draft-ietf-grow-as-path-prepending-01.txt   draft-ietf-grow-as-path-prepending-02.txt 
Network Working Group M. McBride Network Working Group M. McBride
Internet-Draft Futurewei Internet-Draft Futurewei
Intended status: Best Current Practice D. Madory Intended status: Best Current Practice D. Madory
Expires: May 3, 2021 Oracle Expires: May 5, 2021 Oracle
J. Tantsura J. Tantsura
Apstra Apstra
R. Raszuk R. Raszuk
Bloomberg LP Bloomberg LP
H. Li H. Li
HPE HPE
October 30, 2020 J. Heitz
Cisco
November 1, 2020
AS Path Prepending AS Path Prepending
draft-ietf-grow-as-path-prepending-01 draft-ietf-grow-as-path-prepending-02
Abstract Abstract
AS Path Prepending provides a tool to manipulate the BGP AS_Path AS Path Prepending provides a tool to manipulate the BGP AS_Path
attribute through prepending multiple entries of an AS. AS Path attribute through prepending multiple entries of an AS. AS Path
Prepending is used to deprioritize a route or alternate path. By Prepending is used to deprioritize a route or alternate path. By
prepending the local ASN multiple times, ASs can make advertised AS prepending the local ASN multiple times, ASs can make advertised AS
paths appear artificially longer. Excessive AS Path Prepending has paths appear artificially longer. Excessive AS Path Prepending has
caused routing issues in the internet. This document provides caused routing issues in the internet. This document provides
guidance,to the internet community, with how best to utilize AS Path guidance,to the internet community, with how best to utilize AS Path
skipping to change at page 1, line 44 skipping to change at page 1, line 46
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 3, 2021. This Internet-Draft will expire on May 5, 2021.
Copyright Notice Copyright Notice
Copyright (c) 2020 IETF Trust and the persons identified as the Copyright (c) 2020 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 28 skipping to change at page 2, line 28
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
2. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Problems . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. Problems . . . . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. Excessive Prepending . . . . . . . . . . . . . . . . . . 4 3.1. Excessive Prepending . . . . . . . . . . . . . . . . . . 4
3.2. Prepending during a routing leak . . . . . . . . . . . . 5 3.2. Prepending during a routing leak . . . . . . . . . . . . 5
3.3. Prepending to All . . . . . . . . . . . . . . . . . . . . 6 3.3. Prepending to All . . . . . . . . . . . . . . . . . . . . 5
3.4. Memory . . . . . . . . . . . . . . . . . . . . . . . . . 6 3.4. Memory . . . . . . . . . . . . . . . . . . . . . . . . . 6
3.5. Errant announcement . . . . . . . . . . . . . . . . . . . 7 3.5. Errant announcement . . . . . . . . . . . . . . . . . . . 6
4. Alternatives to AS Path Prepend . . . . . . . . . . . . . . . 7 4. Alternatives to AS Path Prepend . . . . . . . . . . . . . . . 7
5. Best Practices . . . . . . . . . . . . . . . . . . . . . . . 7 5. Best Practices . . . . . . . . . . . . . . . . . . . . . . . 7
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
7. Security Considerations . . . . . . . . . . . . . . . . . . . 9 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8
8. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 9 8. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 9
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
9.1. Normative References . . . . . . . . . . . . . . . . . . 9 9.1. Normative References . . . . . . . . . . . . . . . . . . 9
9.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 9 9.2. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction 1. Introduction
The Border Gateway Protocol (BGP) [RFC4271] specifies the AS_PATH The Border Gateway Protocol (BGP) [RFC4271] specifies the AS_PATH
attribute which enumerates ASs a route update has traversed. If the attribute which enumerates ASs a route update has traversed. If the
UPDATE message is propagated over an external link, then the local AS UPDATE message is propagated over an external link, then the local AS
number is prepended to the AS_PATH attribute, and the NEXT_HOP number is prepended to the AS_PATH attribute, and the NEXT_HOP
attribute is updated with an IP address of the router that should be attribute is updated with an IP address of the router that should be
used as a next hop to the network. If the UPDATE message is used as a next hop to the network. If the UPDATE message is
propagated over an internal link, then the AS_PATH attribute and the propagated over an internal link, then the AS_PATH attribute and the
skipping to change at page 4, line 27 skipping to change at page 4, line 27
two instances of its own AS number when advertising its routes to C, two instances of its own AS number when advertising its routes to C,
then B will now see a different situation, where the AS Path via D then B will now see a different situation, where the AS Path via D
represents the shorter path. Through the use of selective prepending represents the shorter path. Through the use of selective prepending
E is able to alter the routing decision of B, even though B is not an E is able to alter the routing decision of B, even though B is not an
adjacent neighbour of E. The result is that traffic from A and B adjacent neighbour of E. The result is that traffic from A and B
will be passed via D and F to reach E, rather than via C. In this will be passed via D and F to reach E, rather than via C. In this
way prepending implements action at a distance where the routing way prepending implements action at a distance where the routing
decisions made by non-adjacent ASs can be influenced by selective AS decisions made by non-adjacent ASs can be influenced by selective AS
Path prepending. Path prepending.
To illustrate, in August 2020 a large ISP had a network outage that
affected their customers and other ISPs. One major problem was that
the ISP wasn't withdrawing BGP routes, the stale routes were
continuing to be announced as legitimate by the down ISP. This
caused blackholing of traffic even when customers had backup ISPs.
What could customers do in this situation? They could change local
preference to help send traffic to the backup ISP. They could send
more specifics to the backup ISP. They could also pre-provision the
use of AS Path Prepend to prepend the same AS amount to both primary
and backup ISPs before failure. Customers could then, during a
failure, remove one prepend to the backup ISP to make it more
preferred over the down ISP. This is one, of several, scenarios
where using AS Path Prepend can be beneficial.
3. Problems 3. Problems
Since it is so commonly used, what is the problem with the excessive Since it is so commonly used, what is the problem with the excessive
use of AS Path Prepending? Here are a few examples: use of AS Path Prepending? Here are a few examples:
3.1. Excessive Prepending 3.1. Excessive Prepending
The risk of excessive use of AS Path Prepending can be illustrated The risk of excessive use of AS Path Prepending can be illustrated
with real-world examples that have been anonymized using documention with real-world examples that have been anonymized using documention
prefixes [RFC5737] and ASs [RFC5398] . Consider the prefix prefixes [RFC5737] and ASs [RFC5398] . Consider the prefix
skipping to change at page 6, line 47 skipping to change at page 6, line 33
errors in BGP routing. Consider the prepended AS path below: errors in BGP routing. Consider the prepended AS path below:
64496 64501 64501 64510 64510 64501 64510 64501 64501 64510 64510 64496 64501 64501 64510 64510 64501 64510 64501 64501 64510 64510
64501 64501 64510 64501 64501 64510
The prepending here involves a mix of two distinct ASNs (64501 and The prepending here involves a mix of two distinct ASNs (64501 and
64510) with the last two digits transposed. 64510) with the last two digits transposed.
3.4. Memory 3.4. Memory
BGP attribute sets are shared among stored routes, ie, if two stored Long AS Paths cause an increase in memory usage by BGP speakers. The
routes have the same attribute sets, the attribute set is stored only memory usage is not so much a concern in the control plane BGP
once. AS Paths are shared among attribute sets so that if two stored implementations, but more so when AS Paths are included in Netflow
attribute sets have the same AS Path, then the AS Path is stored only messages. Netflow is processed in the forwarding plane, where memory
once. Storing them in the control plane is not a big problem. is more expensive than in the control plane.
However, AS Paths can be sent in Netflow which is generated in the A concern about an AS Path longer than 255 is the extra complexity
forwarding plane. AS Paths are not stored in expensive fast memory required to process it, because it needs to be encoded in more than
on the forwarding plane, but still, using memory on the forwarding one AS_SEQUENCE in the AS_PATH BGP path attribute.
plane has greater impact than on the control plane. An AS Path
consists of AS_SEQUENCE (and other elements). An AS_SEQUENCE can
contain a maximum of 255 ASNs. If the AS Path is longer, then
multiple AS_SEQUENCE's are required. The code to parse them and
create them is not often exercised and is a potential for bugs in
fresh code. The older implementations have these bugs well and truly
shaken out of them. Some BGP implementations have had memory
corruption/fragmentation problems with long AS Paths.
3.5. Errant announcement 3.5. Errant announcement
There was an Internet-wide outage caused by a single errant routing There was an Internet-wide outage caused by a single errant routing
announcement. In this incident, AS64496 announced its one prefix announcement. In this incident, AS64496 announced its one prefix
with an extremely long AS path. Someone entered their ASN instead of with an extremely long AS path. Someone entered their ASN instead of
the prepend count 64496 modulo 256 = 252 prepends and when a path the prepend count 64496 modulo 256 = 252 prepends and when a path
lengths exceeded 255, routers crashed lengths exceeded 255, routers crashed
4. Alternatives to AS Path Prepend 4. Alternatives to AS Path Prepend
skipping to change at page 9, line 14 skipping to change at page 9, line 8
7. Security Considerations 7. Security Considerations
Long prepending may make a network more vulernable to route hijacking Long prepending may make a network more vulernable to route hijacking
which will exist whenever there is a well connected peer that is which will exist whenever there is a well connected peer that is
willing to forge their AS_PATH or allows announcements with a willing to forge their AS_PATH or allows announcements with a
fabricated AS path. fabricated AS path.
8. Acknowledgement 8. Acknowledgement
The authors would like to thank Greg Skinner, Randy Bush, Dave The authors would like to thank Greg Skinner, Randy Bush, Dave
Farmer, Nick Hilliard, Martijn Schmidt, Jakob Heitz, Michael Still, Farmer, Nick Hilliard, Martijn Schmidt, Michael Still, Geoff Huston
Geoff Huston and Jeffrey Haas for contributing to this document. and Jeffrey Haas for contributing to this document.
9. References 9. References
9.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
skipping to change at line 440 skipping to change at page 10, line 28
Robert Raszuk Robert Raszuk
Bloomberg LP Bloomberg LP
Email: robert@raszuk.net Email: robert@raszuk.net
Hongwei Li Hongwei Li
HPE HPE
Email: flycoolman@gmail.com Email: flycoolman@gmail.com
Jakob Heitz
Cisco
170 West Tasman Drive
San Jose, CA 95134
USA
Email: jheitz@cisco.com
 End of changes. 13 change blocks. 
40 lines changed or deleted 20 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/