idnits 2.17.1 draft-ietf-idr-deprecate-as-sets-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (January 16, 2011) is 4848 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- No issues found here. Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group W. Kumari 3 Internet-Draft Google, Inc. 4 Intended status: Informational January 16, 2011 5 Expires: July 20, 2011 7 Deprecation of BGP AS_SET, AS_CONFED_SET. 8 draft-ietf-idr-deprecate-as-sets-02.txt 10 Abstract 12 This document deprecates the use of the AS_SET and AS_CONFED_SET 13 types of the AS_PATH in BGPv4. This is done to simplify the design 14 and implementation of the BGP protocol and to make the semantics of 15 the originator of a route more clear. This will also simplify the 16 design, implementation and deployment of bonging work in the Secure 17 Inter-Domain Routing Working Group. 19 Status of this Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on July 20, 2011. 36 Copyright Notice 38 Copyright (c) 2011 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 54 2. Requirements notation . . . . . . . . . . . . . . . . . . . . . 3 55 3. Deployment and modification of behavior . . . . . . . . . . . . 3 56 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4 57 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 4 58 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 4 59 7. Normative References . . . . . . . . . . . . . . . . . . . . . 4 60 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 5 62 1. Introduction 64 The AS_SET path segment type of the AS_PATH attribute ([RFC4271], 65 Section 4.3) is created by a router that is performing route 66 aggregation and contains an unordered set of ASs that the update has 67 traversed. The AS_CONFED_SET path segment type ([RFC5065]) of the 68 AS_PATH attribute is created by a router that is performing route 69 aggregation and contains an unordered set of Member AS Numbers in the 70 local confederation that the update has traversed (AS_CONFED_SETs are 71 very similar to AS_SETs, but are used within a confederation). 73 By performing aggregation, a router is, in essence, combining 74 multiple routes into a new route. This type of aggregation blurs the 75 semantics of what it means to originate a route. These can cause 76 operational issues that include reachability problems and traffic 77 engineering issues. 79 From analysis of past Internet routing data it is apparent that 80 aggregation that involves AS_SETs is very seldom used in practice on 81 the public network and, when it is, often contains reserved AS 82 numbers ([RFC1930]) and / or only a single AS in the AS_SET. The 83 reduction in table size provided by the aggregation is outweighed by 84 additional complexity in the BGP protocol and confusion regarding 85 what exactly is meant by originating a route. 87 2. Requirements notation 89 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 90 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 91 document are to be interpreted as described in [RFC2119]. 93 3. Deployment and modification of behavior 95 Operators are strongly advised to not generate any new announcements 96 containing AS_SETs or AS_CONFED_SETs and to withdraw any existing 97 routes containing them as soon as possible. As with any change, the 98 operator should understand the full implications of the change. 100 It is worth noting that new technologies (such as those that take 101 advantage of the "X.509 Extensions for IP Addresses and AS 102 Identifiers" ([RFC3779]) may not support routes with AS_SETs / 103 AS_CONFED_SETs in them, and MAY treat as infeasible routes containing 104 them. Future BGP implementations may also do the same. 106 It is expected that, even before the deployment of these 107 technologies, operators may begin filtering routers that contain 108 AS_SETs or AS_CONFED_SETs. 110 4. IANA Considerations 112 This document contains no IANA considerations. 114 5. Security Considerations 116 By removing support for the AS_SET path segment type of the AS_PATH 117 attribute future BGP implementations can be simplified. This will 118 also simplify the design and implementation of the RPKI and systems 119 that will rely on it. By removing corner cases we remove complexity 120 and code that is not exercised very often, which decreases the attack 121 surface. 123 6. Acknowledgements 125 The author would like to thank Tony Li, Randy Bush, John Scudder, 126 Chris Morrow, Danny McPherson, Douglas Montgomery, Enke Chen, Florian 127 Weimer, Ilya Varlashkin, Jakob Heitz, John Leslie, Keyur Patel, Paul 128 Jakma, Rob Austein, Russ Housley, Sandra Murphy, Sriram Kotikalapudi, 129 Steve Bellovin, Steve Kent, Steve Padgett, Alfred Hones, Tom Petch, 130 Alvaro Retana, everyone in IDR and everyone else who provided input. 132 Apologies to those who I may have missed, it was not intentional. 134 7. Normative References 136 [RFC1930] Hawkinson, J. and T. Bates, "Guidelines for creation, 137 selection, and registration of an Autonomous System (AS)", 138 BCP 6, RFC 1930, March 1996. 140 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 141 Requirement Levels", BCP 14, RFC 2119, March 1997. 143 [RFC3779] Lynn, C., Kent, S., and K. Seo, "X.509 Extensions for IP 144 Addresses and AS Identifiers", RFC 3779, June 2004. 146 [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway 147 Protocol 4 (BGP-4)", RFC 4271, January 2006. 149 [RFC5065] Traina, P., McPherson, D., and J. Scudder, "Autonomous 150 System Confederations for BGP", RFC 5065, August 2007. 152 Author's Address 154 Warren Kumari 155 Google, Inc. 156 1600 Amphitheatre Parkway 157 Mountain View, CA 94043 158 US 160 Phone: +1 571 748 4373 161 Email: warren@kumari.net