Considerations about Multicast for BGP/MPLS VPN Standardization

Section 5.2.10 of states "The operation of a multicast VPN solution SHALL be as light as possible and providing automatic configuration and discovery SHOULD be a priority when designing a multicast VPN solution. Particularly the operational burden of setting up multicast on a PE or for a VR/VRF SHOULD be as low as possible". The current solution document addresses this requirement by proposing two different mechanisms for MVPN auto-discovery: BGP-based auto-discovery (described in section 4). Discovery using PIM running on a MI-PMSI implemented with a shared tree using multicast ASM, or MP2MP LDP with the same common tree identifier configured in all VRFs of an MVPN. It is the recommendation of the authors that BGP-based auto-discovery is the preferred solution for auto-discovery and should be supported by all implementations while PIM/shared-tree based auto-discovery should be optionally considered for migration purpose only. Part of the rationale for this recommendation is also based on section 5.2.10 of which states "as far as possible, the design of a solution SHOULD carefully consider the number of protocols within the core network: if any additional protocols are introduced compared with the unicast VPN service, the balance between their advantage and operational burden SHOULD be examined thoroughly". BGP is the auto-discovery protocol used in unicast (RFC4364) VPNs and therefore the use of BGP-based auto-discovery within multicast VPNs avoids the introduction of an additional auto-discovery protocol that would require additional OAM processes and tools. Service providers with deployed unicast (RFC4364) VPNs already have extensive deployment and operations experience of using BGP as an auto-discovery protocol including OAM processes and tools. Such processes and tools will require modifications in order to support multicast auto-discovery but those modifications are anticipated to be less than those required to develop new processes and tools for a specific auto-discovery protocol. Additionally, BGP supports MD5 authentication of its peers for additional security. In contrast, there are no obvious authentication mechanisms to secure PIM communications in any known implementation. Furthermore, PIM based discovery is only applicable to deployments using a shared tree on an MI-PMSI, whereas BGP-based auto-discovery does not place any restrictions on the type of multicast trees that can be used. BGP-based auto-discovery is independent of the type of P-multicast tree used thus satisfying the requirement in section 5.2.4.1 of that "a multicast VPN solution SHOULD be designed so that control and forwarding planes are not interdependent". Additionally, it is to be noted that a number of service providers have chosen to use SSM-based trees for the default MDTs within their current deployments, therefore relying already on BGP-based auto-discovery. When shared trees are used, the use of BGP auto-discovery would allow inconsistencies in the addresses/identifiers used for the shared trees to be detected (e.g. the same shared tree identifier being used for different VPNs with distinct BGP route targets). This is particularly attractive in the context of inter-AS VPNs where the impact of any misconfiguration could be magnified and where a single service provider may not operate all the ASs. The authors note that, in order to support the coexistence of both protocols (for example during migration scenarios), implementations could support both alternatives by providing a per-VRF configuration knob that would allow recognizing new PIM neighbors based on the reception of PIM hellos on a shared P-multicast tree, even for neighbors that did not advertise a BGP auto-discovery route.

The current solution document proposes two mechanisms for S-PMSI Signaling: A new UDP-based TLV protocol specifically for S-PMSI signaling (described in section 7.2.1). A BGP-based mechanism for S-PMSI signaling (described in section 7.2.2). It is the recommendation of the authors that BGP is the preferred solution for S-PMSI signaling and should be supported by all implementations while the UDP-based S-PMSI signaling protocol should be considered optional. Part of the rationale for this recommendation is similar to that for BGP-based auto-discovery and is based on section 5.2.10 of and the desire to avoid introducing and deploying additional protocols unless strictly necessary. Furthermore: The BGP-based S-PMSI signaling mechanism can be used within MVPNs using either a UI-PMSI or a MI-PMSI while the UDP-based protocol is restricted to use within MVPNs using an MI-PMSI. The BGP-based S-PMSI signaling mechanism can be efficiently used in an inter-AS option B deployment context while the use of the UDP-based protocol does not preserve AS routing independence when used in an inter-AS option B context (i.e. the decision by a PE in an AS to use an S-PMSI for a given customer flow will impact routing state in other ASes). Co-existence with unicast inter-AS VPN options is strongly encouraged by section 5.2.6 of. The BGP-based S-PMSI signaling supports all the functionality and all the operational contexts that are supported by UDP-based protocol (and more). BGP supports MD5 authentication of its peers for additional security. In contrast, there are no obvious authentication mechanisms to secure PIM communications in any known implementation. Therefore, it is the opinion of the authors that BGP is the preferred solution for performing S-PMSI signaling. However, the authors recognize that the UDP-based protocol has been in deployment for some time and would recommend that implementations supporting both protocols optionally provide a per-VRF configuration knob to allow an implementation to use the UDP-based TLV protocol for S-PMSI signaling for specific VRFs in order to support the coexistence of both protocols (for example during migration scenarios). Apart from such migration-facilitating mechanisms, the authors specifically do not recommend extending the already proposed UDP-based TLV protocol to new types of P-multicast trees. Section 7.2.2.3 of proposes two approaches for how a source PE can decide when to start transmitting customer multicast traffic on a S-PMSI: The source PE sends multicast packets for the <C-S, C-G> on both the I-PMSI P-multicast tree and the S-PMSI P-multicast tree simultaneously for a pre-configured period of time, letting the receiver PEs select the new tree for reception, before switching to only the S-PMSI. The source PE waits for a pre-configured period of time after advertising the <C-S, C-G> entry bound to the S-PMSI before fully switching the traffic onto the S-PMSI-bound P-multicast tree. The first alternative has essentially two drawbacks: <C-S,C-G> traffic is sent twice for some period of time, which would appear to be at odds with the motivation for switching to an S-PMSI in order to optimize the bandwidth used by the multicast tree for that stream. It is unlikely that the switchover can occur without packet loss or duplication if the transit delays of the I-PMSI P-multicast tree and the S-PMSI P-multicast tree differ. By contrast, the second alternative has none of these drawbacks, and satisfy the requirement in section 5.1.3 of, which states that "[...] a multicast VPN solution SHOULD as much as possible ensure that client multicast traffic packets are neither lost nor duplicated, even when changes occur in the way a client multicast data stream is carried over the provider network". The second alternative also happen to be the one used in existing deployments. For these reasons, it is the authors' recommendation to mandate the implementation of the second alternative for switching to S-PMSI.

The current solution document proposes multiple mechanisms for PE-PE transmission of customer multicast routing information: Full per-MVPN PIM peering across an MI-PMSI (described in section 5.2.1). Lightweight PIM peering across an MI-PMSI (described in section 5.2.2) The unicasting of PIM C-Join/Prune messages (described in section 5.2.3) The use of BGP for carrying C-Multicast routing (described in section 5.3). The first mechanism (full per-MVPN PIM peering across an MI-PMSI) is the mechanism used by and therefore it is deployed and operating in MVPNs today. The authors recognize that because full per-MVPN PIM peering has been in deployment for some time support for this mechanism may be required for backwards compatibility and in order to facilitate migration towards alternative PE-PE protocols. Section 4.2.4 of recommends that "a multicast VPN solution SHOULD support several hundreds of PEs per multicast VPN, and MAY usefully scale up to thousands" and section 4.2.5 states that "a solution SHOULD scale up to thousands of PEs having multicast service enabled". At those scales of multicast deployment within a large VPN, the first and third mechanisms require PEs to maintain a large number of PIM adjacencies with other PEs within the same MVPN and to regularly exchange PIM hellos with each other and refresh C-Join/Prune state. The third mechanism would reduce the amount of C-Join/Prune processing by PEs when they are not the upstream neighbor for a given multicast flow, but would : require explicit tracking related state to be maintained by PEs when they are the upstream PE for a said customer flow, and require refresh reduction mechanisms to be used to be applicable. The second mechanism (lightweight PIM peering across an MI-PMSI) would operate in a similar manner to full per-MVPN PIM peering except that PIM hellos are not transmitted and PIM C-Join/Prune refresh reduction would be used, thereby improving scalability. The fourth mechanism (the use of BGP for carrying C-Multicast routing) has to solve roughly the same intrinsic scalability related difficulties as the other three mechanisms, but because it is based on TCP it has no refresh-related scalability limit, and inherits some BGP features that are expected to improve scalability through, for instance, providing a means to offload some of the processing burden associated with client multicast routing onto BGP route reflectors. Furthermore, co-existence with unicast inter-AS VPN options, and an equal level of security for multicast and unicast including in an inter-AS context, are specifically mentioned in sections 5.2.6, 5.2.8 and 5.2.12 of. The first three mechanisms impose direct PE to PE communications which means that they do not apply well to an inter-AS option B context, because of security and robustness issues that are involved by such a level of reachability and interaction between PEs in different ASes. Their use in an inter-AS context is possible, but not without limitations or additional engineering design trade-offs depending upon the interconnect types. By comparison, the fourth option (the use of BGP for carrying C-Multicast routing) does not have any of the above limitations related to inter-AS deployments, and also provides an additional alternative to facilitate such deployments through the possibility of using segmented inter-AS trees. Moreover, mechanisms one and two are restricted to use within MVPNs using an MI-PMSI, thereby necessitating: The use of a P-multicast tree technique that allows shared trees (for example PIM-SM in ASM mode or MP2MP LDP). The use of one P-multicast tree per PE per VPN, even for PEs that do not have sources in their directly attached sites for that VPN. By comparison, the fourth mechanism doesn't impose either of these restrictions. Additionally, the fourth mechanism (the use of BGP for carrying C-Multicast routing) would appear to fit well with the current unicast architecture as BGP is the customer routing distribution protocol used in unicast VPNs and therefore using BGP for customer routing distribution within multicast VPNs avoids the introduction of an additional protocol that would require additional OAM processes and tools. Service provider's with deployed unicast (RFC4364) VPNs already have extensive deployment and operations experience of using BGP as a customer routing distribution protocol including OAM processes and tools. Such processes and tools will require modification in order to support customer multicast routing but those modifications are anticipated to be less than those required to develop new processes and tools for a distinct customer routing protocol. It should be noted that because PIM will be used as the CE-PE customer routing distribution protocol, service providers will still need OAM processes and tools in order to manage the PIM protocol, so this rationale only applies to a subset of the tools and processes already in place. Additionally, BGP supports MD5 authentication of its peers for additional security. In contrast, there are no obvious authentication mechanisms to secure PIM communications in any known implementation. An illustrative example of the benefit brought by consistency with unicast design is how the "extranet" feature can be implemented : when BGP-based mechanisms are used, the well defined and well understood BGP route target import/export semantics are just reused. By contrast, it is not specified how implementing the same feature would be done in the context of other alternative mechanism, and unclear if this is possible without significant engineering trade-offs. Note that the support for such a feature is stated as a MUST in sections 5.1.6 of. Section 5.2.10 of states that "as far as possible, the design of a solution SHOULD carefully consider the number of protocols within the core network: if any additional protocols are introduced compared with the unicast VPN service, the balance between their advantage and operational burden SHOULD be examined thoroughly". Considering that the recommendation of the authors would be BGP for auto-discovery and S-PMSI signalling, the choice of BGP for customer multicast routing would be consistent with the protocol choice for unicast VPNs and would adequately address this requirement. BGP-based customer multicast routing clearly presents some advantages over the PIM-based alternatives. However it has yet to be deployed within an operational MVPN, and service providers currently lack experience of its implementation. By contrast, experience proves that PIM-based mechanisms are operationally viable, but with well identified limitations. Some of those limitations may be improved upon (although there is currently no clearly defined proposal to do this), however some of the limitations appear to be intrinsic to the approach. Moreover to improve the clarity of the proposed specifications, considering that neither hello suppression nor refresh reduction procedures are currently specified or documented and that it is not clear what the impact to the PIM state machine of these additional procedures may be, the authors recommend that the proposals for lightweight PIM peering across an MI-PMSI (the second mechanism) and for the unicasting of PIM C-Join/Prune messages (the third mechanism) be removed from the current solution document until the additional PIM hello and refresh reduction procedures have been well specified and both their impact and benefit on an MPVN deployment is understood. Consequently, at the present time and until there is experience with all of the proposed mechanisms it is not clear which of the above mechanisms should be recommended as the preferred solution to implementers. However, it would appear prudent for implementations to consider supporting both the fourth (BGP-based) and first (full per-MPVN PIM peering) mechanisms. Further experience on both implementation is likely to be required before some best practice can be defined.

In this section the authors will not make any restricting recommendations as the appropriateness of a specific core (P) data plane technology will depend on a large number of factors, for example the service provider's currently deployed unicast data plane, many of which are service provider specific. However, implementations should not unreasonably restrict the data plane technology that can be used, and should not force the use of the same technology for different VPNs attached to a single PE. Initial implementations may only support a reduced set of encapsulation techniques and data plane technologies but this should not be considered a limiting factor that hinders future support for other encapsulation techniques, data plane technologies or interoperability. Section 5.2.4.1 of states "In a multicast VPN solution extending a unicast L3 PPVPN solution, consistency in the tunneling technology has to be favored: such a solution SHOULD allow the use of the same tunneling technology for multicast as for unicast. Deployment consistency, ease of operation and potential migrations are the main motivations behind this requirement." Current unicast VPN deployments use a variety of LDP, RSVP-TE and GRE/IP for encapsulating customer packets for transport across the provider core of VPN services. It is recommended that implementations support the three corresponding multicast tree encapsulations techniques, namely: mLDP, P2MP RSVP-TE and GRE/IP multicast in order to allow the same encapsulations to be used for unicast and multicast traffic as well as facilitating migration from to an MPLS label based encapsulation.

There are a number of scenarios that lead to the requirement for inter-AS multicast VPNs, including: A service provider may have a large network that they have segmented into a number of ASs. A service provider's multicast VPN may consist of a number of ASs due to aquisitions and mergers with other service providers. A service provider may wish to interconnect their multicast VPN platform with that of another service provider. The first scenario can be considered the "simplest" because the network is wholly managed by a single service provider under a single strategy and is therefore likely to use a consistent set of technologies across each AS. The second scenario may be more complex than the first because the strategy and technology choices made for each AS may have been different due to their differing history and the service provider may not have (or may be unwilling to) unified the strategy and technology choices for each AS. The third scenario is the most complex because in addition to the complexity of the second scenario, the ASs are managed by different service providers and therefore may be subject to a different trust model than the other scenarios. Section 5.2.6 of states "A solution MUST support inter-AS multicast VPNs, and SHOULD support inter-provider multicast VPNs. Considerations about coexistence with unicast inter-AS VPN Options A, B and C (as described in section 10 of [RFC4364]) are strongly encouraged." and "A multicast VPN solution SHOULD provide inter-AS mechanisms requiring the least possible coordination between providers, and keep the need for detailed knowledge of providers' networks to a minimum - all this being in comparison with corresponding unicast VPN options." Section 8 of addresses these requirements by proposing two approaches for mVPN inter-AS deployments: Segmented inter-AS tunnels where each AS constructs its own separate multicast tunnels which are then 'stitched' together by the ASBRs (described in section 8.2). Non-segmented inter-AS tunnels where the multicast tunnels are end-to-end across ASes, so even though the PEs belonging to a given MVPN may be in different ASs the ASBRs play no special role and function merely as P routers (described in section 8.1). Section 5.2.6 of also states "Within each service provider the service provider SHOULD be able on its own to pick the most appropriate tunneling mechanism to carry (multicast) traffic among PEs (just like what is done today for unicast)". Segmented inter-AS tunnels is the only solution that is capable of meeting this requirement. The segmented inter-AS solution would appear to offer the largest degree of deployment flexibility to operators, however the non-segmented inter-AS solution can simplify deployment in a restricted number of scenarios and only supports the non-segmented inter-AS solution and therefore the non-segmented inter-AS solution is likely to be required by some operators for backward compatibility and during migration from to . The applicability of segmented or non-segmented inter-AS tunnels to a given deployment or inter-provider interconnect will depend on a number of factors specific to each service provider. However, due to the additional deployment flexibility offered by segmented inter-AS tunnels, it is the recommendation of the authors that all implementations should support the segmented inter-AS model. Additionally, the authors recommend that implementations should consider supporting the non-segmented inter-AS model in order to facilitate co-existence with existing deployments, and as a feature to provide a lighter engineering in a restricted set of scenarios, although it is recognised that initial implementations may only support one or the other. Additionally, the authors note that the proposed BGP-based approaches for S-PMSI signaling and C-multicast routing information distribution provide a good fit with both segmented and non-segmented inter-AS tunnels. In contrast the UDP-TLV based approach for S-PMSI signaling appears to be incompatible with segmented inter-AS tunnels, and it is unclear if the proposed PIM-based approaches for C-multicast routing information distribution would be fully applicable to segmented inter-AS tunnels.