draft-ietf-idr-as0-05.txt   draft-ietf-idr-as0-06.txt 
idr W. Kumari idr W. Kumari
Internet-Draft Google Internet-Draft Google
Updates: 4271 (if approved) R. Bush Updates: 4271 (if approved) R. Bush
Intended status: Standards Track Internet Initiative Japan Intended status: Standards Track Internet Initiative Japan
Expires: November 23, 2012 H. Schiller Expires: February 27, 2013 H. Schiller
Verizon Verizon
K. Patel K. Patel
Cisco Systems Cisco Systems
May 22, 2012 August 26, 2012
Codification of AS 0 processing. Codification of AS 0 processing.
draft-ietf-idr-as0-05 draft-ietf-idr-as0-06
Abstract Abstract
This document updates RFC 4271 and proscribes the use of AS 0 in BGP This document updates RFC 4271 and proscribes the use of Autonomous
OPEN and AS_PATH / AS4_PATH BGP attribute. System (AS) 0 in the Border Gateway Protocol (BGP) OPEN and AS_PATH /
AS4_PATH BGP attribute.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 23, 2012. This Internet-Draft will expire on February 27, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 11 skipping to change at page 3, line 11
6.2. Informative References . . . . . . . . . . . . . . . . . . 5 6.2. Informative References . . . . . . . . . . . . . . . . . . 5
Appendix A. Changes / Author Notes. . . . . . . . . . . . . . . . 5 Appendix A. Changes / Author Notes. . . . . . . . . . . . . . . . 5
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 6 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 6
1. Introduction 1. Introduction
Autonomous System 0 is listed in the IANA Autonomous System Number Autonomous System 0 is listed in the IANA Autonomous System Number
Registry as "Reserved - May be use to identify non-routed networks" Registry as "Reserved - May be use to identify non-routed networks"
([IANA.AS_Numbers]). ([IANA.AS_Numbers]).
[RFC6491] specifies that AS number zero in a ROA is used to mark an [RFC6491] specifies that AS number zero in a Route Origin Attestation
NLRI which is to be marked as Invalid. (ROA) is used to mark a prefix and all its more specific prefixes as
not to be used in a routing context. This allows a resource holder
to signal that a prefix (and the more specifics) should not be routed
by publishing a ROA listing AS0 as the only origin. To respond to
this signal requres that BGP implementations do not accept or
propagate routes containing AS0.
No clear statement that AS 0 was proscribed could be found in any BGP No clear statement that AS 0 was proscribed could be found in any BGP
specification. This document corrects this omission, most specification. This document corrects this omission, most
importantly in the case of the AS_PATH. This represents an update to importantly in the case of the AS_PATH. This represents an update to
the error handling procedures given in [RFC4271]. the error handling procedures given in [RFC4271] Sections 6.2 and 6.3
by specifying the behavior in the presence of AS0.
As at least two implementations discard routes containing AS 0, and At least two implementations discard routes containing AS 0, and this
to allow approaches such as the above, this document codifies this document codifies this behavior.
behavior.
1.1. Requirements notation 1.1. Requirements notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
2. Behavior 2. Behavior
A BGP speaker MUST NOT originate or propagate a route with an AS A BGP speaker MUST NOT originate or propagate a route with an AS
skipping to change at page 3, line 50 skipping to change at page 4, line 7
or AS4_AGGREGATOR attribute MUST be considered as malformed, and be or AS4_AGGREGATOR attribute MUST be considered as malformed, and be
handled by the procedures specified in [I-D.ietf-idr-rfc4893bis]. handled by the procedures specified in [I-D.ietf-idr-rfc4893bis].
If a BGP speaker receives zero as the peer AS in an OPEN message, it If a BGP speaker receives zero as the peer AS in an OPEN message, it
MUST abort the connection and send a NOTIFICATION with Error Code MUST abort the connection and send a NOTIFICATION with Error Code
"OPEN Message Error" and subcode "Bad Peer AS" (see [RFC4271] Section "OPEN Message Error" and subcode "Bad Peer AS" (see [RFC4271] Section
6.2). A router MUST NOT initiate a connection claiming to be AS 6.2). A router MUST NOT initiate a connection claiming to be AS
number zero. number zero.
Authors of future protocol extensions that carry the Autonomous Authors of future protocol extensions that carry the Autonomous
System number are encouraged keep in mind that AS number zero is System number are encouraged to keep in mind that AS number zero is
reserved and to provide clear direction on how to handle AS number reserved and to provide clear direction on how to handle AS number
zero. zero.
3. IANA Considerations 3. IANA Considerations
The IANA is requested to update the Reference for number 0 in the The IANA is requested to update the Reference for number 0 in the
"Autonomous System (AS) Numbers" registry to reference this document. "Autonomous System (AS) Numbers" registry to reference this document.
4. Security Considerations 4. Security Considerations
By allowing a RPKI resource holder to issue a ROA saying that AS 0 is By allowing a Resource Public Key Infrastructure (RPKI) resource
the only valid origin for a route, we allow them to state that a holder to issue a ROA saying that AS 0 is the only valid origin for a
particular address resource is not in use. By ensuring that all route, we allow them to state that a particular address resource is
implementations that see AS 0 in a route ignore that route, we not in use. By ensuring that all implementations that see AS 0 in a
prevent a malicious party from announcing routes containing AS 0 in route ignore that route, we prevent a malicious party from announcing
an attempt to hijack those resources. routes containing AS 0 in an attempt to hijack those resources.
In addition, by standardizing the behavior upon reception of an In addition, by standardizing the behavior upon reception of an
AS_PATH (or AS4_PATH) containing AS 0, this document makes the AS_PATH (or AS4_PATH) containing AS 0, this document makes the
behavior better defined, and security gotchas often lurk in the behavior better defined.
undefined spaces.
5. Acknowledgements 5. Acknowledgements
The authors wish to thank Enke Chen, Brian Dickson, Bruno Decraene, The authors wish to thank Elwyn Davies, Enke Chen, Brian Dickson,
Robert Raszuk, Jakob Heitz, Danny McPherson, Chris Morrow, iLya, John Bruno Decraene, Robert Raszuk, Jakob Heitz, Danny McPherson, Chris
Scudder, Jeff Tantsura, Daniel Ginsburg and Susan Hares. Apologies Morrow, iLya, John Scudder, Jeff Tantsura, Daniel Ginsburg and Susan
to those we may have missed, it was not intentional. Hares. Apologies to those we may have missed, it was not
intentional.
6. References 6. References
6.1. Normative References 6.1. Normative References
[I-D.ietf-idr-error-handling] [I-D.ietf-idr-error-handling]
Scudder, J., Chen, E., Mohapatra, P., and K. Patel, Scudder, J., Chen, E., Mohapatra, P., and K. Patel,
"Revised Error Handling for BGP UPDATE Messages", "Revised Error Handling for BGP UPDATE Messages",
draft-ietf-idr-error-handling-01 (work in progress), draft-ietf-idr-error-handling-01 (work in progress),
December 2011. December 2011.
skipping to change at page 6, line 34 skipping to change at page 6, line 39
o Editorial: I suggest dropping the parentheses in... JGS. o Editorial: I suggest dropping the parentheses in... JGS.
o Added "This document updates rfc 4271" to keep IDNITs happy... o Added "This document updates rfc 4271" to keep IDNITs happy...
o Bumped refs: draft-ietf-sidr-iana-objects has been published as o Bumped refs: draft-ietf-sidr-iana-objects has been published as
RFC 6491, idr-error is now -01, 4893bis is now -06 RFC 6491, idr-error is now -01, 4893bis is now -06
Changes - 05 Changes - 05
o Added something to the intro saying what we update and why. This o Added something to the intro saying what we update and why. This
was in the abstract, but I didn't have it in the intro. Stupid. was in the abstract, but I didn't have it in the intro. Stupid.
Changes - 06
o Incorporated some comments / clarifications from Gen-ART review
(Elwyn Davies)
o Expaned acronyms.
o RFC 6491 fix - clarified what it actually said and what
implications are.
Authors' Addresses Authors' Addresses
Warren Kumari Warren Kumari
Google Google
1600 Amphitheatre Parkway 1600 Amphitheatre Parkway
Mountain View, CA 94043 Mountain View, CA 94043
US US
Email: warren@kumari.net Email: warren@kumari.net
Randy Bush Randy Bush
Internet Initiative Japan Internet Initiative Japan
5147 Crystal Springs 5147 Crystal Springs
Bainbridge Island, WA 98110 Bainbridge Island, WA 98110
US US
Email: randy@psg.com Email: randy@psg.com
Heather Schiller Heather Schiller
Verizon Verizon
 End of changes. 14 change blocks. 
25 lines changed or deleted 39 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/