draft-ietf-idr-flowspec-path-redirect-06.txt   draft-ietf-idr-flowspec-path-redirect-07.txt 
IDR Working Group G. Van de Velde, Ed. IDR Working Group G. Van de Velde, Ed.
Internet-Draft Nokia Internet-Draft Nokia
Intended status: Standards Track K. Patel Intended status: Standards Track K. Patel
Expires: December 7, 2018 Arrcus Expires: June 16, 2019 Arrcus
Z. Li Z. Li
Huawei Technologies Huawei Technologies
June 5, 2018 December 13, 2018
Flowspec Indirection-id Redirect Flowspec Indirection-id Redirect
draft-ietf-idr-flowspec-path-redirect-06 draft-ietf-idr-flowspec-path-redirect-07
Abstract Abstract
This document defines a new extended community known as "FlowSpec This document defines a new extended community known as "FlowSpec
Redirect to indirection-id Extended Community". This extended Redirect to indirection-id Extended Community". This extended
community triggers advanced redirection capabilities to flowspec community triggers advanced redirection capabilities to flowspec
clients. When activated, this flowspec extended community is used by clients. When activated, this flowspec extended community is used by
a flowspec client to retrieve the corresponding next-hop and encoding a flowspec client to retrieve the corresponding next-hop and encoding
information within a localised indirection-id mapping table. information within a localised indirection-id mapping table.
skipping to change at page 1, line 48 skipping to change at page 1, line 48
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on December 7, 2018. This Internet-Draft will expire on June 16, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 9, line 9 skipping to change at page 9, line 9
possible from a semantics perspective to have multiple clashing possible from a semantics perspective to have multiple clashing
redirect actions defined within a single flowspec rule. For best and redirect actions defined within a single flowspec rule. For best and
consistant compatibility with legacy implementations, the redirect consistant compatibility with legacy implementations, the redirect
functionality as documented by RFC5575 MUST NOT be broken, and hence functionality as documented by RFC5575 MUST NOT be broken, and hence
when a clash occurs, then RFC5575 based redirect MUST take priority. when a clash occurs, then RFC5575 based redirect MUST take priority.
Additionally, if the "Redirect to indirection-id" does not result in Additionally, if the "Redirect to indirection-id" does not result in
a valid redirection, then the flowspec rule MUST be processed as if a valid redirection, then the flowspec rule MUST be processed as if
the "Redirect to indirection-id" community was not attached to the the "Redirect to indirection-id" community was not attached to the
flowspec route. In addition the flowspec client MUST provide an flowspec route. In addition the flowspec client MUST provide an
indication within the BGP routing table that the respective indication that the respective "'Redirect to indirection-id" resulted
"'Redirect to indirection-id" resulted in an invalid redirection in an invalid redirection action.
action.
7. Security Considerations 7. Security Considerations
A system using "Redirect to indirection-id" extended community can A system using "Redirect to indirection-id" extended community can
cause during the redirect mitigation of a DDoS attack overflow of cause during the redirect mitigation of a DDoS attack overflow of
traffic received by the mitigation infrastructure. traffic received by the mitigation infrastructure.
8. Acknowledgements 8. Acknowledgements
This document received valuable comments and input from IDR working This document received valuable comments and input from IDR working
 End of changes. 5 change blocks. 
7 lines changed or deleted 6 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/