I-D Action: draft-simpson-idr-flowspec-redirect-00.txt

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : Generalized Redirect Action in BGP Flow Specification Routes
	Author(s)       : Wim Henderickx
                          Adam Simpson
	Filename        : draft-simpson-idr-flowspec-redirect-00.txt
	Pages           : 6
	Date            : 2011-07-04

   Flowspec is an extension to BGP that allows for the dissemination of
   traffic flow specifications. This has several applications, but one
   of key interest to many network operators is network-wide
   distribution of traffic filtering rules as part of a threat
   mitigation strategy.

   Every flowspec route is effectively a rule, consisting of a matching
   part (encoded in the NLRI field) and an action part. The current
   standards support common filter actions including discard, rate
   limit, sample, etc. and all of these actions are encoded in BGP
   extended communities. For policy-based forwarding the current
   standards also define a redirect-to-VRF action (again encoded in a
   BGP extended community), but for some flowspec applications this can
   be complex to implement, particularly in networks where L3 VPNs are
   not prevalent.

   This draft proposes a generalized flowspec redirect action that
   allows a more complete set of policy-based forwarding actions to be
   signaled with a flowspec route. This generalized action is encoded in
   a BGP path attribute and uses a TLV-style encoding for future
   extensibility. Two redirect action TLVs are defined in this draft:
   one for redirecting matched packets towards a remote IPv4 destination
   and the other for redirecting matched packets towards a remote IPv6
   destination. Many routers already support these filter actions in the
   datapath and so the proposed flowspec extensions are simply filling a
   control plane gap.


A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-simpson-idr-flowspec-redirect-00.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-simpson-idr-flowspec-redirect-00.txt
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
[Index of Archives]     [IETF]     [IETF Discussion]     [Linux Kernel]

  Powered by Linux