Internet Engineering Task Force (IETF) J. Scudder
Internet Draft Juniper Networks
Update: 1997, 4271, 4360, 5701 (if approved) E. Chen
Intended Status: Standards Track P. Mohapatra
Expires: May 22, 2013 K. Patel
Cisco Systems
November 21, 2012
Revised Error Handling for BGP UPDATE Messages
draft-ietf-idr-error-handling-03.txt
Abstract
According to the base BGP specification, a BGP speaker that receives
an UPDATE message containing a malformed attribute is required to
reset the session over which the offending attribute was received.
This behavior is undesirable as a session reset would impact not only
routes with the offending attribute, but also other valid routes
exchanged over the session. This document partially revises the
error handling for UPDATE messages, and provides guidelines for the
authors of documents defining new attributes. Finally, it revises
the error handling procedures for a number of existing attributes.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
This Internet-Draft will expire on May 22, 2013.
draft-ietf-idr-error-handling-03.txt [Page 1]
Internet Draft draft-ietf-idr-error-handling-03.txt Nov. 2012
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
1. Introduction
According to the base BGP specification [RFC4271], a BGP speaker that
receives an UPDATE message containing a malformed attribute is
required to reset the session over which the offending attribute was
received. This behavior is undesirable as a session reset would
impact not only routes with the offending attribute, but also other
valid routes exchanged over the session. In the case of optional
transitive attributes, the behavior is especially troublesome and may
present a potential security vulnerability. The reason is that such
attributes may have been propagated without being checked by
intermediate routers that do not recognize the attributes -- in
effect the attribute may have been tunneled, and when they do reach a
router that recognizes and checks them, the session that is reset may
not be associated with the router that is at fault.
The goal for revising the error handling for UPDATE messages is to
minimize the impact on routing by a malformed UPDATE message, while
maintaining protocol correctness to the extent possible. This can be
achieved largely by maintaining the established session and keeping
the valid routes exchanged, but removing the routes carried in the
malformed UPDATE from the routing system.
This document partially revises the error handling for UPDATE
messages, and provides guidelines for the authors of documents
defining new attributes. Finally, it revises the error handling
procedures for a number of existing attributes. Specifically, the
error handling procedures of [RFC4271], [RFC1997], [RFC4360] and
[RFC5701] are revised.
draft-ietf-idr-error-handling-03.txt [Page 2]
Internet Draft draft-ietf-idr-error-handling-03.txt Nov. 2012
1.1. Specification of Requirements
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",