| Internet-Draft | BMP Multi-Instance | April 2026 |
| Wu, et al. | Expires 24 October 2026 | [Page] |
The BGP Monitoring Protocol (BMP), as defined in RFC 7854, provides a means for monitoring BGP sessions. In deployments where a single device runs multiple BGP instances simultaneously - typically a base instance together with one or more additional instances, each identified by an Instance Name and potentially running in a separate process with an independent Router-ID and Autonomous System (AS) number - the existing BMP message format does not allow a Monitoring Station to distinguish peers or routes belonging to different BGP instances on the same monitored router.¶
This document defines a new BMP Type-Length-Value (TLV) element, the BGP Instance Name TLV, that carries the Instance Name of the BGP instance associated with a given peer or route. Following the TLV extension framework defined in [I-D.ietf-grow-bmp-tlv], the new TLV MAY appear in Peer Up Notification, Peer Down Notification, Route Monitoring, Statistics Report, and Route Mirroring messages. The TLV enables a Monitoring Station to unambiguously attribute monitored BGP information to the correct BGP instance on the monitored router.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 24 October 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The BGP Monitoring Protocol (BMP) [RFC7854] defines a mechanism by which a monitored router sends BGP-related state to a BMP Monitoring Station. Each monitored BGP peer is identified on the wire by a Per-Peer Header that carries fields such as Peer Type, Peer Flags, Peer Distinguisher, Peer Address, Peer AS, Peer BGP ID, and a timestamp.¶
On modern routing platforms it is increasingly common to run multiple, independent BGP instances on the same physical device. A typical deployment comprises:¶
Instances on the same device are strictly isolated: they MAY use identical or different AS numbers, MAY have independent Router-IDs, and are typically implemented in distinct operating-system processes. Each instance independently maintains its own set of BGP peers, address families, and routing tables. BGP instances and VRFs are orthogonal concepts: a given BGP instance may itself host multiple VRFs.¶
When such a device is monitored through a single BMP session (or even through multiple BMP sessions multiplexed to the same Monitoring Station), the BMP messages produced by the different BGP instances become indistinguishable. Two peers located in different BGP instances may share the same Peer Address, Peer AS, and Peer BGP ID, and a given prefix may legitimately appear in more than one instance with a different best path. As a result, the Monitoring Station cannot correctly attribute state to the originating BGP instance.¶
This document addresses this gap by defining a new TLV element - the BGP Instance Name TLV - that carries the Instance Name of the BGP instance associated with the BMP message. The TLV is defined within the TLV extension framework of [I-D.ietf-grow-bmp-tlv], which extends RFC 7854 to support TLV-encoded optional data across all BMP message types.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
This document uses the following terms:¶
A monitored router running multiple BGP instances produces BMP messages whose Per-Peer Headers are, taken in isolation, insufficient to identify the originating BGP instance. Specifically:¶
Consequently, when a Monitoring Station receives a Route Monitoring or Peer Up message from such a router, it cannot reliably attribute the reported information to a specific BGP instance. This is problematic for operations such as per-instance route-table reconstruction, per-instance policy auditing, and per-instance fault isolation.¶
This document resolves the ambiguity by tagging BMP messages with the Instance Name of the originating BGP instance.¶
This document defines a new TLV, the BGP Instance Name TLV, using the TLV encoding and semantics of [I-D.ietf-grow-bmp-tlv]. The TLV carries the Instance Name of the BGP instance with which the enclosing BMP message is associated.¶
The BGP Instance Name TLV is encoded as follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |E| Type = TBD | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | ~ BGP Instance Name (variable, UTF-8) ~ | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The BGP Instance Name TLV describes a property of the BGP peer (and therefore of the BGP instance) that originates the enclosing BMP message. The TLV is therefore defined to apply at the scope of the whole BMP message rather than at the scope of an individual NLRI within a Route Monitoring message. In the terminology of [I-D.ietf-grow-bmp-tlv], it is a global TLV ("G-Type").¶
A BMP message SHOULD contain at most one BGP Instance Name TLV. If a receiver encounters more than one BGP Instance Name TLV in the same BMP message, it MUST use the first occurrence and MUST ignore subsequent occurrences.¶
When this document is implemented, the monitored router SHOULD include the BGP Instance Name TLV in every BMP message emitted on behalf of a non-default BGP instance. The monitored router MAY include the TLV for messages originated by the BGP base instance; when the TLV is omitted, the Monitoring Station SHOULD treat the message as originating from the BGP base instance.¶
The BGP Instance Name TLV MAY be carried in the following BMP message types:¶
This document does not define the carriage of the BGP Instance Name TLV in Initiation or Termination messages. Initiation and Termination describe properties of the BMP session itself rather than of an individual BGP instance. Future documents MAY define such usage if required by new use cases.¶
For Route Monitoring, Statistics Report, Peer Down, and Route Mirroring messages, the BGP Instance Name TLV is encoded in the optional TLV area defined by [I-D.ietf-grow-bmp-tlv]. For Peer Up messages, the TLV is carried in the Peer Up Information TLVs area, using the registry defined by [RFC9736].¶
The BGP Instance Name conveyed in Peer Up for a given peer MUST remain constant for the lifetime of the BMP-monitored peering session. A Peer Down Notification for that peer SHOULD carry the same BGP Instance Name TLV, to allow the Monitoring Station to correlate the teardown with the corresponding Peer Up even in the presence of message reordering or partial state loss.¶
Because a BGP instance is a property of the peer rather than of each individual route, the Instance Name is, strictly speaking, redundant once the Monitoring Station has received the Peer Up message for a peer. Nevertheless, including the BGP Instance Name TLV in Route Monitoring, Statistics Report, and Route Mirroring messages provides the following operational benefits:¶
Implementations SHOULD make the inclusion of the BGP Instance Name TLV in high-volume message types (notably Route Monitoring) configurable, so that operators may trade off per-message self-containment against the additional bandwidth and processing overhead imposed by repeated Instance Names.¶
The length of the Instance Name is bounded only by the BMP message framing. Operators SHOULD choose short, stable Instance Names to limit per-message overhead.¶
A Monitoring Station that does not implement this extension will treat the BGP Instance Name TLV as an unknown TLV. Per [I-D.ietf-grow-bmp-tlv], unknown TLVs are silently ignored; legacy Monitoring Stations therefore remain interoperable with monitored routers that emit the new TLV.¶
In mixed deployments where legacy Monitoring Stations are present, operators SHOULD ensure that BGP instance disambiguation is achieved by some other means (for example, by using separate BMP sessions per BGP instance, or by arranging that peer addresses are unique across instances).¶
A Monitoring Station that implements this extension but receives BMP messages from a legacy monitored router - i.e., a router that does not emit the BGP Instance Name TLV - SHOULD treat such messages as originating from the BGP base instance.¶
This document defines a new TLV for use within BMP messages and does not alter the underlying BMP transport, authentication, or authorization model. The security considerations of [RFC7854] and [I-D.ietf-grow-bmp-tlv] therefore apply unchanged.¶
The BGP Instance Name is administratively assigned on the monitored router and may reveal information about the internal structure of the operator's network (for example, the existence and naming of tenant-specific or service-specific BGP instances). Operators who regard Instance Names as sensitive SHOULD ensure that BMP sessions are carried over a confidential and integrity-protected transport, as recommended by [RFC7854].¶
A misbehaving or compromised monitored router could emit forged or misleading BGP Instance Name TLVs. Monitoring Stations SHOULD NOT take policy or control actions based solely on the value of the BGP Instance Name without additional authentication of the monitored router.¶
This document requests that IANA allocate one new code point in each of the following registries under the "BGP Monitoring Protocol (BMP) Parameters" registry group, referring to this document.¶
IANA is requested to allocate a new code point in the "BMP Peer Up and Peer Down TLVs" registry (as defined by [I-D.ietf-grow-bmp-tlv], updating [RFC9736]):¶
| Value | Description | Reference |
|---|---|---|
| TBD | BGP Instance Name | This document |
IANA is requested to allocate a new code point in the "BMP Route Monitoring TLVs" registry (as defined by [I-D.ietf-grow-bmp-tlv]):¶
| Value | Description | Reference |
|---|---|---|
| TBD | BGP Instance Name | This document |
IANA is requested to allocate a new code point in the "BMP Statistics TLVs" registry (as defined by [I-D.ietf-grow-bmp-tlv]):¶
| Value | Description | Reference |
|---|---|---|
| TBD | BGP Instance Name | This document |
IANA is requested to allocate a new code point in the "BMP Route Mirroring TLVs" registry [RFC7854]:¶
| Value | Description | Reference |
|---|---|---|
| TBD | BGP Instance Name | This document |
It is RECOMMENDED that IANA assign the same numeric code point across all of the above registries, for consistency of implementation. The Value field for each allocation is defined in Section 4 of this document.¶