draft-ietf-idr-route-filter-10.txt   draft-ietf-idr-route-filter-11.txt 
Network Working Group Enke Chen Network Working Group Enke Chen
Internet Draft Redback Networks, Inc. Internet Draft Cisco Systems
Expiration Date: October 2004 Yakov Rekhter Expiration Date: June 2005 Yakov Rekhter
Juniper Networks Juniper Networks
Cooperative Route Filtering Capability for BGP-4 Cooperative Route Filtering Capability for BGP-4
draft-ietf-idr-route-filter-10.txt draft-ietf-idr-route-filter-11.txt
1. Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026 except that the right to all provisions of Section 10 of RFC2026 except that the right to
produce derivative works is not granted. produce derivative works is not granted.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 34 skipping to change at page 1, line 34
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as ``work in progress.'' material or to cite them other than as ``work in progress.''
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
2. Specification of Requirements IPR Disclosure Acknowledgement
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", By submitting this Internet-Draft, I certify that any applicable
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this patent or other IPR claims of which I am aware have been disclosed,
document are to be interpreted as described in RFC2119 [RFC2119]. and any of which I become aware will be disclosed, in accordance with
RFC 3668.
3. Abstract Abstract
This document defines a BGP-based mechanism that allows a BGP speaker This document defines a BGP-based mechanism that allows a BGP speaker
to send to its BGP peer a set of route filters that the peer would to send to its BGP peer a set of route filters that the peer would
use to constrain/filter its outbound routing updates to the speaker. use to constrain/filter its outbound routing updates to the speaker.
4. Introduction 1. Specification of Requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC2119 [RFC2119].
2. Introduction
Currently it is not uncommon for a BGP speaker to receive, and then Currently it is not uncommon for a BGP speaker to receive, and then
filter out some unwanted routes from its peers based on its local filter out some unwanted routes from its peers based on its local
routing policy. Since the generation and transmission of routing routing policy. Since the generation and transmission of routing
updates by the sender, as well as the processing of routing updates updates by the sender, as well as the processing of routing updates
by the receiver consume resources, it may be beneficial if the by the receiver consume resources, it may be beneficial if the
generation of such unwanted routing updates can be avoided in the generation of such unwanted routing updates can be avoided in the
first place. first place.
This document defines a BGP-based mechanism that allows a BGP speaker This document defines a BGP-based mechanism that allows a BGP speaker
to send to its BGP peer a set of Outbound Route Filters (ORFs). The to send to its BGP peer a set of Outbound Route Filters (ORFs). The
peer would then apply these filters, in addition to its locally peer would then apply these filters, in addition to its locally
configured outbound filters (if any), to constrain/filter its configured outbound filters (if any), to constrain/filter its
outbound routing updates to the speaker. outbound routing updates to the speaker.
5. Outbound Route Filter (ORF) 3. Outbound Route Filter (ORF)
Conceptually an ORF entry is a tuple of the form <AFI/SAFI, ORF-Type, Conceptually an ORF entry is a tuple of the form <AFI/SAFI, ORF-Type,
Action, Match, ORF-value>; an ORF consists of one or more ORF entries Action, Match, ORF-value>; an ORF consists of one or more ORF entries
that have a common AFI/SAFI and ORF-Type. An ORF is identified by that have a common AFI/SAFI and ORF-Type. An ORF is identified by
<AFI/SAFI, ORF-Type>. <AFI/SAFI, ORF-Type>.
The "AFI/SAFI" component provides a coarse granularity control by The "AFI/SAFI" component provides a coarse granularity control by
limiting the ORF to only the routes whose NLRI matches the "AFI/SAFI" limiting the ORF to only the routes whose NLRI matches the "AFI/SAFI"
component of the ORF. component of the ORF.
skipping to change at page 3, line 4 skipping to change at page 3, line 11
remote peer. Action can be one of ADD, REMOVE, REMOVE-ALL. ADD adds remote peer. Action can be one of ADD, REMOVE, REMOVE-ALL. ADD adds
an ORF entry to the ORF on the remote peer; REMOVE deletes a an ORF entry to the ORF on the remote peer; REMOVE deletes a
previously installed ORF entry on the remote peer; REMOVE-ALL deletes previously installed ORF entry on the remote peer; REMOVE-ALL deletes
the previously installed entries in the specified ORF on the remote the previously installed entries in the specified ORF on the remote
peer. peer.
The "Match" component is used if support matching granularity on a The "Match" component is used if support matching granularity on a
per ORF entry basis is needed, in which case the "Match" component per ORF entry basis is needed, in which case the "Match" component
can be one of PERMIT or DENY. The semantics of PERMIT is to ask the can be one of PERMIT or DENY. The semantics of PERMIT is to ask the
peer to pass updates for the set of routes that match the ORF entry. peer to pass updates for the set of routes that match the ORF entry.
The semantics of DENY is to ask the peer not to pass updates for the The semantics of DENY is to ask the peer not to pass updates for the
set of routes that match the ORF entry. set of routes that match the ORF entry.
5.1. Communities ORF-Type 3.1. Communities ORF-Type
The Community ORF-Type allows to express ORFs in terms of BGP The Community ORF-Type allows to express ORFs in terms of BGP
Communities [BGP-COMMUNITIES]. That is, the Communities ORF-Type Communities [BGP-COMMUNITIES]. That is, the Communities ORF-Type
provides Communities-based route filtering. provides Communities-based route filtering.
Conceptually the ORF-value of the Communities ORF-Type consists of a Conceptually the ORF-value of the Communities ORF-Type consists of a
single Community. single Community.
The sender SHOULD set the value of the Match field to PERMIT; the The sender SHOULD set the value of the Match field to PERMIT; the
receiver SHOULD ignore the value of the Match field. receiver SHOULD ignore the value of the Match field.
The remote peer should consider only those routes whose Communities The remote peer should consider only those routes whose Communities
attribute has at least one Community in common with the Communities attribute has at least one Community in common with the Communities
list specified in the ORF. list specified in the ORF.
5.2. Extended Communities ORF-Type 3.2. Extended Communities ORF-Type
The Extended Community ORF-Type allows to express ORFs in terms of The Extended Community ORF-Type allows to express ORFs in terms of
BGP Extended Communities [BGP-EXT-COMMUNITIES]. That is, the Extended BGP Extended Communities [BGP-EXT-COMMUNITIES]. That is, the Extended
Communities ORF-Type provides Extended Communities-based route Communities ORF-Type provides Extended Communities-based route
filtering. filtering.
Conceptually the ORF-value of the Extended Communities ORF-Type Conceptually the ORF-value of the Extended Communities ORF-Type
consists of a single Extended Community. consists of a single Extended Community.
The sender SHOULD set the value of the Match field to PERMIT; the The sender SHOULD set the value of the Match field to PERMIT; the
receiver SHOULD ignore the value of the Match field. receiver SHOULD ignore the value of the Match field.
The remote peer should consider only those routes whose Extended The remote peer should consider only those routes whose Extended
Communities attribute has at least one Extended Community in common Communities attribute has at least one Extended Community in common
with the Extended Communities list specified in the ORF. with the Extended Communities list specified in the ORF.
6. Carrying ORF entries in BGP 4. Carrying ORF entries in BGP
ORF entries are carried in the BGP ROUTE-REFRESH message [BGP-RR]. ORF entries are carried in the BGP ROUTE-REFRESH message [BGP-RR].
A BGP speaker can distinguish an incoming ROUTE-REFRESH message that A BGP speaker can distinguish an incoming ROUTE-REFRESH message that
carries one or more ORF entries from an incoming plain ROUTE-REFRESH carries one or more ORF entries from an incoming plain ROUTE-REFRESH
message by using the Message Length field in the BGP message header. message by using the Message Length field in the BGP message header.
A single ROUTE-REFRESH message could carry multiple ORF entries, as A single ROUTE-REFRESH message could carry multiple ORF entries, as
long as all these entries share the same AFI/SAFI. long as all these entries share the same AFI/SAFI.
skipping to change at page 6, line 9 skipping to change at page 6, line 9
+---------------------------------+ +---------------------------------+
| Reserved (5 bits) | | Reserved (5 bits) |
+---------------------------------+ +---------------------------------+
| Type specific part (variable) | | Type specific part (variable) |
+---------------------------------+ +---------------------------------+
Fig 2. ORF entry encoding Fig 2. ORF entry encoding
When the Action component of an ORF entry specifies REMOVE-ALL, When the Action component of an ORF entry specifies REMOVE-ALL,
the entry consists of only the common part. the entry consists of only the common part.
6.1. Type specific encoding (Communities ORF-Type) 4.1. Type specific encoding (Communities ORF-Type)
The value of the ORF-Type for the Communities ORF-Type is 2. The value of the ORF-Type for the Communities ORF-Type is 2.
The type-specific part of Communities ORF-Type consists of single The type-specific part of Communities ORF-Type consists of single
Community encoded as a four-octets field. Community encoded as a four-octets field.
6.2. Type specific encoding (Extended Communities ORF-Type) 4.2. Type specific encoding (Extended Communities ORF-Type)
The value of the ORF-Type for the Extended Communities ORF-Type is 3. The value of the ORF-Type for the Extended Communities ORF-Type is 3.
The type-specific part of Extended Communities ORF-Type consists of a The type-specific part of Extended Communities ORF-Type consists of a
single Extended Community encoded as an eight-octets field. single Extended Community encoded as an eight-octets field.
7. Cooperative Route Filtering Capability 5. Cooperative Route Filtering Capability
A BGP speaker that is willing to receive ORF entries from its peer, A BGP speaker that is willing to receive ORF entries from its peer,
or a BGP speaker that would like to send ORF entries to its peer or a BGP speaker that would like to send ORF entries to its peer
advertises this to the peer by using the Cooperative Route Filtering advertises this to the peer by using the Cooperative Route Filtering
Capability, as described below. Capability, as described below.
The Cooperative Route Filtering Capability is a new BGP capability The Cooperative Route Filtering Capability is a new BGP capability
[BGP-CAP] defined as follows: [BGP-CAP] defined as follows:
Capability code: 3 Capability code: 3
skipping to change at page 8, line 5 skipping to change at page 8, line 5
This field contains the value of an ORF Type. This field contains the value of an ORF Type.
Send/Receive: Send/Receive:
This field indicates whether the sender is (a) willing to This field indicates whether the sender is (a) willing to
receive ORF entries from its peer (value 1), (b) would like to receive ORF entries from its peer (value 1), (b) would like to
send ORF entries to its peer (value 2), or (c) both (value 3) send ORF entries to its peer (value 2), or (c) both (value 3)
for the ORF Type that follows. for the ORF Type that follows.
8. Operation 6. Operation
A BGP speaker that is willing to receive ORF entries from its peer, A BGP speaker that is willing to receive ORF entries from its peer,
or would like to send ORF entries to its peer SHOULD advertise the or would like to send ORF entries to its peer SHOULD advertise the
Cooperative Route Filtering Capability to the peer using BGP Cooperative Route Filtering Capability to the peer using BGP
Capabilities advertisement [BGP-CAP]. Capabilities advertisement [BGP-CAP].
A BGP speaker that implements the Cooperative Route Filtering A BGP speaker that implements the Cooperative Route Filtering
Capability must support BGP ROUTE-REFRESH message, as defined in Capability must support BGP ROUTE-REFRESH message, as defined in
[BGP-RR]. A BGP speaker that advertises the Cooperative Route [BGP-RR]. A BGP speaker that advertises the Cooperative Route
Filtering Capability to a peer using BGP Capabilities advertisement Filtering Capability to a peer using BGP Capabilities advertisement
skipping to change at page 10, line 9 skipping to change at page 10, line 9
of the ORF entries of any of the (non-empty) ORFs associated with a of the ORF entries of any of the (non-empty) ORFs associated with a
particular peer, then this route SHOULD NOT be advertised to the particular peer, then this route SHOULD NOT be advertised to the
peer. peer.
If a BGP speaker maintains multiple ORFs of different ORF-Types for a If a BGP speaker maintains multiple ORFs of different ORF-Types for a
particular peer, then the decision by the speaker to advertise a particular peer, then the decision by the speaker to advertise a
route to the peer is determined by passing the route through each route to the peer is determined by passing the route through each
such ORF, and and-ing the results (and-ing of PERMIT and DENY results such ORF, and and-ing the results (and-ing of PERMIT and DENY results
in DENY). in DENY).
9. IANA Considerations 7. IANA Considerations
As specified in this document, an ORF enty contains the ORF-Type As specified in this document, an ORF enty contains the ORF-Type
field. ORF-Type value 0 is reserved. ORF-Type values 1 through 63 field. ORF-Type value 0 is reserved. ORF-Type values 1 through 63
are to be assigned by IANA using the "IETF Consensus" policy defined are to be assigned by IANA using the "IETF Consensus" policy defined
in RFC2434. ORF-Type values 64 through 127 are to be assigned by in RFC2434. ORF-Type values 64 through 127 are to be assigned by
IANA, using the "First Come First Served" policy defined in RFC2434. IANA, using the "First Come First Served" policy defined in RFC2434.
ORF-Type values 128 through 255 are vendor-specific, and values in ORF-Type values 128 through 255 are vendor-specific, and values in
this range are not to be assigned by IANA. this range are not to be assigned by IANA.
10. Security Considerations 8. Security Considerations
This extension to BGP does not change the underlying security issues. This extension to BGP does not change the underlying security issues.
9. Intellectual Property Considerations
This section is taken from Section 10.4 of [RFC2026].
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such
proprietary rights by implementors or users of this specification can
be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
Director.
10. Copyright Notice
Copyright (C) The Internet Society (year). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
11. Acknowledgements 11. Acknowledgements
Some of the material in the document is "borrowed" from a proposal Some of the material in the document is "borrowed" from a proposal
for selective updates by Yakov Rekhter, Kannan Varadhan, and Curtis for selective updates by Yakov Rekhter, Kannan Varadhan, and Curtis
Villamizar. Villamizar.
12. Normative References 12. Normative References
[BGP-4] Rekhter, Y., and T. Li, "A Border Gateway Protocol 4 [BGP-4] Rekhter, Y., and T. Li, "A Border Gateway Protocol 4
(BGP-4)", RFC 1771, March 1995. (BGP-4)", RFC 1771, March 1995.
skipping to change at page 11, line 4 skipping to change at page 11, line 44
BGP-4", RFC2842, May 2000 BGP-4", RFC2842, May 2000
[BGP-COMMUNITIES] Chandra, R., Traina, P., and Li, T., "BGP [BGP-COMMUNITIES] Chandra, R., Traina, P., and Li, T., "BGP
Communities Attribute", RFC1997, August 1996. Communities Attribute", RFC1997, August 1996.
[BGP-EXT-COMMUNITIES] Ramachandra, S., Tappan, D., "BGP Extended [BGP-EXT-COMMUNITIES] Ramachandra, S., Tappan, D., "BGP Extended
Communities Attribute", draft-ramachandra-bgp-ext-communities-02.txt Communities Attribute", draft-ramachandra-bgp-ext-communities-02.txt
[BGP-RR] Chen, E., "Route Refresh Capability for BGP-4", RFC2918, [BGP-RR] Chen, E., "Route Refresh Capability for BGP-4", RFC2918,
September 2000 September 2000
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
13. Author Information 13. Author Information
Enke Chen Enke Chen
Redback Networks, Inc. Cisco Systems, Inc.
350 Holger Way e-mail: enkechen@cisco.com
San Jose, CA 95134
e-mail: enke@redback.com
Yakov Rekhter Yakov Rekhter
Juniper Networks Juniper Networks
e-mail: yakov@juniper.net e-mail: yakov@juniper.net
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/