
Remote BGP ID: remote peer address or BGP ID or Originater¶
Remote Route Distinguisher: indicates the RD of the remote VPN instance.¶
In some usecases, the label carried in the remote VPN route needs to be reported. Therefore, the following TLV are defined in this document:¶
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Information Type | Information Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|G| Index |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| MPLS Label for Remote VPN Route |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 6: The format of the VPN Label TLV
¶
Where:¶
Information Type: indicates a VPN Label TLV, the value is TBD2.¶
Information Length: indicates the length of the value of the VPN Label TLV, it excludes the 2 octets of the index field.¶
Index: The Index field is 2-byte long of which the top-most bit, G-bit, is used to flag a Group Index. It is defined in [I-D.ietf-grow-bmp-tlv].¶
MPLS Label for Remote VPN Route: indicates the MPLS Label of the remote VPN route.¶
In some usecases, the SRv6 ID carried in the remote VPN route needs to be reported. Therefore, the following TLV are defined in this document:¶
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Information Type | Information Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|G| Index |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
| SRv6 SID for Remote VPN Route |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Figure 7: The format of the VPN SRv6 SID TLV
¶
Where:¶
Information Type: indicates a VPN SRv6 SID TLV, the value is TBD3.¶
Information Length: indicates the length of the value of the VPN SRv6 SID TLV, it excludes the 2 octets of the index field.¶
Index: The Index field is 2-byte long of which the top-most bit, G-bit, is used to flag a Group Index. It is defined in [I-D.ietf-grow-bmp-tlv].¶
SRv6 SID for Remote VPN Route: indicates the SRv6 SID of the remote VPN route.¶
As described in section 1, when PE1 reports the Loc-RIB routing information in VPN11 to the BMP server through an RM message, PE1 reports the remote device address and the RD of the remote VPN instance through the Remote VRF Information TLV defined in this draft, as shown in the following:¶
Prefix: P1
Nexthop: 10.10.10.2
Peer Distinguisher: RD11 --> The RD of VPN11 on PE1
Peer Address: 0.0.0.0
Peer BGP ID: 10.10.10.1 --> The router-id of the VRF instance VPN11
Remote BGP ID: 10.10.10.2 --> The remote peer address or BGP ID or Originater
Remote Route Distinguisher: RD22 --> The RD of the remote VPN instance
Figure 8: The Loc-RIB routing information in VPN11 to the BMP server
¶
After obtaining the above route information via the RM message, the BMP server can deduce the remote VPN instance information corresponding to the VPN route information via the reported information in the Remote VRF Information TLV.¶
In some usecases, the label/SRv6 ID carried in the remote VPN route needs to be reported, as described in section 1, when PE1 reports the Loc-RIB routing information in VPN11 to the BMP server through an RM message, it can report the label/SRv6 ID carried in the remote VPN route as following:¶
Prefix: P1
Nexthop: 10.10.10.2
Peer Distinguisher: RD11 --> The RD of VPN11 on PE1
Peer Address: 0.0.0.0
Peer BGP ID: 10.10.10.1 --> The router-id of the VRF instance VPN11
Remote BGP ID: 10.10.10.2 --> The remote peer address or BGP ID or Originater
Remote Route Distinguisher: RD22 --> The RD of the remote VPN instance
(Optional)Label: L22 or (Optional)SRv6 SID: SID22
Figure 9: The Loc-RIB routing information in VPN11 to the BMP server
¶
The same considerations as in Section 11 of [RFC7854] apply to this document. Implementations of this protocol SHOULD require that sessions only be established with authorized and trusted monitoring devices. It is also believed that this document does not introduce any additional security considerations.¶
The following people made significant contributions to this document:¶
To be added.¶
The authors would like to acknowledge the review and inputs from xxx.¶