| draft-ietf-grow-route-leak-problem-definition-05.txt | draft-ietf-grow-route-leak-problem-definition-06.txt | |||
|---|---|---|---|---|
| Global Routing Operations K. Sriram | Global Routing Operations K. Sriram | |||
| Internet-Draft D. Montgomery | Internet-Draft D. Montgomery | |||
| Intended status: Informational US NIST | Intended status: Informational US NIST | |||
| Expires: October 31, 2016 D. McPherson | Expires: November 6, 2016 D. McPherson | |||
| E. Osterweil | E. Osterweil | |||
| Verisign, Inc. | Verisign, Inc. | |||
| B. Dickson | B. Dickson | |||
| April 29, 2016 | May 5, 2016 | |||
| Problem Definition and Classification of BGP Route Leaks | Problem Definition and Classification of BGP Route Leaks | |||
| draft-ietf-grow-route-leak-problem-definition-05 | draft-ietf-grow-route-leak-problem-definition-06 | |||
| Abstract | Abstract | |||
| A systemic vulnerability of the Border Gateway Protocol routing | A systemic vulnerability of the Border Gateway Protocol routing | |||
| system, known as 'route leaks', has received significant attention in | system, known as 'route leaks', has received significant attention in | |||
| recent years. Frequent incidents that result in significant | recent years. Frequent incidents that result in significant | |||
| disruptions to Internet routing are labeled "route leaks", but to | disruptions to Internet routing are labeled "route leaks", but to | |||
| date a common definition of the term has been lacking. This document | date a common definition of the term has been lacking. This document | |||
| provides a working definition of route leaks, keeping in mind the | provides a working definition of route leaks, keeping in mind the | |||
| real occurrences that have received significant attention. Further, | real occurrences that have received significant attention. Further, | |||
| skipping to change at page 1, line 45 ¶ | skipping to change at page 1, line 45 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on October 31, 2016. | This Internet-Draft will expire on November 6, 2016. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2016 IETF Trust and the persons identified as the | Copyright (c) 2016 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 5, line 18 ¶ | skipping to change at page 5, line 18 ¶ | |||
| or "peer-to-peer". This type of route leak typically occurs when, | or "peer-to-peer". This type of route leak typically occurs when, | |||
| for example, three sequential ISP peers (e.g. ISP-A, ISP-B, and ISP- | for example, three sequential ISP peers (e.g. ISP-A, ISP-B, and ISP- | |||
| C) are involved, and ISP-B receives a route from ISP-A and in turn | C) are involved, and ISP-B receives a route from ISP-A and in turn | |||
| leaks it to ISP-C. The typical routing policy between laterally | leaks it to ISP-C. The typical routing policy between laterally | |||
| (i.e. non-transit) peering ISPs is that they should only propagate to | (i.e. non-transit) peering ISPs is that they should only propagate to | |||
| each other their respective customer prefixes. | each other their respective customer prefixes. | |||
| o Example incidents: In [Mauch-nanog][Mauch], route leaks of this | o Example incidents: In [Mauch-nanog][Mauch], route leaks of this | |||
| type are reported by monitoring updates in the global BGP system | type are reported by monitoring updates in the global BGP system | |||
| and finding three or more very large ISP ASNs in a sequence in a | and finding three or more very large ISP ASNs in a sequence in a | |||
| BGP update's AS path. [Mauch] observes that these are anomalies | BGP update's AS path. [Mauch] observes that its detection | |||
| and potentially route leaks because very large ISPs such as ATT, | algorithm detects for these anomalies and potentially route leaks | |||
| Sprint, Verizon, and Globalcrossing do not in general buy transit | because very large ISPs do not in general buy transit services | |||
| services from each other. However, it also notes that there are | from each other. However, it also notes that there are exceptions | |||
| exceptions when one very large ISP does indeed buy transit from | when one very large ISP does indeed buy transit from another very | |||
| another very large ISP, and accordingly exceptions are made in its | large ISP, and accordingly exceptions are made in its detection | |||
| detection algorithm for known cases. | algorithm for known cases. | |||
| 3.3. Type 3: Leak of Transit-Provider Prefixes to Peer | 3.3. Type 3: Leak of Transit-Provider Prefixes to Peer | |||
| Description: This type of route leak occurs when an offending AS | Description: This type of route leak occurs when an offending AS | |||
| leaks routes learned from its transit provider to a lateral (i.e. | leaks routes learned from its transit provider to a lateral (i.e. | |||
| non-transit) peer. | non-transit) peer. | |||
| o Example incidents: The incidents reported in [Mauch] include the | o Example incidents: The incidents reported in [Mauch] include the | |||
| Type 3 leaks. | Type 3 leaks. | |||
| End of changes. 5 change blocks. | ||||
| 11 lines changed or deleted | 11 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||