idnits 2.17.1 draft-abraitis-bgp-version-capability-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (August 29, 2020) is 1336 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC5246' is defined on line 294, but no explicit reference was found in the text ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group D. Abraitis 3 Internet-Draft Hostinger 4 Intended status: Informational August 29, 2020 5 Expires: March 2, 2021 7 Software Version Capability for BGP 8 draft-abraitis-bgp-version-capability-08 10 Abstract 12 In this document, we introduce a new BGP capability that allows the 13 advertisement of a BGP speaker's routing daemon version. 15 This BGP capability is an optional advertisement. Implementations 16 are not required to advertise the version nor to process received 17 advertisements. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at https://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on March 2, 2021. 36 Copyright Notice 38 Copyright (c) 2020 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (https://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 2. Specification of Requirements . . . . . . . . . . . . . . . . 2 55 3. Software Version Capability . . . . . . . . . . . . . . . . . 3 56 3.1. Capabilities Length Overflow . . . . . . . . . . . . . . 4 57 4. Operation . . . . . . . . . . . . . . . . . . . . . . . . . . 4 58 4.1. Example Usage . . . . . . . . . . . . . . . . . . . . . . 5 59 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 60 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 61 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 62 7.1. Normative References . . . . . . . . . . . . . . . . . . 6 63 7.2. Informative References . . . . . . . . . . . . . . . . . 7 64 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 66 1. Introduction 68 In modern data center designs, we tend to have conventional routers 69 participating in the routing process. And the fleet of routers has 70 different versions of routing daemon. This means that knowing which 71 versions of the routing daemons are running the various routers in 72 the network can be a crucial factor in quickly identifying the root 73 cause of any protocol or network problems. 75 This BGP capability is an optional advertisement. Implementations 76 are not required to advertise the version nor to process received 77 advertisements. 79 Information about the version of the routing daemon could also be 80 exchanged in protocols such as LLDP and CDP. However, in 81 containerized environments, it is very hard and not recommended to 82 exchange this information between background processes. Therefore, 83 and to help minimize operational costs, it is helpful to exchange the 84 routing daemon information between BGP peers directly. 86 2. Specification of Requirements 88 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 89 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 90 "OPTIONAL" in this document are to be interpreted as described in BCP 91 14 [RFC2119] [RFC8174] when, and only when, they appear in all 92 capitals, as shown here. 94 3. Software Version Capability 96 Although this document is not an IETF Standards Track document, it 97 makes use of the terminology from BCP 14 in order to clearly state 98 the implementation behaviors. 100 Capabilities advertisements with BGP are defined in [RFC5492]. They 101 utilize the BGP Capabilities Optional Parameter that contains one or 102 more triples . 103 This document defines a new BGP capability, the Software Version 104 Capability, with Capability Code TBD and Capability Length and 105 Capability Value as described below. 107 The inclusion of the Software Version Capability is OPTIONAL. If an 108 implementation supports the inclusion of the capability, the 109 implementation MUST include a configuration switch to enable or 110 disable its use, and that switch MUST be off by default. 112 The Software Version Capability is intended for environments where 113 more visibility is needed for troubleshooting purposes. It is NOT 114 RECOMMENDED for use outside a single Autonomous System, or a set of 115 Autonomous Systems under a common administration. 117 An implementation that does not recognize or support the Software 118 Version Capability but receives one must ignore it, as described in 119 [RFC5492]. 121 The triple for the Software Version Capability is as follows: 123 Capability Code 125 TBD by IANA 127 Capability Length 129 The Capability Length for the Software Version Capability MUST be 130 greater than zero. A value of zero SHALL be treated as an 131 encoding error and the Capability MUST be ignored. 133 The Capability Length SHOULD be no greater than 64. This is the 134 limit to allow other capabilities as much space as they require. 136 Capability Length is a one-octet unsigned binary integer that 137 contains the length of the Capability Value field in octets. 139 Capability Value 140 The Capability Value field is encoded in UTF-8 [RFC3629]. It is 141 unstructured data and can be formatted in any way that the 142 implementor decides. 144 +--------------------------------+ 145 | Version Length (1 octet) | 146 +--------------------------------+ 147 | Version (variable) | 148 +--------------------------------+ 150 Figure 1 152 Version Length: 154 The number of characters in the Version 156 Version: 158 The Version field MUST be encoded using UTF-8. A receiving BGP 159 speaker MUST NOT interpret invalid UTF-8 sequences. 161 3.1. Capabilities Length Overflow 163 As defined in [RFC5492] the total length of capabilities that can be 164 carried by the BGP Capabilities Optional Parameter is 255 bytes. If 165 an implementation is constructing a BGP Capabilities Optional 166 Parameter and its length exceeds 255 bytes, it is REQUIRED to exclude 167 the Software Version Capability. An implementation may optimally 168 achieve this by making the Software Version Capability the last 169 capability triple to add to the Parameter, and only adding it if 170 there is sufficient space to do so. 172 A rogue node can prevent the proper operation of a BGP session, or 173 the advertisement of other Capabilities, by not excluding the 174 Software Version Capability as required in Section 3.1. This risk is 175 equivalent to a rogue node simply not advertising a specific 176 Capability and is not new to BGP. 178 4. Operation 180 The Software Version Capability MUST only be used for displaying the 181 version of a BGP speaker's router daemon to make troubleshooting 182 easier. 184 Consider a group of routers each with a number of upstream nodes, and 185 suppose that each router has a different operating system and 186 different routing daemon at a different version installed. Assuming 187 that a specific feature is not working or that there is a bug which 188 has not been fixed in a particular version of the code, knowledge of 189 the routing daemon versions would allow an operator to quickly 190 identify the pattern of which versions are affected. 192 Enabling (i.e., turning on) this capability requires bouncing all 193 existing BGP sessions and the feature MUST be explicitly configured 194 before an implementation advertizes the Software Version Capability. 196 4.1. Example Usage 198 Below is an example from the [FRRouting] implementation showing both 199 the received and advertised Software Version Capability: 201 :~# vtysh -c 'show ip bgp summary failed' 202 ... 203 Neighbor EstdCnt DropCnt ResetTime Reason 204 ens192 3 3 00:00:35 Waiting for peer OPEN (n/a) 205 ens224 3 3 00:01:12 Waiting for NHT (FRRouting 7.2) 206 eth0 3 3 00:00:14 Neighbor deleted (FRRouting 7.3) 207 ... 209 Figure 2 211 :~# vtysh -c 'show ip bgp neighbors 198.51.100.1 json' \ 212 > | jq '."198.51.100.1".neighborCapabilities.versions' 213 { 214 "advertisedVersion": "FRRouting 7.2-dev-MyOwnFRRVersion", 215 "receivedVersion": "FRRouting 7.2-dev-MyOwnFRRVersion-gc68bb14" 216 } 218 Figure 3 220 5. IANA Considerations 222 The Capability Codes registry is a standalone registry. IANA is 223 requested to assign a capability number from the First Come First 224 Served range for the Software Version Capability in this document as 225 follows: 227 +-------+-----------------------------+------------+ 228 | Value | Description | Reference | 229 +-------+-----------------------------+------------+ 230 | TBD | Software Version Capability | [This.I-D] | 231 +-------+-----------------------------+------------+ 233 Table 1: Software Version Capability 235 6. Security Considerations 237 The Software Version Capability should be treated as sensitive 238 information: it could be easier for an attacker to exploit the system 239 if they know the specific software version and manufacturer of a BGP 240 speaker. This information could be gathered by inspecting BGP OPEN 241 messages that carry the Software Version Capability defined in this 242 document. Furthermore, this knowledge may facilitate a number of 243 social-engineering attacks. 245 Modifying the information advertised by a router might lead to 246 attacks including bogus software upgrades and also might mask the 247 causes of faults in the network. 249 Users of this mechanism should be aware that unless a transport that 250 provides integrity is used for the BGP session in question, the 251 Software Version Capability can be forged. Unless a transport that 252 provides confidentiality is used, the Version Capability could be 253 snooped by an attacker. These issues are common to any BGP message 254 but may be of greater interest in the context of this extension as 255 explained above. Refer to the related considerations in [RFC4271] 256 and [RFC4272]. 258 Users of this mechanism should consider applying data minimization 259 practices as outlined in Section 6.1 of [RFC6973], as appropriate 260 within the deployment context. 262 Sensitive information leaks can be minimized by using the [RFC5082] 263 mechanism or firewalls to filter out TCP 179 port from untrusted 264 networks. This capability can be disabled per neighbor, thus the 265 sensitive information can't be disclosed to untrusted neighbors. 267 7. References 269 7.1. Normative References 271 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 272 Requirement Levels", BCP 14, RFC 2119, 273 DOI 10.17487/RFC2119, March 1997, 274 . 276 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 277 10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November 278 2003, . 280 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A 281 Border Gateway Protocol 4 (BGP-4)", RFC 4271, 282 DOI 10.17487/RFC4271, January 2006, 283 . 285 [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", 286 RFC 4272, DOI 10.17487/RFC4272, January 2006, 287 . 289 [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., Ed., and C. 290 Pignataro, "The Generalized TTL Security Mechanism 291 (GTSM)", RFC 5082, DOI 10.17487/RFC5082, October 2007, 292 . 294 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 295 (TLS) Protocol Version 1.2", RFC 5246, 296 DOI 10.17487/RFC5246, August 2008, 297 . 299 [RFC5492] Scudder, J. and R. Chandra, "Capabilities Advertisement 300 with BGP-4", RFC 5492, DOI 10.17487/RFC5492, February 301 2009, . 303 [RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., 304 Morris, J., Hansen, M., and R. Smith, "Privacy 305 Considerations for Internet Protocols", RFC 6973, 306 DOI 10.17487/RFC6973, July 2013, 307 . 309 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 310 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 311 May 2017, . 313 7.2. Informative References 315 [FRRouting] 316 Abraitis, D., "FRRouting - BGP Software Version 317 Capability", 2019, . 320 Author's Address 321 Donatas Abraitis 322 Hostinger 323 Jonavos g. 60C 324 Kaunas 44192 325 LT 327 Phone: +370 614 18958 328 Email: donatas.abraitis@hostinger.com