<?xml version="1.0" encoding="us-ascii"?>

<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!-- One method to get references from the online citation libraries.
     There has to be one entity for each item to be referenced. 
     An alternate method (rfc include) is described in the references. -->
     
<!ENTITY RFC2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY RFC4271 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4271.xml">
]>

<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<?rfc strict="no" ?>
<?rfc toc="yes" ?>
<?rfc symrefs="yes" ?>
<?rfc sortrefs="yes"?>
<?rfc compact="yes" ?>
<?rfc subcompact="no" ?>
<rfc category="std" docName="draft-hares-idr-update-attrib-low-bits-fix-01" ipr="trust200902"
     updates="4271">
  
  <front>
    <title abbrev="Low Bits Clarification"> Update Attribute Flag Low Bits Clarification</title>

      <author fullname="Susan Hares" initials="S" surname="Hares">
      <organization>Huawei Technologies (USA)</organization>
      <address>
        <postal>
          <street>2330 Central Expressway</street>
          <!-- Reorder these if your country does things differently -->
          <city>Santa Clara</city>
          <region>CA</region>
          <code>95050</code>
          <country>USA</country>
        </postal>
        <email>Susan.Hares@huawei.com</email>
        <!-- uri and facsimile elements may also be added -->
      </address>
    </author>

    <author fullname="John Scudder" initials="J"
            surname="Scudder">
      <organization>Juniper Networks</organization>

      <address>
        <postal>
          <street>1194 N. Mathilda Ave</street>
          <!-- Reorder these if your country does things differently -->
          <city>Sunnyvale</city>
          <region>CA</region>
          <code>94089</code>
          <country>USA</country>
        </postal>
        <email>jgs@juniper.net</email>
        <!-- uri and facsimile elements may also be added -->
      </address>
    </author>

    <date month="February" year="2013" />
    <area>Routing</area>
    <workgroup>InterDomain Routing Group (IDR) </workgroup>
    <abstract>
	<t> This draft provides an update to RFC 4721 to clarify the use of the lower-order four bits
            of the Attribute flag in the Update message. 
        </t> 
    </abstract>
    
  </front>
  <middle>
    <section title="Introduction" toc="default">
      <t></t>
      <t> <xref target="RFC4271"></xref> specifies in section 4.3 that that the low order four bits of the 
	  the Attribute Flags octet are unused, and MUST be zero when sent. There is a disagreement on what when sent
	  means. This draft specifies the meaning. </t> 
      <t></t>
      <t> The issue has been that one school of thought considers that "when sent" means when originated. 
           Another holds that "when sent" means when originated or propagated.  This draft takes the second
           approach of "when sent" being when originated or propagated. 
      </t>
      <t>  The real issue is that reserved flags are only useful if there is some hope of someday using them
           for something. If implementations reset these flags on propagation, 
           then a future revision to the BGP specification
           which introduces a new flag will not be able to propagate the new attribute flag end to end, 
           since it would be very likely that some well-meaning intermediate router would zero on it. 
           The effort to roll out implementations that transited the new flag would almost certainly be prohibitive.
       </t> 

   </section>
    <section anchor="PathAddrFlag" title="Change to RFC 4271 Section 4.3" toc="default">
	<t></t> 

         <figure title="" suppress-title="false" align="center" alt="" width="" height="">
          <artwork xml:space="preserve" name="" type="" align="center" alt="" width="" height=""><![CDATA[

               0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
               |  Attr. Flags  |Attr. Type Code|
               +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

	
	 Original Text: 
	 
         The lower-order four bits of the Attribute Flags octet are
         unused.  They MUST be zero when sent and MUST be ignored when
         received

	 Corrected Text: 

         The lower-order four bits of the Attribute Flags octet are
         unused.  They MUST be zero when originated or sent.  
         When received, any MUST be accepted and ignored. 
]]>
          </artwork>
      </figure>
    <t></t>
    </section> 

    <section anchor="implement" title="Known BGP Implementation Habits" toc="default">
       <t>
	The following are BGP implementation habits regarding the unused flag bits
		<list style="symbols">
		<t> always ignore bits received, and always send zero (originated or propagated); </t>  
		<t> always ignore bits received, always send zero bits (originated), and propagate what was received; </t>
		<t> if non-zero bits are received, drop the peering session; </t> 
                <t> by special condition (policy) handle set bits or set bits, and propagate;and </t>  
		<t> always sets bits under special conditions, and propagates bits.</t> 
		</list>
        </t>
	 <t>The reset of BGP sessions based on non-zero bits has been documented at:</t>
	<t> http://mailman.nanog.org/pipermail/nanog/2012-November/053754.html </t> 

	<t> Compliance with this draft, as well as <xref target="RFC4271"></xref>, means 
	    that routers should not reset BGP sessions if if non-zero lower bits are received.</t>
   </section>
    
    <section anchor="IANA" title="IANA Considerations">
      <t>This document includes no request to IANA.</t>
    </section>
    
    <section anchor="Security" title="Security Considerations">      
      <t>This document has no new security cases.</t> 
      <t> It clarifies some BGP UPDATE packet flag values
         and thus may aid in improving BGP security. In particular,
         it makes it even clearer that routers must not reset a 
         session upon receiving unexpected flag values. Behaving
         otherwise exposes a router to a denial-of-service attack
         since a distant party might be able to inject such flag
         values.</t>      
    </section>

  </middle>

  <back>
    <references title="Normative References">
      &RFC2119;
      &RFC4271;     
    </references>
  </back>
</rfc>
