| < draft-ietf-bier-ospf-bier-extensions-16.txt | draft-ietf-bier-ospf-bier-extensions-17.txt > | |||
|---|---|---|---|---|
| OSPF P. Psenak, Ed. | OSPF P. Psenak, Ed. | |||
| Internet-Draft N. Kumar | Internet-Draft N. Kumar | |||
| Intended status: Standards Track IJ. Wijnands | Intended status: Standards Track IJ. Wijnands | |||
| Expires: September 13, 2018 Cisco | Expires: October 5, 2018 Cisco | |||
| A. Dolganow | A. Dolganow | |||
| Nokia | Nokia | |||
| T. Przygienda | T. Przygienda | |||
| J. Zhang | J. Zhang | |||
| Juniper Networks, Inc. | Juniper Networks, Inc. | |||
| S. Aldrin | S. Aldrin | |||
| Google, Inc. | Google, Inc. | |||
| March 12, 2018 | April 3, 2018 | |||
| OSPFv2 Extensions for BIER | OSPFv2 Extensions for BIER | |||
| draft-ietf-bier-ospf-bier-extensions-16.txt | draft-ietf-bier-ospf-bier-extensions-17.txt | |||
| Abstract | Abstract | |||
| Bit Index Explicit Replication (BIER) is an architecture that | Bit Index Explicit Replication (BIER) is an architecture that | |||
| provides multicast forwarding through a "BIER domain" without | provides multicast forwarding through a "BIER domain" without | |||
| requiring intermediate routers to maintain multicast related per-flow | requiring intermediate routers to maintain multicast related per-flow | |||
| state. Neither does BIER require an explicit tree-building protocol | state. Neither does BIER require an explicit tree-building protocol | |||
| for its operation. A multicast data packet enters a BIER domain at a | for its operation. A multicast data packet enters a BIER domain at a | |||
| "Bit-Forwarding Ingress Router" (BFIR), and leaves the BIER domain at | "Bit-Forwarding Ingress Router" (BFIR), and leaves the BIER domain at | |||
| one or more "Bit-Forwarding Egress Routers" (BFERs). The BFIR router | one or more "Bit-Forwarding Egress Routers" (BFERs). The BFIR router | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 13, 2018. | This Internet-Draft will expire on October 5, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2018 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 7, line 43 ¶ | skipping to change at page 7, line 43 ¶ | |||
| Prefix TLV. It does not introduce any new security risks to OSPF. | Prefix TLV. It does not introduce any new security risks to OSPF. | |||
| Existing security extensions as described in [RFC2328] and [RFC7684] | Existing security extensions as described in [RFC2328] and [RFC7684] | |||
| apply. | apply. | |||
| It is assumed that both BIER and OSPF layer is under a single | It is assumed that both BIER and OSPF layer is under a single | |||
| administrative domain. There can be deployments where potential | administrative domain. There can be deployments where potential | |||
| attackers have access to one or more networks in the OSPF routing | attackers have access to one or more networks in the OSPF routing | |||
| domain. In these deployments, stronger authentication mechanisms | domain. In these deployments, stronger authentication mechanisms | |||
| such as those specified in [RFC7474] SHOULD be used. | such as those specified in [RFC7474] SHOULD be used. | |||
| The Security Considerations section of [RFC8279] discusses the | ||||
| possibility of performing a Denial of Service (DoS) attack by setting | ||||
| too many bits in the BitString of a BIER-encapsulated packet. | ||||
| However, this sort of DoS attack cannot be initiated by modifying the | ||||
| OSPF BIER advertisements specified in this document. A BFIR decides | ||||
| which systems are to receive a BIER-encapsulated packet. In making | ||||
| this decision, it is not influenced by the OSPF control messages. | ||||
| When creating the encapsulation, the BFIR sets one bit in the | ||||
| encapsulation for each destination system. The information in the | ||||
| OSPF BIER advertisements is used to construct the forwarding tables | ||||
| that map each bit in the encapsulation into a set of next hops for | ||||
| the host that is identified by that bit, but is not used by the BFIR | ||||
| to decide which bits to set. Hence an attack on the OSPF control | ||||
| plane cannot be used to cause this sort of DoS attack. | ||||
| While a BIER-encapsulated packet is traversing the network, a BFR | ||||
| that receives a BIER-encapsulated packet with n bits set in its | ||||
| BitString may have to replicate the packet and forward multiple | ||||
| copies. However, a given bit will only be set in one copy of the | ||||
| packet. That means that each transmitted replica of a received | ||||
| packet has fewer bits set (i.e., is targeted to fewer destinations) | ||||
| than the received packet. This is an essential property of the BIER | ||||
| forwarding process as defined in [RFC8279]. While a failure of this | ||||
| process might cause a DoS attack (as discussed in the Security | ||||
| Considerations of [RFC8279]), such a failure cannot be caused by an | ||||
| attack on the OSPF control plane. | ||||
| Implementations MUST assure that malformed TLV and Sub-TLV defined in | Implementations MUST assure that malformed TLV and Sub-TLV defined in | |||
| this document are detected and do not provide a vulnerability for | this document are detected and do not provide a vulnerability for | |||
| attackers to crash the OSPF router or routing process. Reception of | attackers to crash the OSPF router or routing process. Reception of | |||
| malformed TLV or Sub-TLV SHOULD be counted and/or logged for further | malformed TLV or Sub-TLV SHOULD be counted and/or logged for further | |||
| analysis. Logging of malformed TLVs and Sub-TLVs SHOULD be rate- | analysis. Logging of malformed TLVs and Sub-TLVs SHOULD be rate- | |||
| limited to prevent a Denial of Service (DoS) attack (distributed or | limited to prevent a Denial of Service (DoS) attack (distributed or | |||
| otherwise) from overloading the OSPF control plane. | otherwise) from overloading the OSPF control plane. | |||
| 4. IANA Considerations | 4. IANA Considerations | |||
| skipping to change at page 8, line 24 ¶ | skipping to change at page 8, line 49 ¶ | |||
| 5. Acknowledgments | 5. Acknowledgments | |||
| The authors would like to thank Rajiv Asati, Christian Martin, Greg | The authors would like to thank Rajiv Asati, Christian Martin, Greg | |||
| Shepherd and Eric Rosen for their contribution. | Shepherd and Eric Rosen for their contribution. | |||
| 6. Normative References | 6. Normative References | |||
| [I-D.ietf-bier-isis-extensions] | [I-D.ietf-bier-isis-extensions] | |||
| Ginsberg, L., Przygienda, T., Aldrin, S., and Z. Zhang, | Ginsberg, L., Przygienda, T., Aldrin, S., and Z. Zhang, | |||
| "BIER support via ISIS", draft-ietf-bier-isis- | "BIER support via ISIS", draft-ietf-bier-isis- | |||
| extensions-09 (work in progress), February 2018. | extensions-11 (work in progress), March 2018. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, | [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, | |||
| DOI 10.17487/RFC2328, April 1998, | DOI 10.17487/RFC2328, April 1998, | |||
| <https://www.rfc-editor.org/info/rfc2328>. | <https://www.rfc-editor.org/info/rfc2328>. | |||
| End of changes. 6 change blocks. | ||||
| 5 lines changed or deleted | 32 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||