idnits 2.17.1 draft-ietf-idr-flowspec-redirect-rt-bis-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document updates RFC5575, but the abstract doesn't seem to directly say this. It does mention RFC5575 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC5575, updated by this document, for RFC5378 checks: 2007-08-15) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 1, 2014) is 3649 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 5575 (Obsoleted by RFC 8955) Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force J. Haas, Ed. 3 Internet-Draft Juniper Networks 4 Updates: 5575 (if approved) April 1, 2014 5 Intended status: Standards Track 6 Expires: October 3, 2014 8 Clarification of the Flowspec Redirect Extended Community 9 draft-ietf-idr-flowspec-redirect-rt-bis-00 11 Abstract 13 This document clarifies the formatting of the the BGP Flowspec 14 Redirect Extended Community, originally documented in RFC 5575. 16 Status of this Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on October 3, 2014. 33 Copyright Notice 35 Copyright (c) 2014 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 51 2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4 52 3. Security Considerations . . . . . . . . . . . . . . . . . . . . 5 53 4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 5 54 5. Normative References . . . . . . . . . . . . . . . . . . . . . 5 55 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 6 57 1. Introduction 59 Dissemination of Flow Specification Rules [RFC5575], commonly known 60 as BGP Flowspec, provided for a BGP Extended Community [RFC4360] that 61 served to redirect traffic to a VRF routing instance that matched the 62 flow specification NLRI. In that RFC, the Redirect Extended 63 Community was documented as follows: 65 : +--------+--------------------+--------------------------+ 66 : | type | extended community | encoding | 67 : +--------+--------------------+--------------------------+ 68 : | 0x8008 | redirect | 6-byte Route Target | 69 : +--------+--------------------+--------------------------+ 70 : 71 : [...] 72 : 73 : Redirect: The redirect extended community allows the traffic to be 74 : redirected to a VRF routing instance that lists the specified 75 : route-target in its import policy. If several local instances 76 : match this criteria, the choice between them is a local matter 77 : (for example, the instance with the lowest Route Distinguisher 78 : value can be elected). This extended community uses the same 79 : encoding as the Route Target extended community [RFC4360]. 80 : [...] 81 : 82 : 11. IANA Considerations 83 : [...] 84 : 85 : The following traffic filtering flow specification rules have been 86 : allocated by IANA from the "BGP Extended Communities Type - 87 : Experimental Use" registry as follows: 88 : [...] 89 : 90 : 0x8008 - Flow spec redirect 92 The IANA registry of BGP Extended Communities clearly identifies 93 communities of specific formats. For example, "Two-octet AS Specific 94 Extended Community" [RFC4360], "Four-octet AS Specific Extended 95 Community" [RFC5668] and "IPv4 Address Specific Extended Community" 96 [RFC4360]. Route Targets [RFC4360] identify this format in the high- 97 order (Type) octet of the Extended Community and set the value of the 98 low-order (Sub-Type) octet to 0x02. The Value field of the Route 99 Target Extended Community is intended to be interpreted in the 100 context of its format. 102 Since the Redirect Extended Community only registered a single code- 103 point in the IANA BGP Extended Community registry, a common 104 interpretation of the Redirect Extended Community's "6-byte Route 105 Target" has been to look for any matching Route Target sharing the 106 same Value portion of its Extended Community. Thus, multiple Route 107 Targets provisioned in a router's VRFs might match even though the 108 format was different. 110 This "Value wildcard" behavior does not matched deployed 111 implementations of BGP Flowspec. Deployed implementations of BGP 112 Flowspec use the following formatting for the Redirect Extended 113 Community: 115 +--------+--------------------+-------------------------------------+ 116 | type | extended community | encoding | 117 +--------+--------------------+-------------------------------------+ 118 | 0x8008 | redirect AS-2byte | 2-octet AS, 4-octet Value | 119 | 0x8108 | redirect IPv4 | 4-octet IPv4 Address, 2-octet Value | 120 | 0x8208 | redirect AS-4byte | 4-octet AS, 2-octet Value | 121 +--------+--------------------+-------------------------------------+ 123 It should be noted that the low-order nybble of the Redirect's Type 124 field corresponds to the Route Target Extended Community format field 125 (Type). (See [RFC4360], Secs. 3.1, 3.2 and [RFC5668], Sec. 2.) The 126 low order octet (Sub-Type) of the Redirect Extended Community remains 127 0x08, contrasted to 0x02 for Route Targets. 129 The IANA Registries for BGP Extended Communities 130 [I-D.ietf-idr-extcomm-iana] document was written to update the 131 previously-mentioned IANA registries to better document BGP Extended 132 Community formats. The IANA Considerations section below further 133 amends those registry updates in order to properly document the 134 flowspec redirect communities. 136 2. IANA Considerations 138 IANA is requested to update the BGP GENERIC TRANSITIVE EXPERIMENTAL 139 USE EXTENDED COMMUNITY SUB-TYPES registry as follows: 141 0x08 - Flow spec redirect AS-2byte format. 143 IANA is requested to update the BGP TRANSITIVE EXTENDED COMMUNITY 144 TYPES registry as follows: 146 0x81 - Generic Transitive Experimental Extended Community 147 Part 2 (Sub-Types are defined in the "Generic Transitive 148 Experimental Extended Community Part 2 Sub-Types" Registry) 149 0x82 - Generic Transitive Experimental Extended Community 150 Part 3 (Sub-Types are defined in the "Generic Transitive 151 Experimental Extended Community Part 3 Sub-Types" Registry) 153 IANA is requested to create the GENERIC TRANSITIVE EXPERIMENTAL 154 EXTENDED COMMUNITY PART 2 SUB-TYPES registry. It should be seeded 155 with the following Sub-Type: 157 0x08 - Flow spec redirect IPv4 format. 159 IANA is requested to create the GENERIC TRANSITIVE EXPERIMENTAL 160 EXTENDED COMMUNITY PART 3 SUB-TYPES registry. It should be seeded 161 with the following Sub-Type: 163 0x08 - Flow spec redirect AS-4byte format. 165 3. Security Considerations 167 This document introduces no additional security considerations than 168 those already covered in [RFC5575]. 170 4. Acknowledgements 172 The contents of this document was raised as part of implementation 173 discussions of BGP Flowspec with the following individuals: 175 Andrew Karch (Cisco) 177 Robert Raszuk (NTT I3) 179 Adam Simpson (Alcatel-Lucent) 181 Matthieu Texier (Arbor Networks) 183 Kaliraj Vairavakkalai (Juniper) 185 5. Normative References 187 [I-D.ietf-idr-extcomm-iana] 188 Rosen, E. and Y. Rekhter, "IANA Registries for BGP 189 Extended Communities", draft-ietf-idr-extcomm-iana-02 190 (work in progress), December 2013. 192 [RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended 193 Communities Attribute", RFC 4360, February 2006. 195 [RFC5575] Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J., 196 and D. McPherson, "Dissemination of Flow Specification 197 Rules", RFC 5575, August 2009. 199 [RFC5668] Rekhter, Y., Sangli, S., and D. Tappan, "4-Octet AS 200 Specific BGP Extended Community", RFC 5668, October 2009. 202 Author's Address 204 Jeffrey Haas (editor) 205 Juniper Networks 206 1194 N. Mathida Ave. 207 Sunnyvale, CA 94089 208 US 210 Email: jhaas@juniper.net