Skip to main content

Dissemination of Flow Specification Rules

Document Type Replaced Internet-Draft (idr WG)
Expired & archived
Authors Susan Hares , Robert Raszuk , Danny R. McPherson , Christoph Loibl , Martin Bacher
Last updated 2019-08-30 (Latest revision 2017-02-14)
Replaces draft-hares-idr-rfc5575bis, draft-raszuk-idr-rfc5575bis, draft-ietf-idr-flowspec-packet-rate, draft-loibl-bacher-idr-flowspec-clarification
Replaced by draft-ietf-idr-rfc5575bis
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Candidate for WG Adoption
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-idr-rfc5575bis
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


This document updates RFC5575 which defines a Border Gateway Protocol Network Layer Reachability Information (BGP NLRI) encoding format that can be used to distribute traffic flow specifications. This allows the routing system to propagate information regarding more specific components of the traffic aggregate defined by an IP destination prefix. This draft specifies IPv4 traffic flow specifications via a BGP NLRI which carries traffic flow specification filter, and an Extended community value which encodes actions a routing system can take if the packet matches the traffic flow filters. The flow filters and the actions are processed in a fixed order. Other drafts specify IPv6, MPLS addresses, L2VPN addresses, and NV03 encapsulation of IP addresses. This document updates RFC5575 to correct unclear specifications in the flow filters and to provide rules for actions which interfere (e.g. redirection of traffic and flow filtering). Applications which use the bgp flow specification are: 1) application which automate of inter-domain coordination of traffic filtering, such as what is required in order to mitigate (distributed) denial- of-service attacks; 2) application which control traffic filtering in the context of a BGP/MPLS VPN service, and 3) applications with centralized control of traffic in a SDN or NFV context. Some of deployments of these three applications can be handled by the strict ordering of the BGP NLRI traffic flow filters, and the strict actions encoded in the Extended Community Flow Specification actions.


Susan Hares
Robert Raszuk
Danny R. McPherson
Christoph Loibl
Martin Bacher

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)