203 lines
5.7 KiB
XML
203 lines
5.7 KiB
XML
<?xml version="1.0" encoding="US-ASCII"?>
|
|
|
|
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
|
|
|
|
<?rfc sortrefs="yes"?>
|
|
<?rfc subcompact="no"?>
|
|
<?rfc symrefs="yes"?>
|
|
<?rfc toc="yes"?>
|
|
<?rfc tocdepth="3"?>
|
|
<?rfc compact="yes"?>
|
|
<?rfc subcompact="no"?>
|
|
|
|
<rfc category="info" docName="draft-ymbk-sidrops-rov-no-rr-00" ipr="trust200902">
|
|
|
|
<front>
|
|
|
|
<title abbrev="RPKI ROV Without Route Refresh">
|
|
RPKI Route Origin Validation Without Route Refresh
|
|
</title>
|
|
|
|
<author fullname="Randy Bush" initials="R." surname="Bush">
|
|
<organization>IIJ Research Lab & Arrcus, Inc.</organization>
|
|
<address>
|
|
<postal>
|
|
<street>1856 SW Edgewood Dr</street>
|
|
<city>Portland</city>
|
|
<region>Oregon</region>
|
|
<code>97210</code>
|
|
<country>United States of America</country>
|
|
</postal>
|
|
<email>randy@psg.com</email>
|
|
</address>
|
|
</author>
|
|
|
|
<author fullname="Keyur Patel" initials="K." surname="Patel">
|
|
<organization>Arrcus, Inc.</organization>
|
|
<address>
|
|
<postal>
|
|
<street>2077 Gateway Place, Suite #400</street>
|
|
<city>San Jose</city>
|
|
<region>CA</region>
|
|
<code>95119</code>
|
|
<country>United States of America</country>
|
|
</postal>
|
|
<email>keyur@arrcus.com</email>
|
|
</address>
|
|
</author>
|
|
|
|
<author fullname="Philip Smith" initials="P." surname="Smith">
|
|
<organization>PFS Internet Development Pty Ltd</organization>
|
|
<address>
|
|
<postal>
|
|
<street>PO Box 1908</street>
|
|
<city>Milton</city>
|
|
<region>QLD</region>
|
|
<code>4064</code>
|
|
<country>Australia</country>
|
|
</postal>
|
|
<email>pfsinoz@gmail.com</email>
|
|
</address>
|
|
</author>
|
|
|
|
<author fullname="Mark Tinka" initials="M." surname="Tinka">
|
|
<organization>SEACOM</organization>
|
|
<address>
|
|
<postal>
|
|
<street>Building 7, Design Quarter District, Leslie Avenue, Magaliessig</street>
|
|
<city>Fourways, Gautang</city>
|
|
<code>2196</code>
|
|
<country>South Africa</country>
|
|
</postal>
|
|
<email>mark.tinka@seacom.com</email>
|
|
</address>
|
|
</author>
|
|
|
|
<date />
|
|
|
|
<abstract>
|
|
|
|
<t>
|
|
A BGP Speaker performing RPKI-based Route Origin Validation should
|
|
not issue Route Refresh to its neighbors when receiving new VRPs.
|
|
</t>
|
|
|
|
</abstract>
|
|
|
|
<note title="Requirements Language">
|
|
|
|
<t>
|
|
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
|
|
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
|
|
"MAY", and "OPTIONAL" in this document are to be interpreted as
|
|
described in BCP 14 <xref target="RFC2119"/> <xref
|
|
target="RFC8174"/> when, and only when, they appear in all
|
|
capitals, as shown here.
|
|
</t>
|
|
|
|
</note>
|
|
|
|
</front>
|
|
|
|
<middle>
|
|
|
|
<section anchor="intro" title="Introduction">
|
|
|
|
<t>
|
|
Memory constraints in early routers caused classic <xref
|
|
target="RFC4271"/> BGP implementations to not keep a full
|
|
Adj-RIB-In (Sec. 1.1). When doing RPKI-based Route Origin
|
|
Validation (<xref target="RFC6811"/> and <xref
|
|
target="RFC8481"/>), if such a BGP speaker receives new ROAs/VRPs,
|
|
it might not have kept paths previously marked as Invalid. Such
|
|
an implementation must then request a Route Refresh <xref
|
|
target="RFC7313"/> from its neighbors to recover the paths which
|
|
might be covered by these new VRPs. This will be perceived as
|
|
rude by those neighbors as it passes a serious resource burden on
|
|
to them. This document recommends implementations keep but mark
|
|
Invalidated paths so the Route Refresh is no longer needed.
|
|
</t>
|
|
|
|
</section>
|
|
|
|
<section anchor="related" title="Related Work">
|
|
|
|
<t>It is assumed that the reader understands BGP, <xref
|
|
target="RFC4271"/> and Route Refresh <xref target="RFC7313"/>, the
|
|
RPKI <xref target="RFC6480"/>, Route Origin Authorizations (ROAs),
|
|
<xref target="RFC6482"/>, The Resource Public Key Infrastructure
|
|
(RPKI) to Router Protocol <xref target="I-D.ietf-sidrops-8210bis"/>,
|
|
RPKI-based Prefix Validation, <xref target="RFC6811"/>, and Origin
|
|
Validation Clarifications, <xref target="RFC8481"/>.</t>
|
|
|
|
</section>
|
|
|
|
<section anchor="ops" title="Operational Considerations">
|
|
|
|
<t>
|
|
Operators deploying ROV SHOULD ensure that the router implementation
|
|
is not causing unnecessary Route Refresh requests to neighbors.
|
|
</t>
|
|
|
|
<t>
|
|
If the router does not implement the recommendations here, the
|
|
operator SHOULD enable "soft reconfiguration inbound," which
|
|
should cause the Adj-RIB-In to be effectively kept. The operator
|
|
should then ensure that this stops unnecessary Route Refresh
|
|
requests to neighbors.
|
|
</t>
|
|
|
|
<t>
|
|
If the router has insufficient resources to support this, it
|
|
SHOULD not be used for Route Origin Validation.
|
|
</t>
|
|
|
|
</section>
|
|
|
|
<section anchor="Security" title="Security Considerations">
|
|
|
|
<t>
|
|
This document adds no additional security considerations to those
|
|
already described by the referenced documents.
|
|
</t>
|
|
|
|
</section>
|
|
|
|
<section anchor="IANA" title="IANA Considerations">
|
|
|
|
<t>
|
|
None
|
|
</t>
|
|
|
|
</section>
|
|
|
|
</middle>
|
|
|
|
<back>
|
|
|
|
<references title="Normative References">
|
|
<?rfc include="reference.RFC.2119.xml"?>
|
|
<?rfc include="reference.RFC.4271.xml"?>
|
|
<?rfc include="reference.RFC.6482.xml"?>
|
|
<?rfc include="reference.RFC.6811.xml"?>
|
|
<?rfc include="reference.RFC.7313.xml"?>
|
|
<?rfc include="reference.RFC.8174.xml"?>
|
|
<?rfc include="reference.RFC.8481.xml"?>
|
|
<?rfc include="reference.I-D.ietf-sidrops-8210bis.xml"?>
|
|
</references>
|
|
|
|
<references title="Informative References">
|
|
<?rfc include="reference.RFC.6480.xml"?>
|
|
</references>
|
|
|
|
<section anchor="Acknowledgements" title="Acknowledgements">
|
|
|
|
<t>
|
|
The authors wish to thank Philip Smith and Mark Tinka.
|
|
</t>
|
|
|
|
</section>
|
|
|
|
</back>
|
|
|
|
</rfc>
|