| draft-ietf-sidrops-ov-egress-02.txt | draft-ietf-sidrops-ov-egress-03.txt | |||
|---|---|---|---|---|
| Network Working Group R. Bush | Network Working Group R. Bush | |||
| Internet-Draft Internet Initiative Japan & Arrcus | Internet-Draft Internet Initiative Japan & Arrcus | |||
| Updates: 6811 (if approved) R. Volk | Updates: 6811 (if approved) R. Volk | |||
| Intended status: Standards Track Deutsche Telekom | Intended status: Standards Track Deutsche Telekom | |||
| Expires: September 20, 2020 J. Heitz | Expires: October 9, 2020 J. Heitz | |||
| Cisco | Cisco | |||
| March 19, 2020 | April 7, 2020 | |||
| BGP RPKI-Based Origin Validation on Export | BGP RPKI-Based Origin Validation on Export | |||
| draft-ietf-sidrops-ov-egress-02 | draft-ietf-sidrops-ov-egress-03 | |||
| Abstract | Abstract | |||
| A BGP speaker may perform RPKI origin validation not only on routes | A BGP speaker may perform RPKI origin validation not only on routes | |||
| received from BGP neighbors and routes that are redistributed from | received from BGP neighbors and routes that are redistributed from | |||
| other routing protocols, but also on routes it sends to BGP | other routing protocols, but also on routes it sends to BGP | |||
| neighbors. For egress policy, it is important that the | neighbors. For egress policy, it is important that the | |||
| classification uses the effective origin AS of the processed route, | classification uses the 'effective origin AS' of the processed route, | |||
| which may specifically be altered by the commonly available knobs | which may specifically be altered by the commonly available knobs | |||
| such as removing private ASs, confederation handling, and other | such as removing private ASs, confederation handling, and other | |||
| modifications of the origin AS. | modifications of the origin AS. This document updates [RFC6811]. | |||
| Requirements Language | Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 48 ¶ | skipping to change at page 1, line 48 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 20, 2020. | This Internet-Draft will expire on October 9, 2020. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 26 ¶ | skipping to change at page 2, line 26 ¶ | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Suggested Reading . . . . . . . . . . . . . . . . . . . . . . 3 | 2. Suggested Reading . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Egress Processing . . . . . . . . . . . . . . . . . . . . . . 3 | 3. Egress Processing . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 4. Operational Considerations . . . . . . . . . . . . . . . . . 3 | 4. Operational Considerations . . . . . . . . . . . . . . . . . 3 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . . . . 3 | 5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 4 | 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . 4 | 8.1. Normative References . . . . . . . . . . . . . . . . . . 4 | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . 4 | 8.2. Informative References . . . . . . . . . . . . . . . . . 5 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 1. Introduction | 1. Introduction | |||
| This document does not change the protocol or semantics of [RFC6811] | This document does not change the protocol or semantics of [RFC6811], | |||
| of RPKI-based origin validation. It highlights an important use case | BGP prefix origin validation. It highlights an important use case of | |||
| of origin validation in eBGP egress policies, explaining specifics of | origin validation in eBGP egress policies, explaining specifics of | |||
| correct implementation in this context. | correct implementation in this context. | |||
| As the origin AS of a BGP UPDATE is decided by configuration and | The term 'effective origin AS' as used in this document refers to the | |||
| outbound policy of the BGP speaker, a validating BGP speaker MUST | Autonomous System number which is used by [RFC6811] BGP Prefix Origin | |||
| apply Route Origin Validation policy semantics against the origin | Validation. | |||
| Autonomous System number which will actually be put in the AS_PATH | ||||
| (see [RFC4271] 4.3 Path Attributes:b) of the UPDATE to the peer. | As the effective origin AS of a BGP UPDATE is decided by | |||
| configuration and outbound policy of the BGP speaker, a validating | ||||
| BGP speaker MUST apply Route Origin Validation policy semantics (see | ||||
| [RFC6811] Sec 2 and [RFC8481] Sec 4) against the origin Autonomous | ||||
| System number which will actually be used by subsequent [RFC6811] BGP | ||||
| Prefix Origin Validation. | ||||
| This effective origin AS of the announcement might be affected by | This effective origin AS of the announcement might be affected by | |||
| removal of private AS(s), confederation, AS migration, etc. Any | removal of private ASs, confederation [RFC5065], migration [RFC7705], | |||
| AS_PATH modifications resulting in origin AS change MUST be taken | etc. Any AS_PATH modifications resulting in effective origin AS | |||
| into account. | change MUST be taken into account. | |||
| This document updates [RFC6811] by clarifying that implementations | This document updates [RFC6811] by clarifying that implementations | |||
| must use the effective origin AS to determine the Origin Validation | must use the effective origin AS to determine the Origin Validation | |||
| state when applying egress policy. | state when applying egress policy. | |||
| 2. Suggested Reading | 2. Suggested Reading | |||
| It is assumed that the reader understands BGP, [RFC4271], the RPKI, | It is assumed that the reader understands BGP, [RFC4271], the RPKI, | |||
| [RFC6480], Route Origin Authorizations (ROAs), [RFC6482], RPKI-based | [RFC6480], Route Origin Authorizations (ROAs), [RFC6482], RPKI-based | |||
| Prefix Validation, [RFC6811], and Origin Validation Clarifications, | Prefix Validation, [RFC6811], and Origin Validation Clarifications, | |||
| [RFC8481]. | [RFC8481]. | |||
| 3. Egress Processing | 3. Egress Processing | |||
| BGP implementations supporting RPKI-based origin validation SHOULD | BGP implementations supporting RPKI-based origin validation MUST | |||
| provide the same policy configuration primitives for decisions based | provide the same policy configuration primitives for decisions based | |||
| on validation state available for use in ingress, redistribution, and | on validation state available for use in ingress, redistribution, and | |||
| egress policies. When applied to egress policy, validation state | egress policies. When applied to egress policy, validation state | |||
| MUST be determined using the effective origin AS of the route as it | MUST be determined using the effective origin AS of the route as it | |||
| will (or would) be announced to the peer. The effective origin AS | will (or would) be announced to the peer. The effective origin AS | |||
| may differ from that of the route in the RIB due to commonly | may differ from that of the route in the RIB due to commonly | |||
| available knobs such as: removal of private ASs, AS path | available knobs such as: removal of private ASs, AS path | |||
| manipulation, confederation handling, etc. | manipulation, confederation handling, etc. | |||
| Egress policy handling can provide more robust protection for | Egress policy handling can provide more robust protection for | |||
| outbound eBGP than relying solely on ingress (iBGP, eBGP, connected, | outbound eBGP than relying solely on ingress (iBGP, eBGP, connected, | |||
| static, etc.) redistribution being configured and working correctly - | static, etc.) redistribution being configured and working correctly - | |||
| better support for the robustness principle. | better support for the robustness principle. | |||
| 4. Operational Considerations | 4. Operational Considerations | |||
| Configurations may have complex policy where the final announced | Configurations may have complex policy where the final announced | |||
| origin AS may not be easily predicted before all policies have been | effective origin AS may not be easily predicted before the outbound | |||
| run. Therefore it SHOULD be possible to specify an origin validation | policies have been run. Therefore it SHOULD be possible to specify | |||
| policy which MUST BE run after such non-deterministic policies. | origin validation policy which will run after all non-validating | |||
| outbound policies. | ||||
| An operator SHOULD be able to list what announcements are not sent to | An implementation SHOULD be able to list announcements that were not | |||
| a peer because they were marked Invalid, as long as the router still | sent to a peer, e.g., because they were marked Invalid, as long as | |||
| has them in memory. | the router still has them in memory. | |||
| 5. Security Considerations | 5. Security Considerations | |||
| This document does not create security considerations beyond those of | This document does not create security considerations beyond those of | |||
| [RFC6811] and [RFC8481]. | [RFC6811] and [RFC8481]. By facilitating more correct validation, it | |||
| attempts to improve BGP reliability. | ||||
| 6. IANA Considerations | 6. IANA Considerations | |||
| This document has no IANA Considerations. | This document has no IANA Considerations. | |||
| 7. Acknowledgments | 7. Acknowledgments | |||
| Thanks to reviewers and comments from Linda Dunbar, Nick Hilliard, | Thanks to reviews and comments from Linda Dunbar, Nick Hilliard, | |||
| Chris Morrow, Keyur Patel, Job Snijders, and Robert Sparks. | Benjamin Kaduk, Chris Morrow, Keyur Patel, Alvaro Retana, Job | |||
| Snijders, Robert Sparks, and Robert Wilton. | ||||
| 8. References | 8. References | |||
| 8.1. Normative References | 8.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <http://www.rfc-editor.org/info/rfc2119>. | <http://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A | [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A | |||
| Border Gateway Protocol 4 (BGP-4)", RFC 4271, | Border Gateway Protocol 4 (BGP-4)", RFC 4271, | |||
| DOI 10.17487/RFC4271, January 2006, | DOI 10.17487/RFC4271, January 2006, | |||
| <http://www.rfc-editor.org/info/rfc4271>. | <http://www.rfc-editor.org/info/rfc4271>. | |||
| [RFC5065] Traina, P., McPherson, D., and J. Scudder, "Autonomous | ||||
| System Confederations for BGP", RFC 5065, | ||||
| DOI 10.17487/RFC5065, August 2007, | ||||
| <http://www.rfc-editor.org/info/rfc5065>. | ||||
| [RFC6482] Lepinski, M., Kent, S., and D. Kong, "A Profile for Route | [RFC6482] Lepinski, M., Kent, S., and D. Kong, "A Profile for Route | |||
| Origin Authorizations (ROAs)", RFC 6482, | Origin Authorizations (ROAs)", RFC 6482, | |||
| DOI 10.17487/RFC6482, February 2012, | DOI 10.17487/RFC6482, February 2012, | |||
| <http://www.rfc-editor.org/info/rfc6482>. | <http://www.rfc-editor.org/info/rfc6482>. | |||
| [RFC6811] Mohapatra, P., Scudder, J., Ward, D., Bush, R., and R. | [RFC6811] Mohapatra, P., Scudder, J., Ward, D., Bush, R., and R. | |||
| Austein, "BGP Prefix Origin Validation", RFC 6811, | Austein, "BGP Prefix Origin Validation", RFC 6811, | |||
| DOI 10.17487/RFC6811, January 2013, | DOI 10.17487/RFC6811, January 2013, | |||
| <http://www.rfc-editor.org/info/rfc6811>. | <http://www.rfc-editor.org/info/rfc6811>. | |||
| [RFC7705] George, W. and S. Amante, "Autonomous System Migration | ||||
| Mechanisms and Their Effects on the BGP AS_PATH | ||||
| Attribute", RFC 7705, DOI 10.17487/RFC7705, November 2015, | ||||
| <http://www.rfc-editor.org/info/rfc7705>. | ||||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <http://www.rfc-editor.org/info/rfc8174>. | May 2017, <http://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC8481] Bush, R., "Clarifications to BGP Origin Validation Based | [RFC8481] Bush, R., "Clarifications to BGP Origin Validation Based | |||
| on Resource Public Key Infrastructure (RPKI)", RFC 8481, | on Resource Public Key Infrastructure (RPKI)", RFC 8481, | |||
| DOI 10.17487/RFC8481, September 2018, | DOI 10.17487/RFC8481, September 2018, | |||
| <https://www.rfc-editor.org/info/rfc8481>. | <https://www.rfc-editor.org/info/rfc8481>. | |||
| 8.2. Informative References | 8.2. Informative References | |||
| End of changes. 18 change blocks. | ||||
| 29 lines changed or deleted | 47 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||