Network Working Group                                           E. Chen
Request for Comments: 5292                                    S. Sangli
Category: Standards Track                                 Cisco Systems
                                                            August 2008
        
Network Working Group                                           E. Chen
Request for Comments: 5292                                    S. Sangli
Category: Standards Track                                 Cisco Systems
                                                            August 2008
        

Address-Prefix-Based Outbound Route Filter for BGP-4

基于地址前缀的BGP-4出站路由筛选器

Status of This Memo

关于下段备忘

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。

Abstract

摘要

This document defines a new Outbound Router Filter (ORF) type for BGP, termed "Address Prefix Outbound Route Filter", that can be used to perform address-prefix-based route filtering. This ORF-type supports prefix-length- or range-based matching, wild-card-based address prefix matching, as well as the exact address prefix matching for address families.

本文档为BGP定义了一种新的出站路由器过滤器(ORF)类型,称为“地址前缀出站路由过滤器”,可用于执行基于地址前缀的路由过滤。此ORF类型支持基于前缀长度或范围的匹配、基于通配符的地址前缀匹配以及地址族的精确地址前缀匹配。

1. Introduction
1. 介绍

The Outbound Route Filtering Capability defined in [BGP-ORF] provides a mechanism for a BGP speaker to send to its BGP peer a set of Outbound Route Filters (ORFs) that can be used by its peer to filter its outbound routing updates to the speaker.

[BGP-ORF]中定义的出站路由过滤功能为BGP演讲者向其BGP对等方发送一组出站路由过滤器(ORF)提供了一种机制,其对等方可使用该过滤器过滤其对演讲者的出站路由更新。

This documents defines a new ORF-type for BGP, termed "Address Prefix Outbound Route Filter (Address Prefix ORF)", that can be used to perform address-prefix-based route filtering. The Address Prefix ORF supports prefix-length- or range-based matching, wild-card-based address prefix matching, as well as the exact address prefix matching for address families [BGP-MP].

本文档为BGP定义了一种新的ORF类型,称为“地址前缀出站路由筛选器(地址前缀ORF)”,可用于执行基于地址前缀的路由筛选。地址前缀ORF支持基于前缀长度或范围的匹配、基于通配符的地址前缀匹配以及地址族的精确地址前缀匹配[BGP-MP]。

2. Address Prefix ORF-Type
2. 地址前缀ORF类型

The Address Prefix ORF-Type allows one to express ORFs in terms of address prefixes. That is, it provides address-prefix-based route filtering, including prefix-length- or range-based matching, as well as wild-card address prefix matching.

地址前缀ORF类型允许用地址前缀表示ORF。也就是说,它提供了基于地址前缀的路由过滤,包括基于前缀长度或范围的匹配,以及通配符地址前缀匹配。

Conceptually, an Address Prefix ORF entry consists of the fields <Sequence, Match, Length, Prefix, Minlen, Maxlen>.

从概念上讲,地址前缀ORF条目由字段<Sequence,Match,Length,Prefix,Minlen,Maxlen>组成。

The "Sequence" field specifies the relative ordering of the entry among all the Address Prefix ORF entries.

“序列”字段指定所有地址前缀ORF条目中条目的相对顺序。

The "Match" field specifies whether this entry is "PERMIT" (value 0) or "DENY" (value 1).

“匹配”字段指定此条目是“允许”(值0)还是“拒绝”(值1)。

The "Length" field indicates the length (in bits) of the address prefix. A length of zero indicates a prefix that matches all (as specified by the address family) addresses (with the prefix itself of zero octets).

“长度”字段表示地址前缀的长度(以位为单位)。长度为零表示与所有(由地址系列指定的)地址(前缀本身为零个八位字节)匹配的前缀。

The "Prefix" field contains an address prefix of an address family.

“前缀”字段包含地址族的地址前缀。

The "Minlen" field indicates the minimum prefix length (in bits) that is required for "matching". The field is considered unspecified with a value of 0.

“Minlen”字段表示“匹配”所需的最小前缀长度(以位为单位)。该字段被视为未指定,其值为0。

The "Maxlen" field indicates the maximum prefix length (in bits) that is required for "matching". The field is considered unspecified with a value of 0.

“Maxlen”字段表示“匹配”所需的最大前缀长度(以位为单位)。该字段被视为未指定,其值为0。

The fields "Sequence", "Length", "Minlen", and "Maxlen" are all unsigned integers.

字段“Sequence”、“Length”、“Minlen”和“Maxlen”都是无符号整数。

This document imposes the following requirement on the values of these fields:

本文件对这些字段的值提出以下要求:

         0 <= Length < Minlen <= Maxlen
        
         0 <= Length < Minlen <= Maxlen
        

However, tests related to the "Minlen" or "Maxlen" value should be omitted when the "Minlen" or "Maxlen" field (respectively) is unspecified.

但是,如果未指定“Minlen”或“Maxlen”字段(分别),则应忽略与“Minlen”或“Maxlen”值相关的测试。

In addition, the "Maxlen" value must be no more than the maximum length (in bits) of a host address for a given address family [BGP-MP].

此外,“Maxlen”值不得超过给定地址系列[BGP-MP]的主机地址的最大长度(以位为单位)。

3. Address Prefix ORF Encoding
3. 地址前缀ORF编码

The value of the ORF-Type for the Address Prefix ORF-Type is 64.

地址前缀ORF类型的ORF类型的值为64。

An Address Prefix ORF entry is encoded as follows. The "Match" field of the entry is encoded in the "Match" field of the common part [BGP-ORF], and the remaining fields of the entry are encoded in the "Type specific part", as shown in Figure 1.

地址前缀ORF条目编码如下。条目的“匹配”字段编码在公共部分[BGP-ORF]的“匹配”字段中,条目的其余字段编码在“类型特定部分”中,如图1所示。

         +--------------------------------+
         |   Sequence (4 octets)          |
         +--------------------------------+
         |   Minlen   (1 octet)           |
         +--------------------------------+
         |   Maxlen   (1 octet)           |
         +--------------------------------+
         |   Length   (1 octet)           |
         +--------------------------------+
         |   Prefix   (variable length)   |
         +--------------------------------+
        
         +--------------------------------+
         |   Sequence (4 octets)          |
         +--------------------------------+
         |   Minlen   (1 octet)           |
         +--------------------------------+
         |   Maxlen   (1 octet)           |
         +--------------------------------+
         |   Length   (1 octet)           |
         +--------------------------------+
         |   Prefix   (variable length)   |
         +--------------------------------+
        

Figure 1: Address Prefix ORF Encoding

图1:地址前缀ORF编码

Note that the "Prefix" field contains the address prefix followed by enough trailing bits to make the end of the field fall on an octet boundary. The value of the trailing bits is irrelevant.

请注意,“Prefix”字段包含地址前缀,后跟足够的尾随位,以使字段的结尾落在八位字节边界上。尾随位的值是无关的。

4. Address Prefix ORF Matching
4. 地址前缀ORF匹配

In addition to the general matching rules defined in [BGP-ORF], several Address-Prefix-ORF-specific matching rules are defined as follows.

除了[BGP-ORF]中定义的一般匹配规则外,还定义了几个特定于地址前缀ORF的匹配规则,如下所示。

Consider an Address Prefix ORF entry, and a route maintained by a BGP speaker with Network Layer Reachability Information (NLRI) in the form of <Prefix, Length>.

考虑一个地址前缀ORF条目,以及一个BGP说话人以网络层可达性信息(NLRI)形式维护的路由。

The route is considered as "no match" to the ORF entry if the NLRI is neither more specific than, nor equal to, the <Prefix, Length> fields of the ORF entry.

如果NLRI既不比ORF条目的<Prefix,Length>字段更具体,也不等于ORF条目的<Prefix,Length>字段,则认为路由与ORF条目“不匹配”。

When the NLRI is either more specific than, or equal to, the <Prefix, Length> fields of the ORF entry, the route is considered as a match to the ORF entry only if the NLRI match condition as listed in Table 1 is satisfied.

当NLRI比或等于ORF条目的<Prefix,Length>字段更具体时,仅当满足表1中列出的NLRI匹配条件时,才会将路由视为与ORF条目匹配。

             ORF Entry                  NLRI
        Minlen      Maxlen         Match Condition
      +------------------------------------------------------+
      | un-spec.    un-spec.       NLRI.length == ORF.length |
      +------------------------------------------------------+
      | specified   un-spec.       NLRI.length >= ORF.Minlen |
      +------------------------------------------------------+
      | un-spec.    specified      NLRI.length <= ORF.Maxlen |
      +------------------------------------------------------+
      | specified   specified      NLRI.length >= ORF.Minlen |
      |                        AND NLRI.length <= ORF.Maxlen |
      +------------------------------------------------------+
        
             ORF Entry                  NLRI
        Minlen      Maxlen         Match Condition
      +------------------------------------------------------+
      | un-spec.    un-spec.       NLRI.length == ORF.length |
      +------------------------------------------------------+
      | specified   un-spec.       NLRI.length >= ORF.Minlen |
      +------------------------------------------------------+
      | un-spec.    specified      NLRI.length <= ORF.Maxlen |
      +------------------------------------------------------+
      | specified   specified      NLRI.length >= ORF.Minlen |
      |                        AND NLRI.length <= ORF.Maxlen |
      +------------------------------------------------------+
        

Table 1: Address Prefix ORF Matching

表1:地址前缀ORF匹配

When more than one Address Prefix ORF entry matches the NLRI of the route, the "first-match" rule applies. That is, the ORF entry with the smallest sequence number (among all the matching ORF entries) is considered as the sole match, and it would determine whether the route should be advertised.

当多个地址前缀ORF条目与路由的NLRI匹配时,“第一个匹配”规则适用。也就是说,具有最小序列号(在所有匹配的ORF条目中)的ORF条目被视为唯一匹配,并且它将确定是否应该公布路由。

The assignment of the sequence numbers is a local matter for the BGP speaker that sends the Address Prefix ORF entries.

序列号的分配对于发送地址前缀ORF条目的BGP说话人来说是本地事务。

5. IANA Considerations
5. IANA考虑

This document specifies a new Outbound Route Filtering (ORF) type, Address Prefix ORF. The value of the ORF-type is 64.

本文档指定了一种新的出站路由筛选(ORF)类型,即地址前缀ORF。ORF类型的值为64。

6. Security Considerations
6. 安全考虑

This extension to BGP does not change the underlying security issues in [BGP-4].

BGP的此扩展不会改变[BGP-4]中的基本安全问题。

7. Normative References
7. 规范性引用文件

[BGP-4] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006.

[BGP-4]Rekhter,Y.,Ed.,Li,T.,Ed.,和S.Hares,Ed.,“边境网关协议4(BGP-4)”,RFC 42712006年1月。

[BGP-MP] Bates, T., Chandra, R., Katz, D., and Y. Rekhter, "Multiprotocol Extensions for BGP-4", RFC 4760, January 2007.

[BGP-MP]Bates,T.,Chandra,R.,Katz,D.,和Y.Rekhter,“BGP-4的多协议扩展”,RFC 4760,2007年1月。

[BGP-ORF] Chen, E., and Y. Rekhter, "Outbound Route Filtering Capability for BGP-4", RFC 5291, August 2008.

[BGP-ORF]Chen,E.和Y.Rekhter,“BGP-4的出站路由过滤能力”,RFC 5291,2008年8月。

Authors' Addresses

作者地址

Enke Chen Cisco Systems, Inc. 170 W. Tasman Dr. San Jose, CA 95134

Enke Chen思科系统公司170 W.Tasman Dr.San Jose,CA 95134

   EMail: enkechen@cisco.com
        
   EMail: enkechen@cisco.com
        

Srihari R. Sangli Cisco Systems, Inc. 170 W. Tasman Dr. San Jose, CA 95134

Srihari R.Sangli Cisco Systems,Inc.170 W.Tasman Dr.San Jose,CA 95134

   EMail: rsrihari@cisco.com
        
   EMail: rsrihari@cisco.com
        

Full Copyright Statement

完整版权声明

Copyright (C) The IETF Trust (2008).

版权所有(C)IETF信托基金(2008年)。

This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。

This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

本文件及其包含的信息以“原样”为基础提供,贡献者、他/她所代表或赞助的组织(如有)、互联网协会、IETF信托基金和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。

Intellectual Property

知识产权

The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.

IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.

向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.

IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.