idnits 2.17.1 draft-vandevelde-idr-ipv6-flowspec-imp-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 16 instances of too long lines in the document, the longest one being 18 characters in excess of 72. ** The abstract seems to contain references ([I-D.ietf-idr-flow-spec-v6]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. == There are 2 instances of lines with non-RFC3849-compliant IPv6 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document date (May 20, 2015) is 3262 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Unused Reference: 'RFC4271' is defined on line 339, but no explicit reference was found in the text == Outdated reference: A later version (-22) exists of draft-ietf-idr-flow-spec-v6-06 Summary: 2 errors (**), 0 flaws (~~), 5 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IDR N. Fevrier 3 Internet-Draft A. Karch 4 Intended status: Informational Cisco Systems 5 Expires: November 21, 2015 G. Van de Velde 6 W. Henderickx 7 Alcatel-Lucent 8 May 20, 2015 10 Dissemination of Flow Specification Rules for IPv6 Implementation Report 11 draft-vandevelde-idr-ipv6-flowspec-imp-01 13 Abstract 15 This document is an implementation report for the BGP Flow 16 Specification Rules for IPv6 as defined in 17 [I-D.ietf-idr-flow-spec-v6]. The respondents are experts with the 18 implementations they reported on, and their responses are considered 19 authoritative for the implementations for which their responses 20 represent. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on November 21, 2015. 39 Copyright Notice 41 Copyright (c) 2015 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 2 58 3. Implementation Forms . . . . . . . . . . . . . . . . . . . . 3 59 4. NLRI and Extended Community subtypes . . . . . . . . . . . . 3 60 5. Interoperable Implementations . . . . . . . . . . . . . . . . 6 61 5.1. Alcatel-Lucent - Cisco Systems . . . . . . . . . . . . . 6 62 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 63 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 64 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 8 65 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 66 10. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . 8 67 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 68 11.1. Normative References . . . . . . . . . . . . . . . . . . 8 69 11.2. Informative References . . . . . . . . . . . . . . . . . 9 70 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 72 1. Introduction 74 In order to share Flow Specification Rules for IPv6 using the BGP 75 routing protocol a new BGP Network Layer Reachability Information 76 (NLRI) encoding format is required. 78 This document provides an implementation report for the BGP 79 Dissemination of Flow Specification Rules for IPv6 NLRI Format as 80 defined in [I-D.ietf-idr-flow-spec-v6]. 82 The editors did not verify the accuracy of the information provided 83 by respondents or by any alternative means. The respondents are 84 experts with the implementations they reported on, and their 85 responses are considered authoritative for the implementations for 86 which their responses represent. 88 2. Requirements Language 90 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 91 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" are to 92 be interpreted as described in [RFC2119] only when they appear in all 93 upper case. They may also appear in lower or mixed case as English 94 words, without any normative meaning. 96 3. Implementation Forms 98 Contact and implementation information for person filling out this 99 form: 101 Cisco 102 Name: Nicolas Fevrier 103 Email: nifevrie@cisco.com 104 Vendor: Cisco Systems, Inc. 105 Release: IOS-XR 106 Protocol Role: Sender, Receiver 108 Alcatel-Lucent 109 Name: Wim Henderickx 110 Email: wim.henderickx@alcatel-lucent.com 111 Vendor: Alcatel-Lucent, Inc. 112 Release: R12R4 113 Protocol Role: Sender, Receiver 115 4. NLRI and Extended Community subtypes 117 Does the implementation support the Network Layer Reachability (NLRI) 118 subtypes as described in Section 3 and 4 of 119 [I-D.ietf-idr-flow-spec-v6]. 121 o N1: Type 1 - Destination IPv6 Prefix 123 o N2: Type 2 - Source IPv6 Prefix 125 o N3: Type 3 - Next Header 127 o N4: Type 4 - Port 129 o N5: Type 5 - Destination port 131 o N6: Type 6 - Source port 133 o N7: Type 7 - ICMP type 135 o N8: Type 8 - ICMP code 137 o N9: Type 9 - TCP flags 139 o N10: Type 10 - Packet length 141 o N11: Type 11 - DSCP (Diffserv Code Point) 143 o N12: Type 12 - Fragment 144 o N13: Type 13 - Flow Label 146 o E1: Extended Community - traffic-rate 148 o E2: Extended Community - traffic-action 150 o E3: Extended Community - redirect 152 o E4: Extended Community - traffic-marking 153 +--------+--------+-------+-----+ 154 | | Cisco | ALU | TBD | 155 +--------+--------+-------+-----+ 156 | Rcv.N1 | YES | YES | --- | 157 | Snd.N1 | YES | YES | --- | 158 | Rcv.N2 | YES | YES | --- | 159 | Snd.N2 | YES | YES | --- | 160 | Rcv.N3 | YES | YES | --- | 161 | Snd.N3 | YES | YES | --- | 162 | Rcv.N4 | YES | YES | --- | 163 | Snd.N4 | YES | YES | --- | 164 | Rcv.N5 | YES | YES | --- | 165 | Snd.N5 | YES | YES | --- | 166 | Rcv.N6 | YES | YES | --- | 167 | Snd.N6 | YES | YES | --- | 168 | Rcv.N7 | YES | YES | --- | 169 | Snd.N7 | YES | YES | --- | 170 | Rcv.N8 | YES | YES | --- | 171 | Snd.N8 | YES | YES | --- | 172 | Rcv.N9 | YES | YES | --- | 173 | Snd.N9 | YES | YES | --- | 174 | Rcv.N10| YES | YES | --- | 175 | Snd.N10| YES | YES | --- | 176 | Rcv.N11| YES | YES | --- | 177 | Snd.N11| YES | YES | --- | 178 | Rcv.N12| YES | YES | --- | 179 | Snd.N12| YES | YES | --- | 180 | Rcv.N13| YES | YES | --- | 181 | Snd.N13| YES | YES | --- | 182 | Rcv.E1 | YES | YES | --- | 183 | Snd.E1 | YES | YES | --- | 184 | Rcv.E2 | YES | YES | --- | 185 | Snd.E2 | YES | YES | --- | 186 | Rcv.E3 | YES | YES | --- | 187 | Snd.E3 | YES | YES | --- | 188 | Rcv.E4 | YES | YES | --- | 189 | Snd.E4 | YES | YES | --- | 190 +--------+--------+-------+-----+ 192 Yes 194 o Rcv: BGP speaker can receive the information into the BGP process 196 o Snd: BGP speaker can relay the information from the BGP process 198 No 199 o Rcv: BGP speaker can not receive the information into the BGP 200 process 202 o Snd: BGP speaker can not relay the information from the BGP 203 process 205 5. Interoperable Implementations 207 Summary of executed Interop tests between different implementations 209 5.1. Alcatel-Lucent - Cisco Systems 211 This Interop test was between a Cisco IOS-XR router and a Alcatel- 212 Lucent Router. Between the two BGP devices an iBGP session is 213 established. 215 The following IPv6 Flow Specification NLRI is constructed using the 216 Cisco router as IPv6 Flow Specification controller: 218 ! 219 class-map type traffic match-all InteropMatchList 220 match destination-address ipv6 2001:2::3/128 221 match source-address ipv6 2002:2::3/128 222 match destination-port 1-5 7-11 13-18 20-25 27-31 223 match source-port 33-37 39-43 45-50 53-58 60-65 224 match ipv6 icmp-type 35 225 match ipv6 icmp-code 55 226 match packet length 120-130 135-140 145-160 165-200 205-225 227 match dscp 1-10 11-20 22-30 32-40 52-60 228 match tcp-flag 240 any 229 match protocol 6-71 73-80 85-90 95-105 110-115 230 end-class-map 231 ! 232 policy-map type pbr InteropCiscoAlu 233 class type traffic InteropMatchList 234 police rate 200 bps 235 ! 236 redirect nexthop 2001::1 237 set dscp 45 238 ! 239 class type traffic class-default 240 ! 241 end-policy-map 243 This results with the following Flow Specification Extended 244 communities and IPv6 Flow Specification NLRI: 246 AFI: IPv6 247 NLRI (Hex dump) : 248 0x018000200100020000000000000000000000030280002002000200000000000 249 00000000000030303064547034945500355455a035f4569036ec5730503014505 250 0307450b030d451203144519031bc51f06032145250327452b032d45320335453 251 a033cc5410781230881370980f00a037845820387458c039145a003a545c803cd 252 c5e10b0301450a030b45140316451e032045280334c53c 253 Actions :Traffic-rate: 200 bps DSCP: 45 254 Nexthop: 2001::1 (policy.1.test1) 256 The above IPv6 Flow Specification rule is correctly received by the 257 Alcatel-Lucent BGP speaker and is reflected as follows on the device: 259 *A:PE26>config>service>vprn>sub-if>grp-if>sap>static-host# show router 117 bgp 260 routes flow-ipv6 261 =============================================================================== 262 BGP Router ID:195.207.5.200 AS:65117 Local AS:65117 263 =============================================================================== 264 Legend - 265 Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid 266 Origin codes : i - IGP, e - EGP, ? - incomplete, > - best, b - backup 268 =============================================================================== 269 BGP FLOW IPV6 Routes 270 =============================================================================== 271 Flag Network Nexthop LocalPref MED 272 As-Path 273 ------------------------------------------------------------------------------- 274 u*>i -- 2001::1 100 None 275 No As-Path 277 Community Action: ext:800:0 278 Community Action: rate-limit: 65117:110* 279 Community Action: mark-dscp: 45 280 NLRI Subcomponents: 281 Dest Pref : 2001:2::3/128 offset 0 282 Src Pref : 2002:2::3/128 offset 0 283 Ip Proto : [ >= 6 ] and [ <= 71 ] or [ >= 73 ] and [ <= 80 ] or [ >= 284 Dest Port : [ >= 1 ] and [ <= 5 ] or [ >= 7 ] and [ <= 11 ] or [ >= 13 285 Src Port : [ >= 33 ] and [ <= 37 ] or [ >= 39 ] and [ <= 43 ] or [ >= 286 ICMP Type : [ == 35 ] 287 ICMP Code : [ == 55 ] 288 TCP Flags : [ 240 ] 289 TCP Flags : [ 240 ] 290 DSCP : [ >= 1 ] and [ <= 10 ] or [ >= 11 ] and [ <= 20 ] or [ >= 291 ------------------------------------------------------------------------------- 292 Routes : 1 293 6. IANA Considerations 295 This document makes no request of IANA. 297 Note to RFC Editor: The IANA has requested that this section remain 298 in the document upon publication as an RFC. This note to the RFC 299 Editor, however, may be removed. 301 7. Security Considerations 303 No new security issues are introduced to the BGP defined in 304 Dissemination of Flow Specification Rules for IPv6 305 [I-D.ietf-idr-flow-spec-v6]. 307 8. Privacy Considerations 309 No new privacy issues are introduced to the BGP defined in 310 Dissemination of Flow Specification Rules for IPv6 311 [I-D.ietf-idr-flow-spec-v6]. 313 9. Acknowledgements 315 The authors would like to thank Hyojeong Kim, Bertrand Duvivier and 316 Adam Simpson. 318 10. Change Log 320 Initial Version: 8 October 2014 322 -01 Version: 20 May 2015 324 11. References 326 11.1. Normative References 328 [I-D.ietf-idr-flow-spec-v6] 329 Raszuk, R., Pithawala, B., McPherson, D., and A. Andy, 330 "Dissemination of Flow Specification Rules for IPv6", 331 draft-ietf-idr-flow-spec-v6-06 (work in progress), 332 November 2014. 334 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 335 Requirement Levels", BCP 14, RFC 2119, March 1997. 337 11.2. Informative References 339 [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway 340 Protocol 4 (BGP-4)", RFC 4271, January 2006. 342 Authors' Addresses 344 Nicolas Fevrier 345 Cisco Systems 346 11 Rue Camille Desmoulins 347 Issy-les-Koulineaux 92130 348 France 350 Email: nifevrie@cisco.com 352 Andy Karch 353 Cisco Systems 354 170 W. Tasman Drive 355 San Jose, CA 95124 95134 356 USA 358 Email: akarch@cisco.com 360 Gunter Van de Velde 361 Alcatel-Lucent 362 Copernicuslaan 50 363 Antwerpen 2018 364 Belgium 366 Email: gunter.van_de_velde@alcatel-lucent.com 368 Wim Henderickx 369 Alcatel-Lucent 371 Email: wim.henderickx@alcatel-lucent.be