Dissemination of Flow Specification Rules
draft-hr-idr-rfc5575bis-03
Document | Type |
Replaced Internet-Draft
(idr WG)
Expired & archived
|
|
---|---|---|---|
Authors | Susan Hares , Robert Raszuk , Danny R. McPherson , Christoph Loibl , Martin Bacher | ||
Last updated | 2019-08-30 (Latest revision 2017-02-14) | ||
Replaces | draft-hares-idr-rfc5575bis, draft-raszuk-idr-rfc5575bis, draft-ietf-idr-flowspec-packet-rate, draft-loibl-bacher-idr-flowspec-clarification | ||
Replaced by | draft-ietf-idr-rfc5575bis | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | (None) | ||
Formats | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | Candidate for WG Adoption | |
Document shepherd | (None) | ||
IESG | IESG state | Replaced by draft-ietf-idr-rfc5575bis | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document updates RFC5575 which defines a Border Gateway Protocol Network Layer Reachability Information (BGP NLRI) encoding format that can be used to distribute traffic flow specifications. This allows the routing system to propagate information regarding more specific components of the traffic aggregate defined by an IP destination prefix. This draft specifies IPv4 traffic flow specifications via a BGP NLRI which carries traffic flow specification filter, and an Extended community value which encodes actions a routing system can take if the packet matches the traffic flow filters. The flow filters and the actions are processed in a fixed order. Other drafts specify IPv6, MPLS addresses, L2VPN addresses, and NV03 encapsulation of IP addresses. This document updates RFC5575 to correct unclear specifications in the flow filters and to provide rules for actions which interfere (e.g. redirection of traffic and flow filtering). Applications which use the bgp flow specification are: 1) application which automate of inter-domain coordination of traffic filtering, such as what is required in order to mitigate (distributed) denial- of-service attacks; 2) application which control traffic filtering in the context of a BGP/MPLS VPN service, and 3) applications with centralized control of traffic in a SDN or NFV context. Some of deployments of these three applications can be handled by the strict ordering of the BGP NLRI traffic flow filters, and the strict actions encoded in the Extended Community Flow Specification actions.
Authors
Susan Hares
Robert Raszuk
Danny R. McPherson
Christoph Loibl
Martin Bacher
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)