draft-ietf-idr-flowspec-redirect-rt-bis-05.txt   rfc7674.txt 
Internet Engineering Task Force J. Haas, Ed. Internet Engineering Task Force (IETF) J. Haas, Ed.
Internet-Draft Juniper Networks Request for Comments: 7674 Juniper Networks
Updates: 5575 (if approved) July 27, 2015 Updates: 5575 October 2015
Intended status: Standards Track Category: Standards Track
Expires: January 28, 2016 ISSN: 2070-1721
Clarification of the Flowspec Redirect Extended Community Clarification of the Flowspec Redirect Extended Community
draft-ietf-idr-flowspec-redirect-rt-bis-05
Abstract Abstract
This document updates RFC 5575 (Dissemination of Flow Specification This document updates RFC 5575 ("Dissemination of Flow Specification
Rules) to clarify the formatting of the the BGP Flowspec Redirect Rules") to clarify the formatting of the BGP Flowspec Redirect
Extended Community. Extended Community.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 5741.
This Internet-Draft will expire on January 28, 2016. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7674.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
2.1. BGP Transitive Extended Community Types . . . . . . . . . 4 2.1. BGP Transitive Extended Community Types . . . . . . . . . 5
2.2. Update to BGP Generic Transitive Experimental Use 2.2. Update to BGP Generic Transitive Experimental Use
Extended Community Sub-Types . . . . . . . . . . . . . . 5 Extended Community Sub-Types . . . . . . . . . . . . . . 5
2.3. Generic Transitive Experimental Extended Community Part 2 2.3. Generic Transitive Experimental Use Extended Community
Sub-Types . . . . . . . . . . . . . . . . . . . . . . . . 5 Part 2 Sub-Types . . . . . . . . . . . . . . . . . . . . 5
2.4. Generic Transitive Experimental Extended Community Part 3 2.4. Generic Transitive Experimental Use Extended Community
Sub-Types . . . . . . . . . . . . . . . . . . . . . . . . 5 Part 3 Sub-Types . . . . . . . . . . . . . . . . . . . . 6
3. Security Considerations . . . . . . . . . . . . . . . . . . . 6 3. Security Considerations . . . . . . . . . . . . . . . . . . . 6
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 4. Normative References . . . . . . . . . . . . . . . . . . . . 7
5. Normative References . . . . . . . . . . . . . . . . . . . . 6 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 7
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction 1. Introduction
Dissemination of Flow Specification Rules [RFC5575], commonly known "Dissemination of Flow Specification Rules" [RFC5575], commonly known
as BGP Flowspec, provided for a BGP Extended Community [RFC4360] that as BGP Flowspec, provided for a BGP Extended Community [RFC4360] that
served to redirect traffic to a VRF routing instance that matched the served to redirect traffic to a Virtual Routing and Forwarding (VRF)
flow specification NLRI. In that RFC, the Redirect Extended instance that matched the flow specification's Network Layer
Reachability Information (NLRI). In RFC 5575, the Redirect Extended
Community was documented as follows: Community was documented as follows:
: +--------+--------------------+--------------------------+ : +--------+--------------------+--------------------------+
: | type | extended community | encoding | : | type | extended community | encoding |
: +--------+--------------------+--------------------------+ : +--------+--------------------+--------------------------+
: | 0x8008 | redirect | 6-byte Route Target | : | 0x8008 | redirect | 6-byte Route Target |
: +--------+--------------------+--------------------------+ : +--------+--------------------+--------------------------+
: :
: [...] : [...]
: :
skipping to change at page 3, line 35 skipping to change at page 3, line 44
: The following traffic filtering flow specification rules have been : The following traffic filtering flow specification rules have been
: allocated by IANA from the "BGP Extended Communities Type - : allocated by IANA from the "BGP Extended Communities Type -
: Experimental Use" registry as follows: : Experimental Use" registry as follows:
: [...] : [...]
: :
: 0x8008 - Flow spec redirect : 0x8008 - Flow spec redirect
The IANA registry of BGP Extended Communities clearly identifies The IANA registry of BGP Extended Communities clearly identifies
communities of specific formats. For example, "Two-octet AS Specific communities of specific formats. For example, "Two-octet AS Specific
Extended Community" [RFC4360], "Four-octet AS Specific Extended Extended Community" [RFC4360], "Four-octet AS Specific Extended
Community" [RFC5668] and "IPv4 Address Specific Extended Community" Community" [RFC5668], and "IPv4 Address Specific Extended Community"
[RFC4360]. Route Targets [RFC4360] identify this format in the high- [RFC4360]. Route Targets [RFC4360] identify this format in the high-
order (Type) octet of the Extended Community and set the value of the order (Type) octet of the Extended Community and set the value of the
low-order (Sub-Type) octet to 0x02. The Value field of the Route low-order (Sub-Type) octet to 0x02. The Value field of the Route
Target Extended Community is intended to be interpreted in the Target Extended Community is intended to be interpreted in the
context of its format. context of its format.
Since the Redirect Extended Community only registered a single code- Since the Redirect Extended Community only registered a single
point in the IANA BGP Extended Community registry, a common codepoint in IANA's BGP Extended Community registry, a common
interpretation of the redirect extended community's "6-byte route interpretation of the Redirect Extended Community's "6-byte Route
target" has been to look, at a receiving router, for a route target Target" has been to look, at a receiving router, for a Route Target
value that matches the route target value in the received redirect value that matches the Route Target value in the received Redirect
extended community, and import the advertised route to the Extended Community and import the advertised route to the
corresponding VRF instance subject to the rules defined in [RFC5575]. corresponding VRF instance subject to the rules defined in [RFC5575].
However, because the route target format in the redirect extended However, because the Route Target format in the Redirect Extended
community is not clearly defined, the wrong match may occur. Community is not clearly defined, the wrong match may occur.
This "value wildcard" matching behavior, which does not take into This "value wildcard" matching behavior, which does not take into
account the format of the route target defined for a local VRF and account the format of the Route Target defined for a local VRF and
may result in the wrong matching decision, does not match deployed may result in the wrong matching decision, does not match deployed
implementations of BGP Flowspec. Deployed implementations of BGP implementations of BGP Flowspec. Deployed implementations of BGP
Flowspec solve this problem by defining different redirect extended Flowspec solve this problem by defining different Redirect Extended
communities that are specific to the format of the route target Communities that are specific to the format of the Route Target
value. This document defines the following redirect extended value. This document defines the following Redirect Extended
communities: Communities:
+--------+--------------------+-------------------------------------+ +--------+--------------------+-------------------------------------+
| type | extended community | encoding | | type | extended community | encoding |
+--------+--------------------+-------------------------------------+ +--------+--------------------+-------------------------------------+
| 0x8008 | redirect AS-2byte | 2-octet AS, 4-octet Value | | 0x8008 | redirect AS-2byte | 2-octet AS, 4-octet Value |
| 0x8108 | redirect IPv4 | 4-octet IPv4 Address, 2-octet Value | | 0x8108 | redirect IPv4 | 4-octet IPv4 Address, 2-octet Value |
| 0x8208 | redirect AS-4byte | 4-octet AS, 2-octet Value | | 0x8208 | redirect AS-4byte | 4-octet AS, 2-octet Value |
+--------+--------------------+-------------------------------------+ +--------+--------------------+-------------------------------------+
It should be noted that the low-order nibble of the Redirect's Type It should be noted that the low-order nibble of the Redirect's Type
field corresponds to the Route Target Extended Community format field field corresponds to the Route Target Extended Community format field
(Type). (See [RFC4360], Secs. 3.1, 3.2, and 4 plus [RFC5668], Sec. (Type). (See Sections 3.1, 3.2, and 4 of [RFC4360] plus Section 2 of
2.) The low order octet (Sub-Type) of the Redirect Extended [RFC5668].) The low-order octet (Sub-Type) of the Redirect Extended
Community remains 0x08, contrasted to 0x02 for Route Targets. Community remains 0x08, in contrast to 0x02 for Route Targets.
The IANA Registries for BGP Extended Communities [RFC7153] document The IANA registries for the BGP Extended Communities document
was written to update the previously-mentioned IANA registries to [RFC7153] was written to update the previously mentioned IANA
better document BGP Extended Community formats. The IANA registries to better document BGP Extended Community formats. The
Considerations section below further amends those registry updates in IANA Considerations section below further amends those registry
order to properly document the Flowspec redirect communities. updates in order to properly document the Flowspec redirect
communities.
2. IANA Considerations 2. IANA Considerations
2.1. BGP Transitive Extended Community Types 2.1. BGP Transitive Extended Community Types
IANA is requested to update the "BGP Transitive Extended Community IANA has updated the "BGP Transitive Extended Community Types"
Types" registry as follows: registry as follows:
0x81 - Generic Transitive Experimental Use Extended Community 0x81 - Generic Transitive Experimental Use Extended Community Part 2
Part 2 (Sub-Types are defined in the "Generic Transitive (Sub-Types are defined in the "Generic Transitive
Experimental Extended Community Part 2 Sub-Types" Registry) Experimental Extended Community Part 2 Sub-Types" Registry)
0x82 - Generic Transitive Experimental Use Extended Community
Part 3 (Sub-Types are defined in the "Generic Transitive 0x82 - Generic Transitive Experimental Use Extended Community Part 3
Experimental Extended Community Part 3 Sub-Types" Registry) (Sub-Types are defined in the "Generic Transitive
Experimental Use Extended Community Part 3 Sub-Types"
Registry)
2.2. Update to BGP Generic Transitive Experimental Use Extended 2.2. Update to BGP Generic Transitive Experimental Use Extended
Community Sub-Types Community Sub-Types
IANA is requested to update the "BGP Generic Transitive Experimental IANA has updated the "BGP Generic Transitive Experimental Use
Use Extended Community Sub-Types" registry as follows: Extended Community Sub-Types" registry as follows:
0x08 - Flow spec redirect AS-2byte format. [RFC5575, RFC-to-be]
(Note to RFC Editor - replace RFC-to-be with this RFC number.) 0x08 - Flow spec redirect AS-2byte format [RFC5575] [RFC7674]
2.3. Generic Transitive Experimental Extended Community Part 2 Sub- 2.3. Generic Transitive Experimental Use Extended Community Part 2
Types Sub-Types
IANA is requested to create the "Generic Transitive Experimental Use IANA has created the "Generic Transitive Experimental Use Extended
Extended Community Part 2 Sub-Types" registry. This registry should Community Part 2 Sub-Types" registry. This has been created under
be created under the BGP Extended Communities registry. It will the "Border Gateway Protocol (BGP) Extended Communities" registry and
contain the following note: contains the following note:
This registry contains values of the second octet (the "Sub-Type" This registry contains values of the second octet (the "Sub-Type"
field) of an extended community when the value of the first octet field) of an extended community when the value of the first octet
(the "Type" field) is 0x81. (the "Type" field) is 0x81.
Registry Name: Generic Transitive Experimental Use Extended Community Registry Name: Generic Transitive Experimental Use Extended Community
Part 2 Sub-Types Part 2 Sub-Types
RANGE REGISTRATION PROCEDURE REFERENCE RANGE REGISTRATION PROCEDURE
0x00-0xbf First Come First Served
0x00-0xBF First Come First Served 0xc0-0xff IETF Review
0xC0-0xFF IETF Review
SUB-TYPE VALUE NAME SUB-TYPE VALUE NAME REFERENCE
0x00-0x07 Unassigned 0x00-0x07 Unassigned
0x08 Flow spec redirect IPv4 format. [RFC-to-be] 0x08 Flow spec redirect IPv4 format [RFC7674]
0x09-0xff Unassigned 0x09-0xff Unassigned
(Note to RFC Editor - replace RFC-to-be with this RFC number.) 2.4. Generic Transitive Experimental Use Extended Community Part 3
Sub-Types
2.4. Generic Transitive Experimental Extended Community Part 3 Sub-
Types
IANA is requested to create the "Generic Transitive Experimental Use IANA has created the "Generic Transitive Experimental Use Extended
Extended Community Part 3 Sub-Types" registry. This registry should Community Part 3 Sub-Types" registry. This registry has been created
be created under the BGP Extended Communities registry. It will under the "Border Gateway Protocol (BGP) Extended Communities"
contain the following note: registry and contains the following note:
This registry contains values of the second octet (the "Sub-Type" This registry contains values of the second octet (the "Sub-Type"
field) of an extended community when the value of the first octet field) of an extended community when the value of the first octet
(the "Type" field) is 0x82. (the "Type" field) is 0x82.
Registry Name: Generic Transitive Experimental Use Extended Community Registry Name: Generic Transitive Experimental Use Extended Community
Part 2 Sub-Types Part 2 Sub-Types
RANGE REGISTRATION PROCEDURE REFERENCE RANGE REGISTRATION PROCEDURE
0x00-0xbf First Come First Served
0x00-0xBF First Come First Served 0xc0-0xff IETF Review
0xC0-0xFF IETF Review
SUB-TYPE VALUE NAME SUB-TYPE VALUE NAME REFERENCE
0x00-0x07 Unassigned 0x00-0x07 Unassigned
0x08 Flow spec redirect AS-4byte format. [RFC-to-be] 0x08 Flow spec redirect AS-4byte format [RFC7674]
0x09-0xff Unassigned 0x09-0xff Unassigned
(Note to RFC Editor - replace RFC-to-be with this RFC number.)
3. Security Considerations 3. Security Considerations
This document introduces no additional security considerations than This document introduces no additional security considerations than
those already covered in [RFC5575]. It should be noted that if the those already covered in [RFC5575]. It should be noted that if the
wildcard behavior were actually implemented, this ambiguity may lead wildcard behavior were actually implemented, this ambiguity may lead
to the installation of Flowspec rules in an incorrect VRF and may to the installation of Flowspec rules in an incorrect VRF and may
lead to traffic to be incorrectly delivered. lead to traffic to be incorrectly delivered.
4. Acknowledgements 4. Normative References
The contents of this document was raised as part of implementation [RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended
discussions of BGP Flowspec with the following individuals: Communities Attribute", RFC 4360, DOI 10.17487/RFC4360,
February 2006, <http://www.rfc-editor.org/info/rfc4360>.
Andrew Karch (Cisco) [RFC5575] Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J.,
and D. McPherson, "Dissemination of Flow Specification
Rules", RFC 5575, DOI 10.17487/RFC5575, August 2009,
<http://www.rfc-editor.org/info/rfc5575>.
Robert Raszuk [RFC5668] Rekhter, Y., Sangli, S., and D. Tappan, "4-Octet AS
Specific BGP Extended Community", RFC 5668,
DOI 10.17487/RFC5668, October 2009,
<http://www.rfc-editor.org/info/rfc5668>.
Adam Simpson (Alcatel-Lucent) [RFC7153] Rosen, E. and Y. Rekhter, "IANA Registries for BGP
Extended Communities", RFC 7153, DOI 10.17487/RFC7153,
March 2014, <http://www.rfc-editor.org/info/rfc7153>.
Matthieu Texier (Arbor Networks) Acknowledgements
Kaliraj Vairavakkalai (Juniper) The content of this document was raised as part of implementation
discussions of the BGP Flowspec with the following individuals:
5. Normative References Andrew Karch (Cisco)
[RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended Robert Raszuk
Communities Attribute", RFC 4360, February 2006.
[RFC5575] Marques, P., Sheth, N., Raszuk, R., Greene, B., Mauch, J., Adam Simpson (Alcatel-Lucent)
and D. McPherson, "Dissemination of Flow Specification
Rules", RFC 5575, August 2009.
[RFC5668] Rekhter, Y., Sangli, S., and D. Tappan, "4-Octet AS Matthieu Texier (Arbor Networks)
Specific BGP Extended Community", RFC 5668, October 2009.
[RFC7153] Rosen, E. and Y. Rekhter, "IANA Registries for BGP Kaliraj Vairavakkalai (Juniper)
Extended Communities", RFC 7153, March 2014.
Author's Address Author's Address
Jeffrey Haas (editor) Jeffrey Haas (editor)
Juniper Networks Juniper Networks
Email: jhaas@juniper.net Email: jhaas@juniper.net
 End of changes. 45 change blocks. 
114 lines changed or deleted 111 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/