idnits 2.17.1 draft-ietf-idr-as0-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (December 16, 2011) is 4514 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-19) exists of draft-ietf-idr-error-handling-00 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 idr W. Kumari 3 Internet-Draft Google 4 Intended status: Standards Track R. Bush 5 Expires: June 18, 2012 Internet Initiative Japan 6 H. Schiller 7 Verizon 8 December 16, 2011 10 Codification of AS 0 processing. 11 draft-ietf-idr-as0-01 13 Abstract 15 This document proscribes the use of AS 0 in BGP OPEN and AS_PATH / 16 AS4_PATH BGP attribute. 18 Status of this Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at http://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on June 18, 2012. 35 Copyright Notice 37 Copyright (c) 2011 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (http://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 Table of Contents 52 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 53 1.1. Requirements notation . . . . . . . . . . . . . . . . . . . 3 54 2. Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 55 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 3 56 4. Security Considerations . . . . . . . . . . . . . . . . . . . . 4 57 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 4 58 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 4 59 6.1. Normative References . . . . . . . . . . . . . . . . . . . 4 60 6.2. Informative References . . . . . . . . . . . . . . . . . . 4 61 Appendix A. Changes / Author Notes. . . . . . . . . . . . . . . . 5 62 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 5 64 1. Introduction 66 Autonomous System 0 is listed in the IANA Autonomous System Number 67 Registry as "Reserved - May be use to identify non-routed networks" 68 ([IANA.AS_Numbers]). 70 [I-D.ietf-sidr-iana-objects] specifies that AS number zero in a ROA 71 is used to mark an NLRI which is to be marked as Invalid. 73 No clear statement that AS 0 was proscribed could be found in any BGP 74 specification. 76 As at least two implementations discard routes containing AS 0 (and 77 to allow approaches such as the above) this document codifies this 78 behavior. 80 1.1. Requirements notation 82 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 83 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 84 document are to be interpreted as described in [RFC2119]. 86 2. Behavior 88 A BGP speaker MUST NOT originate or propagate a route with an AS 89 number of zero. 91 An UPDATE message that contains the AS number of zero in the AS_PATH, 92 AS4_PATH, AGGREGATOR or AS4_AGGREGATOR attribute MUST be considered 93 as malformed, and be handled by the procedures specified in 94 [I-D.ietf-idr-error-handling]. 96 If a BGP speaker receives zero as the peer AS in an OPEN message, it 97 MUST abort the connection and send a NOTIFICATION with Error Code 98 "OPEN Message Error" and subcode "Bad Peer AS" (see [RFC4271] Section 99 6.2). A router MUST NOT initiate a connection claiming to be AS 100 number zero. 102 3. IANA Considerations 104 The IANA is requested to update the Reference for number 0 in the 105 "Autonomous System (AS) Numbers" registry to reference this document. 107 4. Security Considerations 109 By allowing resource holders to say that AS 0 is the only valid 110 origin for a route, we allow them to state that a particular address 111 resource is not in use. By ensuring that all implementations that 112 see AS 0 in a route ignore that route, we prevent a malicious party 113 from announcing routes containing AS 0 in an attempt to hijack those 114 resources. 116 In addition, by standardizing the behavior upon reception of an 117 AS_PATH (or AS4_PATH) containing AS 0, this document makes the 118 behavior better defined, and security gotchas often lurk in the 119 undefined spaces. 121 5. Acknowledgements 123 The authors wish to thank Enke Chen, Brian Dickson, Bruno Decraene, 124 Robert Raszuk, Jakob Heitz, Danny McPherson, Chris Morrow, iLya, 125 Keyur Patel, John Scudder, Jeff Tantsura, Daniel Ginsburg and Susan 126 Hares. Apologies to those we may have missed, it was not 127 intentional. 129 6. References 131 6.1. Normative References 133 [I-D.ietf-idr-error-handling] 134 Scudder, J., Chen, E., Mohapatra, P., and K. Patel, 135 "Revised Error Handling for BGP UPDATE Messages", 136 draft-ietf-idr-error-handling-00 (work in progress), 137 November 2011. 139 [IANA.AS_Numbers] 140 IANA, "Autonomous System (AS) Numbers", 141 . 143 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 144 Requirement Levels", BCP 14, RFC 2119, March 1997. 146 [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway 147 Protocol 4 (BGP-4)", RFC 4271, January 2006. 149 6.2. Informative References 151 [I-D.ietf-sidr-iana-objects] 152 Manderson, T., Vegoda, L., and S. Kent, "RPKI Objects 153 issued by IANA", draft-ietf-sidr-iana-objects-03 (work in 154 progress), May 2011. 156 Appendix A. Changes / Author Notes. 158 [RFC Editor: Please remove this section before publication ] 160 Draft accepted as IDR Doc, notes reset. Please see notes for 161 draft-wkumari-idr-as0.xml for prior comments. 163 Changes -00. 165 o Added AS4_PATH -- Robert Raszuk. 166 o Change "bgp listener" to "bgp speaker" -- Enke Chen 167 o Consistent use of AS_PATH (v., AS-PATH and AS PATH) -- Danny 168 McPherson 169 o New text for Sec 2 P1 -- Enke / Keyur / Scudder, 170 http://www.ietf.org/mail-archive/web/idr/current/msg05786.html 171 o I made a boo boo -- I had the file open in 2 editors, made changes 172 in one and overwrote them by saving on the other, then checked the 173 broken one into SVN. Apologies to all whose comments I may have 174 missed... 176 Changes -01 178 o The WG thread 179 http://www.ietf.org/mail-archive/web/idr/current/msg05685.html 180 showed a very strong preference for separating the error 181 definition and handling -- the chairs also showed a prefernce to 182 Publish this and point to the error handling that Enke will write. 183 o The originally suggested text ("An UPDATE message that contains 184 the AS number of zero in the AS-PATH attribute MUST be...") only 185 referenced the AS-PATH, readded AS4_PATH, *AGGREGATOR as suggested 186 by Robert Raszak and Danny. 188 Authors' Addresses 190 Warren Kumari 191 Google 192 1600 Amphitheatre Parkway 193 Mountain View, CA 94043 194 US 196 Email: warren@kumari.net 197 Randy Bush 198 Internet Initiative Japan 199 5147 Crystal Springs 200 Bainbridge Island, WA 98110 201 US 203 Email: randy@psg.com 205 Heather Schiller 206 Verizon 207 22001 Loudoun County Parkway 208 Ashburn 20147 209 US 211 Email: heather.schiller@verizon.com