--- 1/draft-ietf-idr-ix-bgp-route-server-10.txt 2016-06-10 16:15:52.578437748 -0700 +++ 2/draft-ietf-idr-ix-bgp-route-server-11.txt 2016-06-10 16:15:52.606438438 -0700 @@ -1,23 +1,23 @@ IDR Working Group E. Jasinska Internet-Draft BigWave IT Intended status: Standards Track N. Hilliard -Expires: October 31, 2016 INEX +Expires: December 12, 2016 INEX R. Raszuk Bloomberg LP N. Bakker Akamai Technologies B.V. - April 29, 2016 + June 10, 2016 Internet Exchange BGP Route Server - draft-ietf-idr-ix-bgp-route-server-10 + draft-ietf-idr-ix-bgp-route-server-11 Abstract This document outlines a specification for multilateral interconnections at Internet exchange points (IXPs). Multilateral interconnection is a method of exchanging routing information between three or more external BGP speakers using a single intermediate broker system, referred to as a route server. Route servers are typically used on shared access media networks, such as Internet exchange points (IXPs), to facilitate simplified interconnection @@ -31,21 +31,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on October 31, 2016. + This Internet-Draft will expire on December 12, 2016. Copyright Notice Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -53,39 +53,39 @@ to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction to Multilateral Interconnection . . . . . . . . 2 1.1. Notational Conventions . . . . . . . . . . . . . . . . . 3 2. Technical Considerations for Route Server Implementations . . 3 - 2.1. Client UPDATE Messages . . . . . . . . . . . . . . . . . 3 + 2.1. Client UPDATE Messages . . . . . . . . . . . . . . . . . 4 2.2. Attribute Transparency . . . . . . . . . . . . . . . . . 4 2.2.1. NEXT_HOP Attribute . . . . . . . . . . . . . . . . . 4 2.2.2. AS_PATH Attribute . . . . . . . . . . . . . . . . . . 4 2.2.3. MULTI_EXIT_DISC Attribute . . . . . . . . . . . . . . 5 2.2.4. Communities Attributes . . . . . . . . . . . . . . . 5 2.3. Per-Client Policy Control in Multilateral Interconnection 5 - 2.3.1. Path Hiding on a Route Server . . . . . . . . . . . . 5 + 2.3.1. Path Hiding on a Route Server . . . . . . . . . . . . 6 2.3.2. Mitigation of Path Hiding . . . . . . . . . . . . . . 7 2.3.2.1. Multiple Route Server RIBs . . . . . . . . . . . 7 2.3.2.2. Advertising Multiple Paths . . . . . . . . . . . 7 2.3.3. Implementation Suggestions . . . . . . . . . . . . . 8 - 3. Security Considerations . . . . . . . . . . . . . . . . . . . 8 + 3. Security Considerations . . . . . . . . . . . . . . . . . . . 9 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9 - 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 - 6.1. Normative References . . . . . . . . . . . . . . . . . . 9 + 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 + 6.1. Normative References . . . . . . . . . . . . . . . . . . 10 6.2. Informative References . . . . . . . . . . . . . . . . . 10 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 1. Introduction to Multilateral Interconnection Internet exchange points (IXPs) provide IP data interconnection facilities for their participants, typically using shared Layer-2 networking media such as Ethernet. The Border Gateway Protocol (BGP) [RFC4271], an inter-Autonomous System routing protocol, is commonly used to facilitate exchange of network reachability information over such media. @@ -124,20 +124,26 @@ 1.1. Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Technical Considerations for Route Server Implementations + A route server uses the [RFC4271] Border Gateway Protocol to broker + network reachability information between its clients. There are some + differences between the behaviour of a BGP route server and a BGP + implementation which is strictly compliant with [RFC4271]. These + differences are described as follows. + 2.1. Client UPDATE Messages A route server MUST accept all UPDATE messages received from each of its clients for inclusion in its Adj-RIB-In. These UPDATE messages MAY be omitted from the route server's Loc-RIB or Loc-RIBs, due to filters configured for the purposes of implementing routing policy. The route server SHOULD perform one or more BGP Decision Processes to select routes for subsequent advertisement to its clients, taking into account possible configuration to provide multiple NLRI paths to a particular client as described in Section 2.3.2.2 or multiple Loc- @@ -357,20 +364,23 @@ PATH implementations on a route server should enforce send-only mode with the route server clients, which would result in negotiating receive-only mode from the client to the route server. 2.3.3. Implementation Suggestions Route server implementation authors may wish to consider one of the methods described in Section 2.3.2 to allow per-client route server policy control without "path hiding". + Recommendations for route server operations are described separately + in [I-D.ietf-grow-ix-bgp-route-server-operations]. + 3. Security Considerations The path hiding problem outlined in section Section 2.3.1 can be used in certain circumstances to proactively block third party path announcements from other route server clients. Route server operators should be aware that security issues may arise unless steps are taken to mitigate against path hiding. The AS_PATH check described in Section 2.2.2 is normally enabled in order to check for malformed AS paths. If this check is disabled, @@ -429,24 +439,30 @@ Border Gateway Protocol 4 (BGP-4)", RFC 4271, DOI 10.17487/RFC4271, January 2006, . [RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended Communities Attribute", RFC 4360, DOI 10.17487/RFC4360, February 2006, . 6.2. Informative References + [I-D.ietf-grow-ix-bgp-route-server-operations] + Hilliard, N., Jasinska, E., Raszuk, R., and N. Bakker, + "Internet Exchange BGP Route Server Operations", draft- + ietf-grow-ix-bgp-route-server-operations-05 (work in + progress), June 2015. + [I-D.ietf-idr-add-paths] Walton, D., Retana, A., Chen, E., and J. Scudder, "Advertisement of Multiple Paths in BGP", draft-ietf-idr- - add-paths-13 (work in progress), December 2015. + add-paths-15 (work in progress), May 2016. [RFC1863] Haskin, D., "A BGP/IDRP Route Server alternative to a full mesh routing", RFC 1863, DOI 10.17487/RFC1863, October 1995, . [RFC4223] Savola, P., "Reclassification of RFC 1863 to Historic", RFC 4223, DOI 10.17487/RFC4223, October 2005, . [RFC4456] Bates, T., Chen, E., and R. Chandra, "BGP Route