| draft-ietf-mpls-deprecate-bgp-entropy-label-02.txt | rfc7447.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force J. Scudder | Internet Engineering Task Force (IETF) J. Scudder | |||
| Internet-Draft K. Kompella | Request for Comments: 7447 K. Kompella | |||
| Updates: 6790 (if approved) Juniper Networks | Updates: 6790 Juniper Networks | |||
| Intended status: Standards Track December 12, 2014 | Category: Standards Track February 2015 | |||
| Expires: June 15, 2015 | ISSN: 2070-1721 | |||
| Deprecation of BGP Entropy Label Capability Attribute | Deprecation of BGP Entropy Label Capability Attribute | |||
| draft-ietf-mpls-deprecate-bgp-entropy-label-02 | ||||
| Abstract | Abstract | |||
| RFC 6790 defines the BGP Entropy Label Capability attribute. | The BGP Entropy Label Capability attribute is defined in RFC 6790. | |||
| Regrettably, it has a bug: although RFC 6790 mandates that Entropy | Regrettably, it has a bug: although RFC 6790 mandates that routers | |||
| Label-incapable routers must remove the attribute, in practice this | incapable of processing Entropy Labels must remove the attribute, | |||
| requirement can't be guaranteed to be fulfilled. This specification | fulfillment of this requirement cannot be guaranteed in practice. | |||
| deprecates the attribute. A forthcoming document will propose a | This specification deprecates the attribute. A forthcoming document | |||
| replacement. | will propose a replacement. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This is an Internet Standards Track document. | |||
| provisions of BCP 78 and BCP 79. | ||||
| Internet-Drafts are working documents of the Internet Engineering | ||||
| Task Force (IETF). Note that other groups may also distribute | ||||
| working documents as Internet-Drafts. The list of current Internet- | ||||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | ||||
| Internet-Drafts are draft documents valid for a maximum of six months | This document is a product of the Internet Engineering Task Force | |||
| and may be updated, replaced, or obsoleted by other documents at any | (IETF). It represents the consensus of the IETF community. It has | |||
| time. It is inappropriate to use Internet-Drafts as reference | received public review and has been approved for publication by the | |||
| material or to cite them other than as "work in progress." | Internet Engineering Steering Group (IESG). Further information on | |||
| Internet Standards is available in Section 2 of RFC 5741. | ||||
| This Internet-Draft will expire on June 15, 2015. | Information about the current status of this document, any errata, | |||
| and how to provide feedback on it may be obtained at | ||||
| http://www.rfc-editor.org/info/rfc7447. | ||||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2014 IETF Trust and the persons identified as the | Copyright (c) 2015 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | ||||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | ||||
| 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 2 | ||||
| 2. Deprecation of ELCA . . . . . . . . . . . . . . . . . . . . . 2 | ||||
| 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 | ||||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 3 | ||||
| 5. References . . . . . . . . . . . . . . . . . . . . . . . . . 3 | ||||
| 5.1. Normative References . . . . . . . . . . . . . . . . . . 3 | ||||
| 5.2. Informative References . . . . . . . . . . . . . . . . . 3 | ||||
| Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 4 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 4 | ||||
| 1. Introduction | 1. Introduction | |||
| [RFC6790] defines the Entropy Label Capability attribute (ELCA), an | [RFC6790] defines the Entropy Label Capability attribute (ELCA), an | |||
| optional, transitive BGP path attribute. For correct operation, it | optional, transitive BGP path attribute. For correct operation, an | |||
| is necessary that an intermediate node modifying the next hop of a | intermediate node modifying the next hop of a route must remove the | |||
| route must remove the ELCA unless the node so doing is able to | ELCA unless the node doing so is able to process entropy labels. | |||
| process entropy labels. Sadly, this requirement cannot be fulfilled | Sadly, this requirement cannot be fulfilled with the ELCA as | |||
| with the ELCA as specified, because it is an optional, transitive | specified, because it is an optional, transitive attribute. By | |||
| attribute: by definition, a node that does not support the ELCA will | definition, a node that does not support the ELCA will propagate the | |||
| propagate the attribute. (This is a general property of optional, | attribute (this is a general property of optional, transitive | |||
| transitive attributes, see [RFC4271].) But such an ELCA-oblivious | attributes; see [RFC4271]). But such an ELCA-oblivious node is | |||
| node is likely to also be entropy label-incapable and is exactly the | likely to be incapable of processing entropy labels and is exactly | |||
| one that we desire to remove the attribute! | the node that we desire to remove the attribute! | |||
| This specification updates RFC 6790 by deprecating the version of | This specification updates RFC 6790 by deprecating the version of | |||
| ELCA defined in Section 5.2 of that document. A forthcoming document | ELCA defined in Section 5.2 of that document. A forthcoming document | |||
| will propose a replacement. All other sections of RFC 6790 are | will propose a replacement. All other sections of RFC 6790 are | |||
| unchanged. | unchanged. | |||
| 1.1. Requirements Language | 1.1. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in RFC 2119 [RFC2119]. | document are to be interpreted as described in RFC 2119 [RFC2119]. | |||
| 2. Deprecation of ELCA | 2. Deprecation of ELCA | |||
| This document deprecates the ELCA path attribute. This means that | This document deprecates the ELCA path attribute. This means that | |||
| any implementation MUST NOT generate the attribute. If received it | implementations MUST NOT generate the attribute. If received, the | |||
| MUST be treated as any other unrecognized optional transitive | attribute MUST be treated as any other unrecognized optional, | |||
| attribute as per [RFC4271], until and unless the code point is reused | transitive attribute as per [RFC4271], until and unless the code | |||
| by some new specification. (To the authors' best knowledge, there | point is reused by some new specification. (To the authors' best | |||
| are no implementations of ELCA at the time of writing.) | knowledge, there are no implementations of ELCA at the time of | |||
| writing.) | ||||
| 3. IANA Considerations | 3. IANA Considerations | |||
| For the reasons given in Section 1, IANA is requested to mark | For the reasons given in Section 1, IANA has marked attribute 28 "BGP | |||
| attribute 28 in the "BGP Path Attributes" registry as "deprecated" | Entropy Label Capability Attribute" in the "BGP Path Attributes" | |||
| and reference this RFC. | registry as "deprecated" and has added a reference to this RFC. | |||
| 4. Security Considerations | 4. Security Considerations | |||
| ELCA as defined in [RFC6790] S. 5.2, has in common with other | ELCA, as defined in Section 5.2 of [RFC6790], has in common with | |||
| optional, transitive path attributes the property that it will be | other optional, transitive path attributes the property that it will | |||
| "tunneled" through intervening routers that don't implement the | be "tunneled" through intervening routers that don't implement the | |||
| relevant specification. Unfortunately, as discussed elsewhere in | relevant specification. Unfortunately, as discussed elsewhere in | |||
| this document, implementations of [RFC6790] S. 5.2 receiving such | this document, implementations of ELCA that receive such "tunneled" | |||
| "tunneled" attributes could -- sometimes improperly -- rely on them. | attributes could -- sometimes improperly -- rely on them. The | |||
| The consequence of so doing could be a black hole in the forwarding | consequence of doing so could be a black hole in the forwarding path | |||
| path for the affected routes. Whether this is a new security issue | for the affected routes. Whether or not this is a new security issue | |||
| or not is somewhat debatable, since to be exploited an attacker would | is somewhat debatable, since an attacker would have to be part of the | |||
| have to be part of the control plane path for the route in question, | control-plane path for the route in question in order for the | |||
| and under those circumstances an attacker already has a panoply of | attacker to exploit the issue. Under those circumstances, an | |||
| mischief-making tools available, as discussed in [RFC4272]. | attacker already has a panoply of mischief-making tools available, as | |||
| discussed in [RFC4272]. | ||||
| In any case, this document renders any real or imagined security | In any case, this document renders any real or imagined security | |||
| issues with ELCA moot, by deprecating it. | issues with ELCA moot, by deprecating it. | |||
| 5. Acknowledgements | 5. References | |||
| Thanks to Alia Atlas, Bruno Decraene, Martin Djernaes, John Drake, | ||||
| Adrian Farrell, Keyur Patel, Ravi Singh and Kevin Wang for their | ||||
| discussion of this issue. | ||||
| 6. References | ||||
| 6.1. Normative References | 5.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997, | |||
| <http://www.rfc-editor.org/info/rfc2119>. | ||||
| [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and | [RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and | |||
| L. Yong, "The Use of Entropy Labels in MPLS Forwarding", | L. Yong, "The Use of Entropy Labels in MPLS Forwarding", | |||
| RFC 6790, November 2012. | RFC 6790, November 2012, | |||
| <http://www.rfc-editor.org/info/rfc6790>. | ||||
| 6.2. Informative References | 5.2. Informative References | |||
| [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway | [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A | |||
| Protocol 4 (BGP-4)", RFC 4271, January 2006. | Border Gateway Protocol 4 (BGP-4)", RFC 4271, January | |||
| 2006, <http://www.rfc-editor.org/info/rfc4271>. | ||||
| [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", RFC | [RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", RFC | |||
| 4272, January 2006. | 4272, January 2006, | |||
| <http://www.rfc-editor.org/info/rfc4272>. | ||||
| Acknowledgements | ||||
| Thanks to Alia Atlas, Bruno Decraene, Martin Djernaes, John Drake, | ||||
| Adrian Farrel, Keyur Patel, Ravi Singh, and Kevin Wang for their | ||||
| discussion of this issue. | ||||
| Authors' Addresses | Authors' Addresses | |||
| John G. Scudder | John G. Scudder | |||
| Juniper Networks | Juniper Networks | |||
| Email: jgs@juniper.net | EMail: jgs@juniper.net | |||
| Kireeti Kompella | Kireeti Kompella | |||
| Juniper Networks | Juniper Networks | |||
| Email: kireeti@juniper.net | EMail: kireeti@juniper.net | |||
| End of changes. 22 change blocks. | ||||
| 69 lines changed or deleted | 85 lines changed or added | |||
This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||