Problem Definition and Classification of BGP Route Leaks
RFC 7908
Internet Engineering Task Force (IETF) K. Sriram
Request for Comments: 7908 D. Montgomery
Category: Informational US NIST
ISSN: 2070-1721 D. McPherson
E. Osterweil
Verisign, Inc.
B. Dickson
June 2016
Problem Definition and Classification of BGP Route Leaks
Abstract
A systemic vulnerability of the Border Gateway Protocol routing
system, known as "route leaks", has received significant attention in
recent years. Frequent incidents that result in significant
disruptions to Internet routing are labeled route leaks, but to date
a common definition of the term has been lacking. This document
provides a working definition of route leaks while keeping in mind
the real occurrences that have received significant attention.
Further, this document attempts to enumerate (though not
exhaustively) different types of route leaks based on observed events
on the Internet. The aim is to provide a taxonomy that covers
several forms of route leaks that have been observed and are of
concern to the Internet user community as well as the network
operator community.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are a candidate for any level of Internet
Standard; see Section 2 of RFC 7841.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7908.
Sriram, et al. Informational [Page 1]
RFC 7908 Route-Leak Problem Definition June 2016
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Working Definition of Route Leaks . . . . . . . . . . . . . . 3
3. Classification of Route Leaks Based on Documented Events . . 4
3.1. Type 1: Hairpin Turn with Full Prefix . . . . . . . . . . 4
3.2. Type 2: Lateral ISP-ISP-ISP Leak . . . . . . . . . . . . 5
3.3. Type 3: Leak of Transit-Provider Prefixes to Peer . . . . 5
3.4. Type 4: Leak of Peer Prefixes to Transit Provider . . . . 5
3.5. Type 5: Prefix Re-origination with Data Path to
Legitimate Origin . . . . . . . . . . . . . . . . . . . . 6
3.6. Type 6: Accidental Leak of Internal Prefixes and More-
Specific Prefixes . . . . . . . . . . . . . . . . . . . . 6
4. Additional Comments about the Classification . . . . . . . . 7
5. Security Considerations . . . . . . . . . . . . . . . . . . . 7
6. Informative References . . . . . . . . . . . . . . . . . . . 7
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11
Sriram, et al. Informational [Page 2]
RFC 7908 Route-Leak Problem Definition June 2016
1. Introduction
Frequent incidents [Huston2012] [Cowie2013] [Toonk2015-A]
[Toonk2015-B] [Cowie2010] [Madory] [Zmijewski] [Paseka] [LRL] [Khare]
that result in significant disruptions to Internet routing are
commonly called "route leaks". Examination of the details of some of
these incidents reveals that they vary in their form and technical
details. In order to pursue solutions to "the route-leak problem" it
is important to first provide a clear, technical definition of the
problem and enumerate its most common forms. Section 2 provides a
working definition of route leaks, keeping in view many recent
Show full document text