--- 1/draft-ietf-idr-shutdown-01.txt 2017-01-14 01:13:08.792692547 -0800 +++ 2/draft-ietf-idr-shutdown-02.txt 2017-01-14 01:13:08.812693032 -0800 @@ -1,21 +1,21 @@ IDR J. Snijders Internet-Draft NTT Updates: 4486 (if approved) J. Heitz Intended status: Standards Track Cisco -Expires: June 3, 2017 J. Scudder +Expires: July 18, 2017 J. Scudder Juniper - November 30, 2016 + January 14, 2017 - BGP Administrative Shutdown with Additional Communication - draft-ietf-idr-shutdown-01 + BGP Administrative Shutdown Communication + draft-ietf-idr-shutdown-02 Abstract This document enhances the BGP Cease NOTIFICATION message "Administrative Shutdown" subcode for operators to transmit a short freeform message to describe why a BGP session was shutdown. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", @@ -30,51 +30,52 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on June 3, 2017. + This Internet-Draft will expire on July 18, 2017. Copyright Notice - Copyright (c) 2016 IETF Trust and the persons identified as the + Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Shutdown Communication . . . . . . . . . . . . . . . . . . . 2 3. Operational Considerations . . . . . . . . . . . . . . . . . 3 4. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 3 - 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 + 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 6. Security Considerations . . . . . . . . . . . . . . . . . . . 4 7. Implementation status - RFC EDITOR: REMOVE BEFORE PUBLICATION 4 - 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 - 8.1. Normative References . . . . . . . . . . . . . . . . . . 4 + 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 + 8.1. Normative References . . . . . . . . . . . . . . . . . . 5 8.2. Informative References . . . . . . . . . . . . . . . . . 5 - Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 5 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 + 8.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 5 + Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 6 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 1. Introduction It can be troublesome for an operator to correlate a BGP-4 [RFC4271] session teardown in the network with a notice that was transmitted via off-line methods such email or telephone calls. This document specifies a mechanism to transmit a short freeform UTF-8 [RFC3629] message as part of a Cease NOTIFICATION message [RFC4486] to inform the peer why the BGP session is being shutdown. @@ -97,28 +98,22 @@ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... Shutdown Communication ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ... | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The Length value can range from 0 to 128 and indicates how many octets of Shutdown Communication follow. To support international characters, the Shutdown Communication field - MUST be encoded using UTF-8. - - The sending BGP speaker SHOULD avoid octet values below 32 (control - characters), however these values are legal. Following UNICODE TR36 - [UTR36], Sec 3.1, the sending BGP speaker MUST encode messages in the - "shortest form" and MUST NOT interpret messages in the "non-shortest - form". A receiving BGP speaker MUST NOT interpret invalid UTF-8 - sequences. + MUST be encoded using UTF-8. A receiving BGP speaker MUST NOT + interpret invalid UTF-8 sequences. Mechanisms concerning the reporting of information contained in the Shutdown Communication are implementation specific but SHOULD include methods such as SYSLOG [RFC5424]. 3. Operational Considerations Operators are encouraged to use the Shutdown Communication to inform their peers of the reason for the shutdown of the BGP session and include out-of-band reference materials. An example of a useful @@ -146,43 +141,56 @@ Parameters" group. 6. Security Considerations This document uses UTF-8 encoding for the Shutdown Communication. There are a number of security issues with UNICODE. Implementers and operator are advised to review UNICODE TR36 [UTR36] to learn about these issues. This document guards against the technical issues outlined in UTR36 by REQUIRING "shortest form" encoding. However, the visual spoofing due to character confusion still persists. This - document tries to minimize the effects of visual spoofing by allowing - UNICODE only where local script is expected and needed, and by - limiting the length of the Shutdown Communication. + specification minimizes the effects of visual spoofing by limiting + the length of the Shutdown Communication. + + Users of this mechanism should be aware that unless a transport that + provides integrity (such as TCP-AO [RFC5925]) is used for the BGP + session in question, a Shutdown Communication message could be + forged. Unless a transport that provides confidentiality (such as + IPSec [RFC4303]) is used, a Shutdown Communication message could be + snooped by an attacker. These issues are common to any BGP message + but may be of greater interest in the context of this proposal since + the information carried in the message is generally expected to be + used for human-to-human communication. 7. Implementation status - RFC EDITOR: REMOVE BEFORE PUBLICATION This section records the status of known implementations of the protocol defined by this specification at the time of posting of this - Internet-Draft, and is based on a proposal described in [RFC7942]. - The description of implementations in this section is intended to - assist the IETF in its decision processes in progressing drafts to - RFCs. Please note that the listing of any individual implementation - here does not imply endorsement by the IETF. Furthermore, no effort - has been spent to verify the information presented here that was - supplied by IETF contributors. This is not intended as, and must not - be construed to be, a catalog of available implementations or their + Internet-Draft, and is based on a proposal described in RFC7942. The + description of implementations in this section is intended to assist + the IETF in its decision processes in progressing drafts to RFCs. + Please note that the listing of any individual implementation here + does not imply endorsement by the IETF. Furthermore, no effort has + been spent to verify the information presented here that was supplied + by IETF contributors. This is not intended as, and must not be + construed to be, a catalog of available implementations or their features. Readers are advised to note that other implementations may exist. As of today these vendors have produced an implementation of the Shutdown Communication: - o ExaBGP + o ExaBGP [1] + o pmacct [2] + o OpenBGPD [3] + o Wireshark [4] (packet analyser) + o tcpdump [5], (alt) [6] (packet analyser) 8. References 8.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . @@ -194,48 +202,71 @@ Border Gateway Protocol 4 (BGP-4)", RFC 4271, DOI 10.17487/RFC4271, January 2006, . [RFC4486] Chen, E. and V. Gillet, "Subcodes for BGP Cease Notification Message", RFC 4486, DOI 10.17487/RFC4486, April 2006, . 8.2. Informative References + [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", + RFC 4303, DOI 10.17487/RFC4303, December 2005, + . + [RFC5424] Gerhards, R., "The Syslog Protocol", RFC 5424, DOI 10.17487/RFC5424, March 2009, . - [RFC7942] Sheffer, Y. and A. Farrel, "Improving Awareness of Running - Code: The Implementation Status Section", BCP 205, - RFC 7942, DOI 10.17487/RFC7942, July 2016, - . + [RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP + Authentication Option", RFC 5925, DOI 10.17487/RFC5925, + June 2010, . [UTR36] Davis, M. and M. Suignard, "Unicode Security Considerations", Unicode Technical Report #36, August 2010, . +8.3. URIs + + [1] https://github.com/Exa-Networks/exabgp/blob/d8b7cd24e835b9dabfddc + 87d74e0161921165a50/lib/exabgp/bgp/message/ + notification.py#L112-L144 + + [2] https://github.com/pmacct/pmacct/compare/ed8df5820c9f0b8847a7b087 + 3ade3af8ab262113...9fd97a77d144b15bf42d4e55a4d861c499bb0cfc + + [3] https://github.com/openbsd/src/ + commit/0561b344da393d4a962339c507c2e78057100ae1 + + [4] https://www.wireshark.org/lists/wireshark-commits/201612/ + msg00238.html + + [5] https://github.com/the-tcpdump-group/tcpdump/pull/578 + + [6] http://marc.info/?l=openbsd-tech&m=148379081203084&w=2 + Appendix A. Acknowledgements The authors would like to gratefully acknowledge Tom Scholl, David - Freedman, Jared Mauch, Jeff Haas, Peter Hessler, Bruno Decraene, and - John Heasley. + Freedman, Jared Mauch, Jeff Haas, Peter Hessler, Bruno Decraene, John + Heasley, Peter van Dijk, and Arjen Zonneveld. Authors' Addresses Job Snijders NTT Communications Theodorus Majofskistraat 100 Amsterdam 1065 SZ - NL + The Netherlands Email: job@ntt.net + Jakob Heitz Cisco 170 West Tasman Drive San Jose, CA 95054 USA Email: jheitz@cisco.com John Scudder Juniper Networks