Global Routing Operations J. Snijders Internet-Draft Fastly Updates: 7948 (if approved) S. Konstantaras Intended status: Best Current Practice AMS-IX Expires: 10 June 2025 M. Shivji LINX 7 December 2024 Recommendation to avoid use of BGP Extended Communities at Internet Exchange Route Servers draft-ietf-grow-ixp-ext-comms-01 Abstract This document outlines a recommendation to the Internet operational community to avoid the use of BGP Extended Communities at Internet Exchange Point (IXP) Route Servers. It includes guidance for both the Internet Service Provider side peering with Route Servers and IXPs operating Route Servers. This recommendation aims to help the global Internet routing system's performance and help protect Route Server participants against misconfigurations. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 10 June 2025. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Snijders, et al. Expires 10 June 2025 [Page 1] Internet-Draft Avoid Ext Comms December 2024 Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 2 3. Background . . . . . . . . . . . . . . . . . . . . . . . . . 2 4. Recommendation . . . . . . . . . . . . . . . . . . . . . . . 3 5. Changes to RFC7948 . . . . . . . . . . . . . . . . . . . . . 4 6. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 5 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 9.1. Normative References . . . . . . . . . . . . . . . . . . 5 9.2. Informative References . . . . . . . . . . . . . . . . . 5 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 1. Introduction This document outlines a recommendation to the Internet operational community to avoid the use of BGP Extended Communities [RFC4360] at Internet Exchange Point (IXP) Route Servers [RFC7947], [RFC7948]. It includes guidance for both the Internet Service Provider side peering with Route Servers and IXPs operating Route Servers. This recomendation aims to help the global Internet routing system's performance and help protect Route Server participants against misconfigurations. 2. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 3. Background The main use-case for Extended Communities are as Route Targets within VPN [RFC4364] deployments, but historically Extended Communities also have been used as an operational utility to signal requests to IXP Route Servers such as functionality to reduce propagation scope or request AS_PATH prepending. Snijders, et al. Expires 10 June 2025 [Page 2] Internet-Draft Avoid Ext Comms December 2024 Use of Extended Communities arose from a lack of support to fit 4-octet Autonomous System Numbers (ASNs) [RFC4893] in Classic BGP communities [RFC1997], thus operators improvised a method that could allow BGP signaling from IXP participants with 4-octet ASN. The 6-octet space for the Global and Local administrator part of the BGP Extended Community provides sufficient space for a single 4-octet ASN. However, the 6-octet space is not sufficient enough should a 4-octet ASN participant of an IXP want to send a signal to a 4-octet ASN Route Server or to another 4-octet ASN participant. Moreover, the flexibility to insert a 4-octet ASN either in the Global or the Local Administrator part, proved to bring extra complexity both in the BGP implementations and in the route propagation functions that are being triggered through BGP Extended Communities. Although, this method was widely considered to be an acceptable workaround for a period of time, a more robust and future proof solution was needed that could overcome the aforementioned obstacles. BGP Large communities [RFC8092] addressed the operational requirements for working with 4-octet ASNs in a variety of scenarios. With a total space of 12 octets divided into 3 separate fields, signalling between 2-octet ASNs and 4-octet ASNs, or 4-octet ASNs and 4-octet ASNs, making the use of BGP Extended Communities redundant. Since the introduction of BGP Large communities in 2017 - by now - virtually all BGP implementations have adopted this standard, making this feature usable in all public Internet deployments. At the moment of writing this recommendation, there are still IP Network and IXP operators that support BGP Extended Communities for IXP Route Server signaling purposes. However, supporting three flavors of BGP Communities (Classic, Large, and Extended) contribute to increased memory consumption, increased complexity in Routing Policies, and reduced stability of the Internet ecosystem as BGP speakers need to send a BGP UPDATE message every time any type of BGP Community is added, removed, or modified. As each and every BGP UPDATE message propagated and received requires CPU cycles for processing, any efforts that minimize the number of BGP UPDATE messages are advantageous for the routing system. The authors of this document posit that Extended Communities are superfluous in context of the existence of Large Communities. 4. Recommendation Route Server operators that match on route announcements with Extended Communities for 4-octet ASNs SHOULD replace these configurations with equivalent functionality implemented using Large Communities [RFC8092]. Snijders, et al. Expires 10 June 2025 [Page 3] Internet-Draft Avoid Ext Comms December 2024 As an additional recommendation, Route Server operators should communicate a clear timeline for their clients to transition from Extended to Large communities. Finally, operators of Internet Exchange Route Servers are RECOMMENDED to: * Scrub the BGP Extended Communities at the inbound direction which are intendend for L3VPN purposes. That concerns the Extended communities where the sub-type value has been set to 0x02 (Route Target). * Allow the rest of the BGP Extended Communities to transit transparently through the Route Servers. 5. Changes to RFC7948 This document updates Section 4.6.1 of [RFC7948] to replace all occurrences of BGP Extended Communities with BGP Large Communities, as defined in [RFC8092]. Old Text: Prefixes sent to the route server are tagged with specific standard BGP Communities [RFC1997] or Extended Communities [RFC4360] attributes, based on predefined values agreed between the operator and all clients. New Text: Prefixes sent to the route server are tagged with specific standard BGP Communities [RFC1997] or BGP Large Communities [RFC8092] attributes, based on predefined values agreed between the operator and all clients. Old Text: As both standard BGP Communities and Extended Communities values are restricted to 6 octets or fewer, it is not possible for both the global and local administrator fields in the BGP Communities value to fit a 4-octet AS number. New Text: As a standard BGP Communities value is restricted to a total of 4 octets, it is not possible for both the global and local administrator fields in the BGP Communities value to fit a 4-octet AS number. The Informative Reference to [RFC4360] in [RFC7948] is replaced with an Informative Reference to [RFC8092]. Snijders, et al. Expires 10 June 2025 [Page 4] Internet-Draft Avoid Ext Comms December 2024 6. Acknowledgments The authors would like to thank Jeffrey Haas, Nick Hilliard and Martin Pels for their useful feedback and suggestions during the review process through the GROW mailing list. 7. Security Considerations There are no security considerations accompanying this document. 8. IANA Considerations This document has no actions for IANA. 9. References 9.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC7948] Hilliard, N., Jasinska, E., Raszuk, R., and N. Bakker, "Internet Exchange BGP Route Server Operations", RFC 7948, DOI 10.17487/RFC7948, September 2016, . [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, . 9.2. Informative References [RFC1997] Chandra, R., Traina, P., and T. Li, "BGP Communities Attribute", RFC 1997, DOI 10.17487/RFC1997, August 1996, . [RFC4360] Sangli, S., Tappan, D., and Y. Rekhter, "BGP Extended Communities Attribute", RFC 4360, DOI 10.17487/RFC4360, February 2006, . [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February 2006, . Snijders, et al. Expires 10 June 2025 [Page 5] Internet-Draft Avoid Ext Comms December 2024 [RFC4893] Vohra, Q. and E. Chen, "BGP Support for Four-octet AS Number Space", RFC 4893, DOI 10.17487/RFC4893, May 2007, . [RFC7947] Jasinska, E., Hilliard, N., Raszuk, R., and N. Bakker, "Internet Exchange BGP Route Server", RFC 7947, DOI 10.17487/RFC7947, September 2016, . [RFC8092] Heitz, J., Ed., Snijders, J., Ed., Patel, K., Bagdonas, I., and N. Hilliard, "BGP Large Communities Attribute", RFC 8092, DOI 10.17487/RFC8092, February 2017, . Authors' Addresses Job Snijders Fastly, Inc. Amsterdam Netherlands Email: job@fastly.com Stavros Konstantaras Amsterdam Internet Exchange Amsterdam Netherlands Email: stavros.konstantaras@ams-ix.net Mo Shivji London Internet Exchange Ltd London United Kingdom Email: moyaze@linx.net Snijders, et al. Expires 10 June 2025 [Page 6]