Browse Prior Art Database

Revised Error Handling for BGP UPDATE Messages (RFC7606)

IP.com Disclosure Number: IPCOM000242888D
Original Publication Date: 2015-Aug-01
Included in the Prior Art Database: 2015-Aug-27
Document File: 38 page(s) / 42K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

E. Chen: AUTHOR [+6]

Abstract

According to the base BGP specification [RFC4271], a BGP speaker that receives an UPDATE message containing a malformed attribute is required to reset the session over which the offending attribute was received. This behavior is undesirable because a session reset impacts not only routes with the offending attribute but also other valid routes exchanged over the session. In the case of optional transitive attributes, the behavior is especially troublesome and may present a potential security vulnerability. This is because attributes may have been propagated without being checked by intermediate routers that don't recognize the attributes. In effect, the attributes may have been tunneled; when they reach a router that recognizes and checks the attributes, the session that is reset may not be associated with the router that is at fault. To make matters worse, in such cases, although the problematic attributes may have originated with a single update transmitted by a single BGP speaker, by the time they encounter a router that checks them they may have been replicated many times and thus may cause the reset of many peering sessions. Thus, the damage inflicted may be multiplied manyfold.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 6% of the total text.

Internet Engineering Task Force (IETF)                      E. Chen, Ed. Request for Comments: 7606                           Cisco Systems, Inc. Updates: 1997, 4271, 4360, 4456, 4760,                   J. Scudder, Ed.          5543, 5701, 6368                               Juniper Networks Category: Standards Track                                   P. Mohapatra ISSN: 2070-1721                                         Sproute Networks                                                                 K. Patel                                                      Cisco Systems, Inc.                                                              August 2015

              Revised Error Handling for BGP UPDATE Messages

Abstract

   According to the base BGP specification, a BGP speaker that receives    an UPDATE message containing a malformed attribute is required to    reset the session over which the offending attribute was received.    This behavior is undesirable because a session reset would impact not    only routes with the offending attribute but also other valid routes    exchanged over the session.  This document partially revises the    error handling for UPDATE messages and provides guidelines for the    authors of documents defining new attributes.  Finally, it revises    the error handling procedures for a number of existing attributes.

   This document updates error handling for RFCs 1997, 4271, 4360, 4456,    4760, 5543, 5701, and 6368.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force    (IETF).  It represents the consensus of the IETF community.  It has    received public review and has been approved for publication by the    Internet Engineering Steering Group (IESG).  Further information on    Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at    http://www.rfc-editor.org/info/rfc7606.

 Chen, et al.                 Standards Track                    [Page 1]
 RFC 7606             Revised Error Handling for BGP          August 2015

 Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    (http://trustee.ietf.org/license-info) in effect on the date of...