IDR Working Group S. Hares, Ed. Internet-Draft Huawei Intended status: Standards Track 4 October 2024 Expires: 7 April 2025 BGP Community Container Attribute draft-hares-idr-bgp-community-attribute-00 Abstract Route tagging plays an important role in external BGP (RFC4271) relations for communicating various routing policies between peers. It is also a common best practice among operators to propagate various additional information about routes intra-domain. The most common tool used today to attach various information about routes is through the use of BGP communities (original, extended or large). This document defines a new flexible Community encoding in a BGP Attribute that enhances what can be accomplished with BGP communities. Two initial use cases are wide communities and flow specification version 2 (FSv2) actions upon a filter match. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 7 April 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Hares Expires 7 April 2025 [Page 1] Internet-Draft BGP Community Container October 2024 Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 2. Protocol Summary . . . . . . . . . . . . . . . . . . . . . . 3 2.1. BGP Community Container Common Header . . . . . . . . . . 3 2.2. Propagation of BGP Community Containers . . . . . . . . . 4 3. BGP Community Container Attribute . . . . . . . . . . . . . . 4 3.1. BGP Community Container Attribute Common Header . . . . . 4 4. Operational Considerations . . . . . . . . . . . . . . . . . 6 5. Error Handling . . . . . . . . . . . . . . . . . . . . . . . 6 5.1. General Error Handling for BGP Community Containers . . . 6 6. Security considerations . . . . . . . . . . . . . . . . . . . 6 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 7.1. BGP Community Container Attribute . . . . . . . . . . . . 7 7.2. BGP Community Container Values . . . . . . . . . . . . . 7 8. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 7 9. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 9 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 10.1. Normative References . . . . . . . . . . . . . . . . . . 9 10.2. Informative References . . . . . . . . . . . . . . . . . 10 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11 1. Introduction [RFC1997] defines the BGP Community Attribute for BGP [RFC4271]. This attribute is used as a tool to carry additional information in BGP routes which may help to automate peering administration. The BGP Communities Attribute consists of a set of one or more four-octet values, where each specifies a different community. Except for two reserved ranges, the encoding of community values mandates that the first two octets are to contain the Autonomous System number, with the next two octets containing some locally defined opaque value. Since the introduction of [RFC1997], numerous additional mechanisms have been introduced to provide BGP Community-like functionality. Each of these mechanisms introduce a new syntax, typically covered by its encoding with the BGP Path Attribute that defines it, and a semantic space. Hares Expires 7 April 2025 [Page 2] Internet-Draft BGP Community Container October 2024 The definition of a new BGP Path Attribute, with the ability to contain locally defined parameters enhances the current level of network policies, as well as simplify BGP policy management. The proposed encoding facilitates the delivery of new network services without a need to define a new BGP extension each time. When defining any new type of tool there is always a unique opportunity to specify a subset of well recognized behaviors. Lists of the current most commonly used BGP communities, as well as provision for a new registry for future definitions will be contained in a separate document. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2. Protocol Summary This specification defines a new BGP Path Attribute, the BGP Community Container. It carries a series of BGP Community Container types, each prefaced with the BGP Community Container Common Header. The original version of this memo was created as part of [I-D.ietf-idr-wide-bgp-communities] for the BGP Community Container Common Header. This draft splits the BGP Community Container Common Header away from the Wide Communmity header. 2.1. BGP Community Container Common Header The BGP Community Container Common Header permits Community-like attributes to be grouped under a single BGP Path Attribute. This provides a hierarchy for future Community-like features. It permits implementations without knowledge of a specific Community Container's format to address that Community Container by its code point. It also permits common enforcement of the Community Container's transitivity across AS boundaries without need for the implementation to understand a specific Container's implementation. This document defines the Community common container and proposes a registry for Common Container types. The following Container initial values for the container type are defined: Wide Community Container Type (0x01) ([I-D.ietf-idr-wide-bgp-communities] Hares Expires 7 April 2025 [Page 3] Internet-Draft BGP Community Container October 2024 FSv2 Action Container type (0x02) ([I-D.hares-idr-fsv2-more-ip-actions] 2.2. Propagation of BGP Community Containers Propagation of BGP Community Containers is scoped to the administrative boundary. The definition of an administrative boundary consists of arbitrary set of connected ASes, possibly under control of a single entity. How such an administrative boundary is determined is out of scope of this document. 3. BGP Community Container Attribute This document defines a new BGP Path Attribute, the BGP Community Container. The attribute type code is TBD. The BGP Community Container attribute is an optional, transitive BGP attribute, and may be present only once in the BGP UPDATE message. The attribute contains a set of typed containers. Any given container type may appear multiple times, unless that container type's definition specifies otherwise. Each such container can have a unique propagation scope and can be subject to local filtering. 3.1. BGP Community Container Attribute Common Header Containers always start with the following common header: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Flags |T|C| Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Figure 1: Common container header The BGP Community Container Common Header contains following encoding: Container Type: 2 octets with the type of community container. The value zero is reserved. Flags: Flags control common behavior including the transitivity of the Container. Hares Expires 7 April 2025 [Page 4] Internet-Draft BGP Community Container October 2024 Length: Length of the Container header and content. This document defines the Community common container and proposes a registry for Common Container types. The following Container initial values for the container type are defined: Wide Community Container Type (0x01) ([I-D.ietf-idr-wide-bgp-communities] FSv2 Action Container type (0x02) ([I-D.hares-idr-fsv2-more-ip-actions] See the Section 7 for information on additional type registration policies. +======+=======+===================================================+ | Bit | Value | Meaning | +======+=======+===================================================+ | T | 0 | Not Transitive across administrative boundary. | +------+-------+---------------------------------------------------+ | | 1 | Transitive across AS and administrative boundary. | +------+-------+---------------------------------------------------+ | C | 0 | Not transitive across confederation boundaries. | +------+-------+---------------------------------------------------+ | | 1 | Transitive across confederation boundaries. | +------+-------+---------------------------------------------------+ | 3..7 | - | RESERVED - MUST be zero when originated and | | | | SHOULD be ignored upon receipt. | +------+-------+---------------------------------------------------+ Table 1: Flags Flags are defined globally and apply to all container types. Bit 0 (T bit) Transitivity bit: When not set (value 0), the community in the container is not transitive across administrative boundary. When set (value 1), the community in the container is transitive across all administrative boundaries. Bit 1 (C bit) BGP Confederation [RFC3065] bit: The confederation bit is used to manage the propagation scope of a given container across Member-AS confederation boundary. Hares Expires 7 April 2025 [Page 5] Internet-Draft BGP Community Container October 2024 When not set (value 0) community is not transitive across confederation Member-AS boundary. When set (value of 1) indicates that community in a given container is transitive across Member-AS confederation boundary. The Reserved field MUST be set to zero when originated and SHOULD be ignored upon receipt. The Length field represents the total length (in octets) of a given container including its header. 4. Operational Considerations Multiple mechanisms exist for an operator to propagate actions into the network. Besides BGP Wide Communities, an operator can use the BGP Community Attribute [RFC1997], the BGP Extended Communities Attribute [RFC4360], or the BGP Large Communities Attribute [RFC8092] to achieve similar objectives. Care should be taken when using more than one of these tools. The interaction between the different community attributes is out of the scope of this document. 5. Error Handling 5.1. General Error Handling for BGP Community Containers The "treat as withdraw" behavior [RFC7606] MUST be executed for any malformed Community Containers, including their contents or presence of the BGP Community Container Attribute or given community TLV more then once in the BGP Update Message. 6. Security considerations The security considerations for BGP Communities [RFC1997] or BGP Extended Communities [RFC4360] apply to BGP Community Containers. Transitive BGP Community Container communities could unintentionally spread far from their origin. If a router receives many routes from multiple sources on the Internet with different communities, it could cause significant processing burden or memory usage. To prevent this, it is RECOMMENDED that routers should be configured to strip unexpected communities from received routes. 7. IANA Considerations All Registration Policies contained in this document are based on [RFC8126]. Hares Expires 7 April 2025 [Page 6] Internet-Draft BGP Community Container October 2024 7.1. BGP Community Container Attribute This document defines a new BGP Path Attribute called BGP Community Container Attribute. For this new type IANA is requested to allocate a new value in the corresponding registry: Registry Name: BGP Path Attributes This document makes the following assignments for the optional, transitive BGP Community Container Attribute: Name Type Value ---- ---------- BGP Community Container Attribute TBD [this document] 7.2. BGP Community Container Values This document requests IANA to define and maintain a new registry named: "BGP Community Container Types". The pool of: 0x0000..0xFFFF has been defined for its allocations. Registration procedures: 0x0000 : Reserved. 0x0001-0x00FF : IETF Review. 0x0100-0xFF00 : First Come First Served. 0xFF01-0xFFFE : Experimental Use. 0xFFFF : Reserved. Values: 0x0001 : BGP Wide Community [this document] 0x0002 : BGP FSv2 Actions [this document] 8. Contributors The following people contributed significantly to the original Community attribute for the wide community. Shintaro Kojima OTEMACHI 1st. SQUARE EAST TOWER, 3F 1-5-1, Otemachi, Chiyoda-ku, Tokyo 100-0004 Japan Email: koji@mfeed.ad.jp Hares Expires 7 April 2025 [Page 7] Internet-Draft BGP Community Container October 2024 Juan Alcaide Cisco Systems Research Triangle Park, NC United States Email: jalcaide@cisco.com Burjiz Pithawala Cisco Systems 170 West Tasman Dr San Jose, CA United States Email: bpithaw@cisco.com Saku Ytti TDC Oy Mechelininkatu 1a 00094 TDC Finland Email: ytti@tdc.net Shane Amante Apple, Inc. 1 Infinite Loop Cupertino, CA, 95014 USA amante@apple.com Shane Amante Paul Jakma Huawei Ireland Research Centre Georges Court,Dublin D02 R156 Ireland paul@jakma.org Hares Expires 7 April 2025 [Page 8] Internet-Draft BGP Community Container October 2024 Andrew Lange Nokia 777 E. Middlefield Road Mountain View, CA 94043 USA andrew.lange@nokia.com Bruno Decraene Orange bruno.decraene@orange.com Robert Raszuk Arrcus 2077 Gateway Place San Jose, CA 95110 USA robert@raszuk.net Jeffrey Haas Juniper Networks 1194 N.Mathilda Ave Sunnyvale, CA 94089 USA jhaas@juniper.net 9. Acknowledgments This document owes draft-lange-flexible-bgp-communities a debt for the inspiration of many features contained herein. 10. References 10.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . Hares Expires 7 April 2025 [Page 9] Internet-Draft BGP Community Container October 2024 [RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, DOI 10.17487/RFC4271, January 2006, . [RFC7606] Chen, E., Ed., Scudder, J., Ed., Mohapatra, P., and K. Patel, "Revised Error Handling for BGP UPDATE Messages", RFC 7606, DOI 10.17487/RFC7606, August 2015, . [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . 10.2. Informative References [I-D.hares-idr-fsv2-more-ip-actions] Hares, S., "BGP Flow Specification Version 2 - More IP Actions", Work in Progress, Internet-Draft, draft-hares- idr-fsv2-more-ip-actions-01, 3 June 2024, . [I-D.ietf-idr-wide-bgp-communities] Raszuk, R., Haas, J., Lange, A., Decraene, B., Amante, S., and P. Jakma, "BGP Community Container Attribute", Work in Progress, Internet-Draft, draft-ietf-idr-wide-bgp- communities-11, 9 March 2023, . [RFC1997] Chandra, R., Traina, P., and T. Li, "BGP Communities Attribute", RFC 1997, DOI 10.17487/RFC1997, August 1996, . [RFC3065] Traina, P., McPherson, D., and J. Scudder, "Autonomous System Confederations for BGP", RFC 3065, DOI 10.17487/RFC3065, February 2001, . [RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended Communities Attribute", RFC 4360, DOI 10.17487/RFC4360, February 2006, . Hares Expires 7 April 2025 [Page 10] Internet-Draft BGP Community Container October 2024 [RFC8092] Heitz, J., Ed., Snijders, J., Ed., Patel, K., Bagdonas, I., and N. Hilliard, "BGP Large Communities Attribute", RFC 8092, DOI 10.17487/RFC8092, February 2017, . Author's Address Susan Hares (editor) Huawei Ann Arbor, MI 48176 United States of America Email: shares@ndzh.com Hares Expires 7 April 2025 [Page 11]