BGP Labeled Unicast Interoperability Challenges

Jeff Tantsura left me tantalizing hint after reading the BGP Labeled Unicast on Cisco IOS blog post:

Read carefully “Relationship between SAFI-4 and SAFI-1 Routes” section in RFC 8277

The start of that section doesn’t look promising (and it gets worse):

It is possible that a BGP speaker will receive both a SAFI-11 route for prefix P and a SAFI-42 route for prefix P. Different implementations treat this situation in different ways.

Now for the details:

For example, some implementations may regard SAFI-1 routes and SAFI-4 routes as completely independent and may treat them in a “ships in the night” fashion.

That’s how Arista EOS treats them.

Other implementations may treat the SAFI-1 and SAFI-4 routes for a given prefix as comparable, such that the best route to prefix P is either a SAFI-1 route or a SAFI-4 route but not both.

That would be Cisco IOS.

Some implementations may allow a single BGP session to carry UPDATEs of both SAFI-1 and SAFI-4; other implementations may disallow this.

Both Cisco IOS and Arista EOS can carry SAFI-1 and SAFI-4 updates over the same BGP session. IOS XR is a bit different – see the comment by Fred Cuiller for more details.

A BGP speaker may receive a SAFI-4 route over a given BGP session but may have other BGP sessions for which SAFI-4 is not enabled. In this case, the BGP speaker MAY convert the SAFI-4 route to a SAFI-1 route and then propagate the result over the session on which SAFI-4 is not enabled. Whether this is done is a matter of local policy.

Cisco IOS automatically converts SAFI-1 route into SAFI-4 route and vice versa. I couldn’t find a nerd knob that would configure similar behavior on Arista EOS.

Considering all the implementation differences and potential local policies, how can we ever build a multi-vendor environment using BGP Labeled Unicast? The last paragraph of Section 5 of RFC 8277 gives a depressing answer:

These differences in the behavior of different implementations may result in unexpected behavior or lack of interoperability. In some cases, it may be difficult or impossible to achieve the desired policies with certain implementations or combinations of implementations.

In other words, it’s broken beyond repair. I thought we reached the low point of interoperability with SIP or (early) EVPN, but the networking industry never ceases to amaze me.

  1. Unlabeled IPv4 or IPv6 prefix. See Three Dimensions of BGP Address Family Nerd Knobs for more details. ↩︎

  2. IPv4 or IPv6 prefix with one or more MPLS labels attached to it. ↩︎

Add comment