idnits 2.17.1 draft-vandevelde-idr-ipv6-flowspec-imp-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 16 instances of too long lines in the document, the longest one being 7 characters in excess of 72. ** The abstract seems to contain references ([I-D.ietf-idr-flow-spec-v6]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. == There are 2 instances of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (October 8, 2014) is 3486 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC4271' is defined on line 336, but no explicit reference was found in the text == Outdated reference: A later version (-22) exists of draft-ietf-idr-flow-spec-v6-05 Summary: 2 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IDR G. Van de Velde 3 Internet-Draft A. Karch 4 Intended status: Informational Cisco Systems 5 Expires: April 11, 2015 W. Henderickx 6 Alcatel-Lucent 7 October 8, 2014 9 Dissemination of Flow Specification Rules for IPv6 Implementation Report 10 draft-vandevelde-idr-ipv6-flowspec-imp-00 12 Abstract 14 This document is an implementation report for the BGP Flow 15 Specification Rules for IPv6 as defined in 16 [I-D.ietf-idr-flow-spec-v6]. The respondents are experts with the 17 implementations they reported on, and their responses are considered 18 authoritative for the implementations for which their responses 19 represent. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at http://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on April 11, 2015. 38 Copyright Notice 40 Copyright (c) 2014 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (http://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 2 57 3. Implementation Forms . . . . . . . . . . . . . . . . . . . . 3 58 4. NLRI and Extended Community subtypes . . . . . . . . . . . . 3 59 5. Interoperable Implementations . . . . . . . . . . . . . . . . 6 60 5.1. Alcatel-Lucent - Cisco Systems . . . . . . . . . . . . . 6 61 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 62 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 63 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 8 64 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 65 10. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 8 66 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 67 11.1. Normative References . . . . . . . . . . . . . . . . . . 8 68 11.2. Informative References . . . . . . . . . . . . . . . . . 8 69 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 71 1. Introduction 73 In order to share Flow Specification Rules for IPv6 using the BGP 74 routing protocol a new BGP Network Layer Reachability Information 75 (NLRI) encoding format is required. 77 This document provides an implementation report for the BGP 78 Dissemination of Flow Specification Rules for IPv6 NLRI Format as 79 defined in [I-D.ietf-idr-flow-spec-v6]. 81 The editors did not verify the accuracy of the information provided 82 by respondents or by any alternative means. The respondents are 83 experts with the implementations they reported on, and their 84 responses are considered authoritative for the implementations for 85 which their responses represent. 87 2. Requirements Language 89 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 90 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are to 91 be interpreted as described in [RFC2119] only when they appear in all 92 upper case. They may also appear in lower or mixed case as English 93 words, without any normative meaning. 95 3. Implementation Forms 97 Contact and implementation information for person filling out this 98 form: 100 Cisco 101 Name: Gunter Van de Velde 102 Email:gvandeve@cisco.com 103 Vendor: Cisco Systems, Inc. 104 Release: IOS-XR 105 Protocol Role: Sender, Receiver 107 Alcatel-Lucent 108 Name: Wim Henderickx 109 Email: wim.henderickx@alcatel-lucent.com 110 Vendor: Alcatel-Lucent, Inc. 111 Release: R12R4 112 Protocol Role: Sender, Receiver 114 4. NLRI and Extended Community subtypes 116 Does the implementation support the Network Layer Reachability (NLRI) 117 subtypes as described in Section 3 and 4 of 118 [I-D.ietf-idr-flow-spec-v6]. 120 o N1: Type 1 - Destination IPv6 Prefix 122 o N2: Type 2 - Source IPv6 Prefix 124 o N3: Type 3 - Next Header 126 o N4: Type 4 - Port 128 o N5: Type 5 - Destination port 130 o N6: Type 6 - Source port 132 o N7: Type 7 - ICMP type 134 o N8: Type 8 - ICMP code 136 o N9: Type 9 - TCP flags 138 o N10: Type 10 - Packet length 140 o N11: Type 11 - DSCP (Diffserv Code Point) 142 o N12: Type 12 - Fragment 143 o N13: Type 13 - Flow Label 145 o E1: Extended Community - traffic-rate 147 o E2: Extended Community - traffic-action 149 o E3: Extended Community - redirect 151 o E4: Extended Community - traffic-marking 152 +--------+--------+-------+-----+ 153 | | Cisco | ALU | TBD | 154 +--------+--------+-------+-----+ 155 | Rcv.N1 | YES | YES | --- | 156 | Snd.N1 | YES | YES | --- | 157 | Rcv.N2 | YES | YES | --- | 158 | Snd.N2 | YES | YES | --- | 159 | Rcv.N3 | YES | YES | --- | 160 | Snd.N3 | YES | YES | --- | 161 | Rcv.N4 | YES | YES | --- | 162 | Snd.N4 | YES | YES | --- | 163 | Rcv.N5 | YES | YES | --- | 164 | Snd.N5 | YES | YES | --- | 165 | Rcv.N6 | YES | YES | --- | 166 | Snd.N6 | YES | YES | --- | 167 | Rcv.N7 | YES | YES | --- | 168 | Snd.N7 | YES | YES | --- | 169 | Rcv.N8 | YES | YES | --- | 170 | Snd.N8 | YES | YES | --- | 171 | Rcv.N9 | YES | YES | --- | 172 | Snd.N9 | YES | YES | --- | 173 | Rcv.N10| YES | YES | --- | 174 | Snd.N10| YES | YES | --- | 175 | Rcv.N11| YES | YES | --- | 176 | Snd.N11| YES | YES | --- | 177 | Rcv.N12| YES | YES | --- | 178 | Snd.N12| YES | YES | --- | 179 | Rcv.N13| YES | YES | --- | 180 | Snd.N13| YES | YES | --- | 181 | Rcv.E1 | YES | YES | --- | 182 | Snd.E1 | YES | YES | --- | 183 | Rcv.E2 | YES | YES | --- | 184 | Snd.E2 | YES | YES | --- | 185 | Rcv.E3 | YES | YES | --- | 186 | Snd.E3 | YES | YES | --- | 187 | Rcv.E4 | YES | YES | --- | 188 | Snd.E4 | YES | YES | --- | 189 +--------+--------+-------+-----+ 191 Yes 193 o Rcv: BGP speaker can receive the information into the BGP process 195 o Snd: BGP speaker can relay the information from the BGP process 197 No 198 o Rcv: BGP speaker can not receive the information into the BGP 199 process 201 o Snd: BGP speaker can not relay the information from the BGP 202 process 204 5. Interoperable Implementations 206 Summary of executed Interop tests between different implementations 208 5.1. Alcatel-Lucent - Cisco Systems 210 This Interop test was between a Cisco IOS-XR router and a Alcatel- 211 Lucent Router. Between the two BGP devices an iBGP session is 212 established. 214 The following IPv6 Flow Specification NLRI is constructed using the 215 Cisco router as IPv6 Flow Specification controller: 217 ! 218 class-map type traffic match-all InteropMatchList 219 match destination-address ipv6 2001:2::3/128 220 match source-address ipv6 2002:2::3/128 221 match destination-port 1-5 7-11 13-18 20-25 27-31 222 match source-port 33-37 39-43 45-50 53-58 60-65 223 match ipv6 icmp-type 35 224 match ipv6 icmp-code 55 225 match packet length 120-130 135-140 145-160 165-200 205-225 226 match dscp 1-10 11-20 22-30 32-40 52-60 227 match tcp-flag 240 any 228 match protocol 6-71 73-80 85-90 95-105 110-115 229 end-class-map 230 ! 231 policy-map type pbr InteropCiscoAlu 232 class type traffic InteropMatchList 233 police rate 200 bps 234 ! 235 redirect nexthop 2001::1 236 set dscp 45 237 ! 238 class type traffic class-default 239 ! 240 end-policy-map 242 This results with the following Flow Specification Extended 243 communities and IPv6 Flow Specification NLRI: 245 AFI: IPv6 246 NLRI (Hex dump) : 247 0x018000200100020000000000000000000000030280002002000200000000000 248 00000000000030303064547034945500355455a035f4569036ec5730503014505 249 0307450b030d451203144519031bc51f06032145250327452b032d45320335453 250 a033cc5410781230881370980f00a037845820387458c039145a003a545c803cd 251 c5e10b0301450a030b45140316451e032045280334c53c 252 Actions :Traffic-rate: 200 bps DSCP: 45 253 Nexthop: 2001::1 (policy.1.test1) 255 The above IPv6 Flow Specification rule is correctly received by the 256 Alcatel-Lucent BGP speaker and is reflected as follows on the device: 258 *A:PE26>config>service>vprn>sub-if>grp-if>sap>static-host# show router 117 bgp 259 routes flow-ipv6 260 =============================================================================== 261 BGP Router ID:195.207.5.200 AS:65117 Local AS:65117 262 =============================================================================== 263 Legend - 264 Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid 265 Origin codes : i - IGP, e - EGP, ? - incomplete, > - best, b - backup 267 =============================================================================== 268 BGP FLOW IPV6 Routes 269 =============================================================================== 270 Flag Network Nexthop LocalPref MED 271 As-Path 272 ------------------------------------------------------------------------------- 273 u*>i -- 2001::1 100 None 274 No As-Path 276 Community Action: ext:800:0 277 Community Action: rate-limit: 65117:110* 278 Community Action: mark-dscp: 45 279 NLRI Subcomponents: 280 Dest Pref : 2001:2::3/128 offset 0 281 Src Pref : 2002:2::3/128 offset 0 282 Ip Proto : [ >= 6 ] and [ <= 71 ] or [ >= 73 ] and [ <= 80 ] or [ >= 283 Dest Port : [ >= 1 ] and [ <= 5 ] or [ >= 7 ] and [ <= 11 ] or [ >= 13 284 Src Port : [ >= 33 ] and [ <= 37 ] or [ >= 39 ] and [ <= 43 ] or [ >= 285 ICMP Type : [ == 35 ] 286 ICMP Code : [ == 55 ] 287 TCP Flags : [ 240 ] 288 TCP Flags : [ 240 ] 289 DSCP : [ >= 1 ] and [ <= 10 ] or [ >= 11 ] and [ <= 20 ] or [ >= 290 ------------------------------------------------------------------------------- 291 Routes : 1 292 6. IANA Considerations 294 This document makes no request of IANA. 296 Note to RFC Editor: The IANA has requested that this section remain 297 in the document upon publication as an RFC. This note to the RFC 298 Editor, however, may be removed. 300 7. Security Considerations 302 No new security issues are introduced to the BGP defined in 303 Dissemination of Flow Specification Rules for IPv6 304 [I-D.ietf-idr-flow-spec-v6]. 306 8. Privacy Considerations 308 No new privacy issues are introduced to the BGP defined in 309 Dissemination of Flow Specification Rules for IPv6 310 [I-D.ietf-idr-flow-spec-v6]. 312 9. Acknowledgements 314 The authors would like to thank Nicolas Fevrier, Hyojeong Kim, 315 Bertrand Duvivier and Adam Simpson. 317 10. Change Log 319 Initial Version: 8 October 2014 321 11. References 323 11.1. Normative References 325 [I-D.ietf-idr-flow-spec-v6] 326 Raszuk, R., Pithawala, B., McPherson, D., and A. Andy, 327 "Dissemination of Flow Specification Rules for IPv6", 328 draft-ietf-idr-flow-spec-v6-05 (work in progress), March 329 2014. 331 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 332 Requirement Levels", BCP 14, RFC 2119, March 1997. 334 11.2. Informative References 336 [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway 337 Protocol 4 (BGP-4)", RFC 4271, January 2006. 339 Authors' Addresses 341 Gunter Van de Velde 342 Cisco Systems 343 De Kleetlaan 6a 344 Diegem 1831 345 Belgium 347 Phone: +32 2704 5473 348 Email: gvandeve@cisco.com 350 Andy Karch 351 Cisco Systems 352 170 W. Tasman Drive 353 San Jose, CA 95124 95134 354 USA 356 Email: akarch@cisco.com 358 Wim Henderickx 359 Alcatel-Lucent 361 Email: wim.henderickx@alcatel-lucent.be