| draft-ietf-mpls-deprecate-bgp-entropy-label-00.txt | draft-ietf-mpls-deprecate-bgp-entropy-label-01.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force J. Scudder | Internet Engineering Task Force J. Scudder | |||
| Internet-Draft K. Kompella | Internet-Draft K. Kompella | |||
| Updates: 6790 (if approved) Juniper Networks | Updates: 6790 (if approved) Juniper Networks | |||
| Intended status: Standards Track June 23, 2014 | Intended status: Standards Track July 23, 2014 | |||
| Expires: December 25, 2014 | Expires: January 24, 2015 | |||
| Deprecation of BGP Entropy Label Capability Attribute | Deprecation of BGP Entropy Label Capability Attribute | |||
| draft-ietf-mpls-deprecate-bgp-entropy-label-00 | draft-ietf-mpls-deprecate-bgp-entropy-label-01 | |||
| Abstract | Abstract | |||
| RFC 6790 defines the BGP Entropy Label Capability attribute. | RFC 6790 defines the BGP Entropy Label Capability attribute. | |||
| Regrettably, it has a bug: although RFC 6790 mandates that Entropy | Regrettably, it has a bug: although RFC 6790 mandates that Entropy | |||
| Label-incapable routers must remove the attribute, in practice this | Label-incapable routers must remove the attribute, in practice this | |||
| requirement can't be guaranteed to be fulfilled. This specification | requirement can't be guaranteed to be fulfilled. This specification | |||
| deprecates the attribute. A forthcoming document will propose a | deprecates the attribute. A forthcoming document will propose a | |||
| replacement. | replacement. | |||
| skipping to change at page 1, line 36 | skipping to change at page 1, line 36 | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on December 25, 2014. | This Internet-Draft will expire on January 24, 2015. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2014 IETF Trust and the persons identified as the | Copyright (c) 2014 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 31 | skipping to change at page 2, line 31 | |||
| This specification updates RFC 6790 by deprecating the version of | This specification updates RFC 6790 by deprecating the version of | |||
| ELCA defined in Section 5.2 of that document. A forthcoming document | ELCA defined in Section 5.2 of that document. A forthcoming document | |||
| will propose a replacement. | will propose a replacement. | |||
| 1.1. Requirements Language | 1.1. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in RFC 2119 [RFC2119]. | document are to be interpreted as described in RFC 2119 [RFC2119]. | |||
| 2. IANA Considerations | 2. Deprecation of ELCA | |||
| This document deprecates the ELCA path attribute. This means that | ||||
| any implementation done subsequent to the publication of this | ||||
| document MUST NOT generate the attribute. If received it MUST be | ||||
| treated as any other unrecognized optional transitive attribute as | ||||
| per [RFC4271], until and unless the code point is reused by some new | ||||
| specification. (To the authors' best knowledge, there are no | ||||
| implementations of ELCA at the time of writing.) | ||||
| 3. IANA Considerations | ||||
| For the reasons given in Section 1, IANA is requested to mark | For the reasons given in Section 1, IANA is requested to mark | |||
| attribute 28 in the "BGP Path Attributes" registry as "deprecated", | attribute 28 in the "BGP Path Attributes" registry as "deprecated", | |||
| reference this RFC. | reference this RFC. | |||
| 3. Security Considerations | 4. Security Considerations | |||
| ELCA as defined in [RFC6790] S. 5.2, has in common with other | ELCA as defined in [RFC6790] S. 5.2, has in common with other | |||
| optional, transitive path attributes the property that it will be | optional, transitive path attributes the property that it will be | |||
| "tunneled" through intervening routers that don't implement the | "tunneled" through intervening routers that don't implement the | |||
| relevant specification. Unfortunately, as discussed elsewhere in | relevant specification. Unfortunately, as discussed elsewhere in | |||
| this document, implementations of [RFC6790] S. 5.2 receiving such | this document, implementations of [RFC6790] S. 5.2 receiving such | |||
| "tunneled" attributes could -- sometimes improperly -- rely on them. | "tunneled" attributes could -- sometimes improperly -- rely on them. | |||
| The consequence of so doing could be a black hole in the forwarding | The consequence of so doing could be a black hole in the forwarding | |||
| path for the affected routes. Whether this is a new security issue | path for the affected routes. Whether this is a new security issue | |||
| or not is somewhat debatable, since to be exploited an attacker would | or not is somewhat debatable, since to be exploited an attacker would | |||
| have to be part of the control plane path for the route in question, | have to be part of the control plane path for the route in question, | |||
| and under those circumstances an attacker already has a panoply of | and under those circumstances an attacker already has a panoply of | |||
| mischief-making tools available, as discussed in [RFC4272]. | mischief-making tools available, as discussed in [RFC4272]. | |||
| In any case, this document renders any real or imagined security | In any case, this document renders any real or imagined security | |||
| issues with ELCA moot, by deprecating it. | issues with ELCA moot, by deprecating it. | |||
| 4. Acknowledgements | 5. Acknowledgements | |||
| Thanks to Alia Atlas, Bruno Decraene, Martin Djernaes, John Drake, | Thanks to Alia Atlas, Bruno Decraene, Martin Djernaes, John Drake, | |||
| Adrian Farrell, Keyur Patel, Ravi Singh and Kevin Wang for their | Adrian Farrell, Keyur Patel, Ravi Singh and Kevin Wang for their | |||
| discussion of this issue. | discussion of this issue. | |||
| 5. References | 6. References | |||
| 5.1. Normative References | 6.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and | [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and | |||
| L. Yong, "The Use of Entropy Labels in MPLS Forwarding", | L. Yong, "The Use of Entropy Labels in MPLS Forwarding", | |||
| RFC 6790, November 2012. | RFC 6790, November 2012. | |||
| 5.2. Informative References | 6.2. Informative References | |||
| [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway | [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway | |||
| Protocol 4 (BGP-4)", RFC 4271, January 2006. | Protocol 4 (BGP-4)", RFC 4271, January 2006. | |||
| [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", RFC | [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", RFC | |||
| 4272, January 2006. | 4272, January 2006. | |||
| Authors' Addresses | Authors' Addresses | |||
| John G. Scudder | John G. Scudder | |||
| End of changes. 9 change blocks. | ||||
| 10 lines changed or deleted | 20 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||