| Internet-Draft | bmp-rel-enhancement | June 2026 |
| Geng, et al. | Expires 5 December 2026 | [Page] |
The Route Event Logging (REL) message is defined in [I-D.ietf-grow-bmp-rel], which enables monitored routers to report event-driven operational data to BMP collectors.¶
This document defines additional event code points for BGP FlowSpec RFC8955 [RFC8956] and BGP SR Policies [I-D.ietf-idr-sr-policy-safi]. These extensions enhance monitoring visibility for policy execution failures and improve network operation and troubleshooting capabilities.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 5 December 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
BGP Adj-RIB-In, Loc-RIB, and Adj-RIB-Out are generated through BGP route exchange and routing policy processing. The BGP Monitoring Protocol (BMP) provides comprehensive monitoring for BGP Adj-RIB-In [RFC7854], BGP Loc-RIB [RFC9069], and BGP Adj-RIB-Out [RFC8671].¶
The Route Event Logging (REL) message defined in [I-D.ietf-grow-bmp-rel] is designed to deliver event-driven fault logs and runtime status information from network devices to BMP monitoring servers.¶
In modern networks, BGP FlowSpec and BGP SR Policy are widely deployed for traffic filtering, redirection and segment routing traffic engineering. However, existing BMP REL mechanisms lack dedicated event logging for common failure scenarios of these advanced BGP features.¶
This document supplements new REL event types to cover typical abnormal failures of BGP FlowSpec and BGP SR Policy, filling the monitoring gap for policy control and forwarding execution anomalies.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
The Log Action TLV is defined in [I-D.ietf-grow-bmp-rel]. The first byte defines the nature of the logging event, and additional data may follow depending on the code point. The following code points are defined for BGP FlowSpec in this document:¶
TBD1 = Redirect-to-VRF-Fail. The BGP FlowSpec redirect-to-VRF action is defined in [RFC8955]. This event indicates that a received FlowSpec redirect-to-VRF action cannot be resolved, installed, or executed on the monitored device for the target Virtual Routing and Forwarding (VRF) instance. For example, the target VRF instance may be unavailable or the corresponding redirect action may fail during local processing. Data contains a UTF-8 diagnostic string.¶
TBD2 = Redirect-to-Nexthop-Fail. The BGP FlowSpec redirect-to-IP action is defined in [I-D.ietf-idr-flowspec-redirect-ip]. This event indicates that a received FlowSpec redirect-to-IP action cannot be resolved, installed, or executed on the monitored device for the target IPv4 or IPv6 next hop. Data contains a UTF-8 diagnostic string.¶
TBD3 = Redirect-to-SR-Policy-Fail. This event indicates that a received FlowSpec action that redirects traffic to an SR Policy cannot be resolved, installed, or executed on the monitored device. For example, the referenced SR Policy may be unavailable or may not provide a usable forwarding behavior when the FlowSpec action is processed. Data contains a UTF-8 diagnostic string.¶
TBD4 = FlowSpec-Validation-Fail. The BGP FlowSpec validation procedure is defined in [RFC8955]. This event indicates that a received FlowSpec route fails the FlowSpec validation procedure on the monitored device. This event is distinct from failures that occur while locally resolving, installing, or executing a FlowSpec traffic action. Data contains a UTF-8 diagnostic string.¶
The UTF-8 diagnostic string is intended to provide additional implementation-specific information for troubleshooting. Its format is not specified by this document. When available, the diagnostic string SHOULD describe the local reason that caused the event to be generated. The Log Action code point defines the common semantics of the reported event.¶
Log Action TLV is defined in [I-D.ietf-grow-bmp-rel], the first byte defines the nature of the logging, depending on the code point additional data may follow. The following code points are defined for BGP SR Policies in this document:¶
TBD5 = Invalid-Candidate-Path. This event indicates that a candidate path is considered invalid. The validity of a candidate path is described in Section 5 of [RFC9256]. Data contains a UTF-8 string whose value can be organized freely by an implementation and is meant to give additional information about why the log was made.¶
TBD6 = Invalid-Segment-List. This event indicates that a segment list of a candidate path is considered invalid. The validity of a segment list is described in Section 5 of [RFC9256]. Data contains a UTF-8 string whose value can be organized freely by an implementation and is meant to give additional information about why the log was made.¶
TBD7 = Exceeded-Spec-Limit. Data contains a UTF-8 string to indicate violations including exceeding the maximum number of SR Policies or Segment Lists.¶
The UTF-8 diagnostic string is intended to provide additional implementation-specific information for troubleshooting. Its format is not specified by this document. When available, the diagnostic string SHOULD describe the local reason that caused the event to be generated. The Log Action code point defines the common semantics of the reported event.¶
A monitored device may receive FlowSpec routes and SR Policy routes from controllers, route reflectors, or adjacent BGP peers. When the device detects a failure while validating or locally processing those routes or their associated actions, it reports the corresponding event and diagnostic information to the configured BMP monitoring collector using a BMP REL message.¶
BMP monitoring collectors SHOULD record, analyze, and correlate these extended routing events with the relevant BMP route or policy context when available. These events can be used for real-time alarming and offline fault diagnosis.¶
The failure events defined in this document do not define a corresponding recovery indication. Operators should use these events together with other BMP information and local operational state to determine whether the reported condition is still present.¶
This document inherits all security requirements and considerations documented in Section 11 of [RFC7854]. BMP control sessions SHOULD only be established between authenticated and trusted monitoring devices to prevent unauthorized access to network internal routing information.¶
The UTF-8 diagnostic strings carried in extended REL events may contain sensitive data such as VRF names, policy identifiers and network address prefixes. Operators are recommended to properly isolate BMP monitoring data and restrict access permissions.¶
No new protocol interactions or message modes are introduced in this extension. Therefore, no additional security risks are introduced beyond the baseline BMP protocol.¶
This document requests IANA to assign seven new code points in the BMP Log Action TLV Registry established by [I-D.ietf-grow-bmp-rel].¶
The requested code point assignments are as follows:¶
Redirect-to-VRF-Fail (TBD1)¶
Redirect-to-Nexthop-Fail (TBD2)¶
Redirect-to-SR-Policy-Fail (TBD3)¶
FlowSpec-Validation-Fail (TBD4)¶
Invalid-Candidate-Path (TBD5)¶
Invalid-Segment-List (TBD6)¶
Exceeded-Spec-Limit (TBD7)¶
After permanent code points are allocated, all TBD markers will be replaced in subsequent document revisions.¶
Many thanks to the comments from Jeffrey Haas.¶