[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: (draft-haas-idr-flowspec-redirect-rt-bis) 00 01 02 03 04 05 RFC 7674

Internet Engineering Task Force                             J. Haas, Ed.
Internet-Draft                                          Juniper Networks
Updates: 5575 (if approved)                            November 24, 2014
Intended status: Standards Track
Expires: May 28, 2015


       Clarification of the Flowspec Redirect Extended Community
               draft-ietf-idr-flowspec-redirect-rt-bis-03

Abstract

   This document clarifies the formatting of the the BGP Flowspec
   Redirect Extended Community, originally documented in RFC 5575
   (Dissemination of Flow Specification Rules).

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on May 28, 2015.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.




Haas                      Expires May 28, 2015                  [Page 1]


Internet-Draft   draft-ietf-idr-flowspec-redirect-rt-bis   November 2014


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   4
   3.  Security Considerations . . . . . . . . . . . . . . . . . . .   4
   4.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   4
   5.  Normative References  . . . . . . . . . . . . . . . . . . . .   5
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .   5

1.  Introduction

   Dissemination of Flow Specification Rules [RFC5575], commonly known
   as BGP Flowspec, provided for a BGP Extended Community [RFC4360] that
   served to redirect traffic to a VRF routing instance that matched the
   flow specification NLRI.  In that RFC, the Redirect Extended
   Community was documented as follows:

   : +--------+--------------------+--------------------------+
   : | type   | extended community | encoding                 |
   : +--------+--------------------+--------------------------+
   : | 0x8008 | redirect           | 6-byte Route Target      |
   : +--------+--------------------+--------------------------+
   :
   : [...]
   :
   : Redirect:  The redirect extended community allows the traffic to be
   : redirected to a VRF routing instance that lists the specified
   : route-target in its import policy.  If several local instances
   : match this criteria, the choice between them is a local matter
   : (for example, the instance with the lowest Route Distinguisher
   : value can be elected).  This extended community uses the same
   : encoding as the Route Target extended community [RFC4360].
   : [...]
   :
   : 11. IANA Considerations
   : [...]
   :
   : The following traffic filtering flow specification rules have been
   : allocated by IANA from the "BGP Extended Communities Type -
   : Experimental Use" registry as follows:
   : [...]
   :
   : 0x8008 - Flow spec redirect

   The IANA registry of BGP Extended Communities clearly identifies
   communities of specific formats.  For example, "Two-octet AS Specific
   Extended Community" [RFC4360], "Four-octet AS Specific Extended
   Community" [RFC5668] and "IPv4 Address Specific Extended Community"



Haas                      Expires May 28, 2015                  [Page 2]


Internet-Draft   draft-ietf-idr-flowspec-redirect-rt-bis   November 2014


   [RFC4360].  Route Targets [RFC4360] identify this format in the high-
   order (Type) octet of the Extended Community and set the value of the
   low-order (Sub-Type) octet to 0x02.  The Value field of the Route
   Target Extended Community is intended to be interpreted in the
   context of its format.

   Since the Redirect Extended Community only registered a single code-
   point in the IANA BGP Extended Community registry, a common
   interpretation of the redirect extended community's "6-byte route
   target" has been to look, at a receiving router, for a route target
   value that matches the route target value in the received redirect
   extended community, and import the advertised route to the
   corresponding VRF instance subject to the rules defined in [RFC5575].
   However, because the route target format in the redirect extended
   community is not clearly defined, the wrong match may occur.

   This "value wildcard" matching behavior, that does not take into
   account the format of the route target defined for a local VRF and
   may result in the wrong matching decision, does not match deployed
   implementations of BGP flowspec.  Deployed implementations of BGP
   flowspec solve this problem by defining different redirect extended
   communities that are specific to the format of the route target
   value.  This document defines the following redirect extended
   communities:

   +--------+--------------------+-------------------------------------+
   | type   | extended community | encoding                            |
   +--------+--------------------+-------------------------------------+
   | 0x8008 | redirect AS-2byte  | 2-octet AS, 4-octet Value           |
   | 0x8108 | redirect IPv4      | 4-octet IPv4 Address, 2-octet Value |
   | 0x8208 | redirect AS-4byte  | 4-octet AS, 2-octet Value           |
   +--------+--------------------+-------------------------------------+

   It should be noted that the low-order nybble of the Redirect's Type
   field corresponds to the Route Target Extended Community format field
   (Type).  (See [RFC4360], Secs. 3.1, 3.2, and 4 plus [RFC5668], Sec.
   2.)  The low order octet (Sub-Type) of the Redirect Extended
   Community remains 0x08, contrasted to 0x02 for Route Targets.

   The IANA Registries for BGP Extended Communities [RFC7153] document
   was written to update the previously-mentioned IANA registries to
   better document BGP Extended Community formats.  The IANA
   Considerations section below further amends those registry updates in
   order to properly document the flowspec redirect communities.







Haas                      Expires May 28, 2015                  [Page 3]


Internet-Draft   draft-ietf-idr-flowspec-redirect-rt-bis   November 2014


2.  IANA Considerations

   IANA is requested to update the "BGP Generic Transitive Experimental
   Use Extended Community Sub-Types" registry as follows:

   0x08 - Flow spec redirect AS-2byte format.

   IANA is requested to update the "BGP Transitive Extended Community
   Types" registry as follows:

   0x81 - Generic Transitive Experimental Use Extended Community
          Part 2 (Sub-Types are defined in the "Generic Transitive
          Experimental Extended Community Part 2 Sub-Types" Registry)
   0x82 - Generic Transitive Experimental Use Extended Community
          Part 3 (Sub-Types are defined in the "Generic Transitive
          Experimental Extended Community Part 3 Sub-Types" Registry)

   IANA is requested to create the "Generic Transitive Experimental Use
   Extended Community Part 2 Sub-Types" registry.  It should be seeded
   with the following Sub-Type:

   0x08 - Flow spec redirect IPv4 format.

   IANA is requested to create the "Generic Transitive Experimental Use
   Extended Community Part 3 Sub-Types" registry.  It should be seeded
   with the following Sub-Type:

   0x08 - Flow spec redirect AS-4byte format.

3.  Security Considerations

   This document introduces no additional security considerations than
   those already covered in [RFC5575].

4.  Acknowledgements

   The contents of this document was raised as part of implementation
   discussions of BGP Flowspec with the following individuals:

      Andrew Karch (Cisco)

      Robert Raszuk

      Adam Simpson (Alcatel-Lucent)

      Matthieu Texier (Arbor Networks)

      Kaliraj Vairavakkalai (Juniper)



Haas                      Expires May 28, 2015                  [Page 4]


Internet-Draft   draft-ietf-idr-flowspec-redirect-rt-bis   November 2014


5.  Normative References

   [RFC4360]  Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended
              Communities Attribute", RFC 4360, February 2006.

   [RFC5575]  Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J.,
              and D. McPherson, "Dissemination of Flow Specification
              Rules", RFC 5575, August 2009.

   [RFC5668]  Rekhter, Y., Sangli, S., and D. Tappan, "4-Octet AS
              Specific BGP Extended Community", RFC 5668, October 2009.

   [RFC7153]  Rosen, E. and Y. Rekhter, "IANA Registries for BGP
              Extended Communities", RFC 7153, March 2014.

Author's Address

   Jeffrey Haas (editor)
   Juniper Networks
   1194 N. Mathida Ave.
   Sunnyvale, CA  94089
   US

   Email: jhaas@juniper.net



























Haas                      Expires May 28, 2015                  [Page 5]


Html markup produced by rfcmarkup 1.129d, available from https://tools.ietf.org/tools/rfcmarkup/