Internet Engineering Task Force (IETF)                        J. Scudder
Request for Comments: 7447                                   K. Kompella
Updates: 6790                                           Juniper Networks
Category: Standards Track                                  February 2015
ISSN: 2070-1721
        
Internet Engineering Task Force (IETF)                        J. Scudder
Request for Comments: 7447                                   K. Kompella
Updates: 6790                                           Juniper Networks
Category: Standards Track                                  February 2015
ISSN: 2070-1721
        

Deprecation of BGP Entropy Label Capability Attribute

BGP熵标签能力属性的弃用

Abstract

摘要

The BGP Entropy Label Capability attribute is defined in RFC 6790. Regrettably, it has a bug: although RFC 6790 mandates that routers incapable of processing Entropy Labels must remove the attribute, fulfillment of this requirement cannot be guaranteed in practice. This specification deprecates the attribute. A forthcoming document will propose a replacement.

BGP熵标签能力属性在RFC 6790中定义。遗憾的是,它有一个缺陷:尽管RFC6790要求不能处理熵标签的路由器必须删除该属性,但在实践中无法保证满足这一要求。此规范不推荐该属性。即将发布的文件将提出一个替代方案。

Status of This Memo

关于下段备忘

This is an Internet Standards Track document.

这是一份互联网标准跟踪文件。

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.

本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7447.

有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7447.

Copyright Notice

版权公告

Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2015 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。

Table of Contents

目录

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   2
   2.  Deprecation of ELCA . . . . . . . . . . . . . . . . . . . . .   2
   3.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   3
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   3
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   3
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .   3
     5.2.  Informative References  . . . . . . . . . . . . . . . . .   3
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .   4
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   4
        
   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   2
   2.  Deprecation of ELCA . . . . . . . . . . . . . . . . . . . . .   2
   3.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   3
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   3
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   3
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .   3
     5.2.  Informative References  . . . . . . . . . . . . . . . . .   3
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .   4
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   4
        
1. Introduction
1. 介绍

[RFC6790] defines the Entropy Label Capability attribute (ELCA), an optional, transitive BGP path attribute. For correct operation, an intermediate node modifying the next hop of a route must remove the ELCA unless the node doing so is able to process entropy labels. Sadly, this requirement cannot be fulfilled with the ELCA as specified, because it is an optional, transitive attribute. By definition, a node that does not support the ELCA will propagate the attribute (this is a general property of optional, transitive attributes; see [RFC4271]). But such an ELCA-oblivious node is likely to be incapable of processing entropy labels and is exactly the node that we desire to remove the attribute!

[RFC6790]定义了熵标签能力属性(ELCA),这是一个可选的、可传递的BGP路径属性。为了正确操作,修改路由下一跳的中间节点必须删除ELCA,除非这样做的节点能够处理熵标签。遗憾的是,ELCA不能满足这个要求,因为它是一个可选的、可传递的属性。根据定义,不支持ELCA的节点将传播该属性(这是可选的可传递属性的一般属性;请参见[RFC4271])。但这样的ELCA不经意节点可能无法处理熵标签,而正是我们希望删除属性的节点!

This specification updates RFC 6790 by deprecating the version of ELCA defined in Section 5.2 of that document. A forthcoming document will propose a replacement. All other sections of RFC 6790 are unchanged.

本规范通过弃用该文件第5.2节中定义的ELCA版本来更新RFC 6790。即将发布的文件将提出一个替代方案。RFC 6790的所有其他部分不变。

1.1. Requirements Language
1.1. 需求语言

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].

本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。

2. Deprecation of ELCA
2. ELCA的弃用

This document deprecates the ELCA path attribute. This means that implementations MUST NOT generate the attribute. If received, the attribute MUST be treated as any other unrecognized optional, transitive attribute as per [RFC4271], until and unless the code point is reused by some new specification. (To the authors' best knowledge, there are no implementations of ELCA at the time of writing.)

本文档不推荐ELCA path属性。这意味着实现不能生成属性。如果收到该属性,则必须按照[RFC4271]将该属性视为任何其他无法识别的可选可传递属性,直到且除非该代码点被某个新规范重用。(据作者所知,在撰写本文时没有ELCA的实现。)

3. IANA Considerations
3. IANA考虑

For the reasons given in Section 1, IANA has marked attribute 28 "BGP Entropy Label Capability Attribute" in the "BGP Path Attributes" registry as "deprecated" and has added a reference to this RFC.

出于第1节给出的原因,IANA已将“BGP路径属性”注册表中的属性28“BGP熵标签能力属性”标记为“已弃用”,并添加了对该RFC的引用。

4. Security Considerations
4. 安全考虑

ELCA, as defined in Section 5.2 of [RFC6790], has in common with other optional, transitive path attributes the property that it will be "tunneled" through intervening routers that don't implement the relevant specification. Unfortunately, as discussed elsewhere in this document, implementations of ELCA that receive such "tunneled" attributes could -- sometimes improperly -- rely on them. The consequence of doing so could be a black hole in the forwarding path for the affected routes. Whether or not this is a new security issue is somewhat debatable, since an attacker would have to be part of the control-plane path for the route in question in order for the attacker to exploit the issue. Under those circumstances, an attacker already has a panoply of mischief-making tools available, as discussed in [RFC4272].

ELCA,如[RFC6790]第5.2节所定义,与其他可选的可传递路径属性一样,具有将通过未实现相关规范的中间路由器“隧道化”的属性。不幸的是,正如本文其他地方所讨论的,接收此类“隧道”属性的ELCA实现可能——有时不正确地——依赖它们。这样做的结果可能是受影响路由的转发路径中出现黑洞。这是否是一个新的安全问题有些争议,因为攻击者必须是相关路由的控制平面路径的一部分,才能利用该问题。在这种情况下,攻击者已经拥有了一整套使工具可用的恶作剧工具,如[RFC4272]中所述。

In any case, this document renders any real or imagined security issues with ELCA moot, by deprecating it.

在任何情况下,本文档都会通过弃用ELCA来模拟任何真实或想象的安全问题。

5. References
5. 工具书类
5.1. Normative References
5.1. 规范性引用文件

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>.

[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月<http://www.rfc-editor.org/info/rfc2119>.

[RFC6790] Kompella, K., Drake, J., Amante, S., Henderickx, W., and L. Yong, "The Use of Entropy Labels in MPLS Forwarding", RFC 6790, November 2012, <http://www.rfc-editor.org/info/rfc6790>.

[RFC6790]Kompella,K.,Drake,J.,Amante,S.,Henderickx,W.,和L.Yong,“MPLS转发中熵标签的使用”,RFC 67902012年11月<http://www.rfc-editor.org/info/rfc6790>.

5.2. Informative References
5.2. 资料性引用

[RFC4271] Rekhter, Y., Ed., Li, T., Ed., and S. Hares, Ed., "A Border Gateway Protocol 4 (BGP-4)", RFC 4271, January 2006, <http://www.rfc-editor.org/info/rfc4271>.

[RFC4271]Rekhter,Y.,Ed.,Li,T.,Ed.,和S.Hares,Ed.,“边境网关协议4(BGP-4)”,RFC 42712006年1月<http://www.rfc-editor.org/info/rfc4271>.

[RFC4272] Murphy, S., "BGP Security Vulnerabilities Analysis", RFC 4272, January 2006, <http://www.rfc-editor.org/info/rfc4272>.

[RFC4272]Murphy,S.,“BGP安全漏洞分析”,RFC 42722006年1月<http://www.rfc-editor.org/info/rfc4272>.

Acknowledgements

致谢

Thanks to Alia Atlas, Bruno Decraene, Martin Djernaes, John Drake, Adrian Farrel, Keyur Patel, Ravi Singh, and Kevin Wang for their discussion of this issue.

感谢Alia Atlas、Bruno Decarene、Martin Djernaes、John Drake、Adrian Farrel、Keyur Patel、Ravi Singh和Kevin Wang对这个问题的讨论。

Authors' Addresses

作者地址

John G. Scudder Juniper Networks

约翰·G·斯卡德尔·杜松网络公司

   EMail: jgs@juniper.net
        
   EMail: jgs@juniper.net
        

Kireeti Kompella Juniper Networks

Kireeti Kompella Juniper网络

   EMail: kireeti@juniper.net
        
   EMail: kireeti@juniper.net