Dissemination of Flow Specification Rules
draft-raszuk-idr-rfc5575bis-00

Document Type Replaced Internet-Draft (individual)
Last updated 2016-12-26 (latest revision 2016-06-24)
Replaced by draft-hr-idr-rfc5575bis
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-hr-idr-rfc5575bis
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-raszuk-idr-rfc5575bis-00.txt

Abstract

This document defines a Border Gateway Protocol Network Layer Reachability Information (BGP NLRI) encoding format that can be used to distribute traffic flow specifications. This allows the routing system to propagate information regarding more specific components of the traffic aggregate defined by an IP destination prefix (IPv4, IPv6), MPLS addresses, L2VPN addresses, and NV03 encapsulation of IP addresses. The information is carried via the BGP, thereby reusing protocol algorithms, operational experience, and administrative processes such as inter-provider peering agreements. This document provides the definition of a BGP NLRI which carries traffic flow specification filters, and Extended Community values which encode the actions a routing system can take if a packet matches the traffic flow filters. The specification requires that the BGP Flow Specification traffic filters follows a string ordering, and that the BGP Flow Specification Extended Communities actions are processed in a defined order. This BGP Flow Specification is denoted as BGP Flow Specification version 1. There are three applications of that encoding format: 1) automation of inter-domain coordination of traffic filtering, such as what is required in order to mitigate (distributed) denial-of-service attacks; 2) enable traffic filtering in the context of a BGP/MPLS VPN service, and 3) aid centralized control of traffic in a SDN or NFV context. Some of deployments of these three applications can be handled by the strict ordering of the BGP NLRI traffic flow filters, and the strict actions encoded in the Extended Community Flow Specification actions. Other deployments (especially SDN/NFV) need to be able to allow the user to order the flow specification. Another BGP Flow Specification (version 2) is being defined for user- ordered filters, and user-ordered actions encoded in Wide Communities.

Authors

Robert Raszuk (robert@raszuk.net)
Danny McPherson (dmcpherson@verisign.com)
Jared Mauch (jmauch@us.ntt.net)
Barry Greene (bgreene@juniper.net)
Susan Hares (shares@ndzh.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)