Problem Definition and Classification of BGP Route Leaks
RFC 7908

Document Type RFC - Informational (June 2016; No errata)
Last updated 2016-06-21
Stream IETF
Formats plain text pdf html bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Chris Morrow
Shepherd write-up Show (last changed 2016-03-09)
IESG IESG state RFC 7908 (Informational)
Consensus Boilerplate Yes
Telechat date
Responsible AD Joel Jaeggli
Send notices to "Christopher Morrow" <christopher.morrow@gmail.com>
IANA IANA review state Version Changed - Review Needed
IANA action state No IANA Actions
Internet Engineering Task Force (IETF)                         K. Sriram
Request for Comments: 7908                                 D. Montgomery
Category: Informational                                          US NIST
ISSN: 2070-1721                                             D. McPherson
                                                            E. Osterweil
                                                          Verisign, Inc.
                                                              B. Dickson
                                                               June 2016

        Problem Definition and Classification of BGP Route Leaks

Abstract

   A systemic vulnerability of the Border Gateway Protocol routing
   system, known as "route leaks", has received significant attention in
   recent years.  Frequent incidents that result in significant
   disruptions to Internet routing are labeled route leaks, but to date
   a common definition of the term has been lacking.  This document
   provides a working definition of route leaks while keeping in mind
   the real occurrences that have received significant attention.
   Further, this document attempts to enumerate (though not
   exhaustively) different types of route leaks based on observed events
   on the Internet.  The aim is to provide a taxonomy that covers
   several forms of route leaks that have been observed and are of
   concern to the Internet user community as well as the network
   operator community.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are a candidate for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc7908.

Sriram, et al.                Informational                     [Page 1]
RFC 7908              Route-Leak Problem Definition            June 2016

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Working Definition of Route Leaks . . . . . . . . . . . . . .   3
   3.  Classification of Route Leaks Based on Documented Events  . .   4
     3.1.  Type 1: Hairpin Turn with Full Prefix . . . . . . . . . .   4
     3.2.  Type 2: Lateral ISP-ISP-ISP Leak  . . . . . . . . . . . .   5
     3.3.  Type 3: Leak of Transit-Provider Prefixes to Peer . . . .   5
     3.4.  Type 4: Leak of Peer Prefixes to Transit Provider . . . .   5
     3.5.  Type 5: Prefix Re-origination with Data Path to
           Legitimate Origin . . . . . . . . . . . . . . . . . . . .   6
     3.6.  Type 6: Accidental Leak of Internal Prefixes and More-
           Specific Prefixes . . . . . . . . . . . . . . . . . . . .   6
   4.  Additional Comments about the Classification  . . . . . . . .   7
   5.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   6.  Informative References  . . . . . . . . . . . . . . . . . . .   7
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  11
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  11

Sriram, et al.                Informational                     [Page 2]
RFC 7908              Route-Leak Problem Definition            June 2016

1.  Introduction

   Frequent incidents [Huston2012] [Cowie2013] [Toonk2015-A]
   [Toonk2015-B] [Cowie2010] [Madory] [Zmijewski] [Paseka] [LRL] [Khare]
   that result in significant disruptions to Internet routing are
   commonly called "route leaks".  Examination of the details of some of
   these incidents reveals that they vary in their form and technical
   details.  In order to pursue solutions to "the route-leak problem" it
   is important to first provide a clear, technical definition of the
   problem and enumerate its most common forms.  Section 2 provides a
   working definition of route leaks, keeping in view many recent
Show full document text