Extending RPSL: IPv6, multicast, … Presented by João Damas RIPE NCC João Damas . APRICOT 2002 , March 2002, Bangkok . http://www.ripe.net.

Download Report

Transcript Extending RPSL: IPv6, multicast, … Presented by João Damas RIPE NCC João Damas . APRICOT 2002 , March 2002, Bangkok . http://www.ripe.net. 

Extending RPSL:
IPv6, multicast, …
Presented by
João Damas
RIPE NCC
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
1
http://www.ripe.net
Outline
•
•
•
•
•
Introduction
Requirements
First proposal
Second proposal
Questions
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
2
http://www.ripe.net
Introduction
• RPSL (RFC 2622).
– Allows flexible specification of routing policies
– Is defined only for IPv4 unicast routing
– Allows limited future expandability
• More and more we hear requests to extend RPSL
to be able to describe multicast and/or IPv6 routing
policies.
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
3
http://www.ripe.net
Requirements
• Describe policy for multiple protocols
– IPv6
– Multicast
• Minimise increase in complexity, especially for
users
• Take into account compatibility with existing tools
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
4
http://www.ripe.net
First draft
• Described in draft-parent-multiprotocol-rpsl-00.txt
(which supersedes draft-parent-ipv6-rpsl-00.txt)
• Presented at RIPE 41, January, Amsterdam
• Intention is to jumpstart the process of expanding
RPSL.
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
5
http://www.ripe.net
draft-parent-multiprotocol-rpsl-00
(1)
• Introduces new address families
[afi <address-family>] <address-prefix>
where:
<address-family> = enum[ipv4, ipv6, ipv4-multicast, ipv6-multicast]
The afi <address-family> syntax may be omitted under some
circumstances, if appropriate defaults are defined.
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
6
http://www.ripe.net
draft-parent-multiprotocol-rpsl-00
(2)
• Route class
route: 10.0.0.0/8
origin: AS1
route: afi ipv4 10.0.0.0/6
origin: AS1
route: afi ipv6 3ffe:ffff::/28
origin: AS1
• Route-set class
route-set: ipv6-martians
members: afi ipv6 ff00::/8
members: afi ipv6 fe80::/10
…
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
7
http://www.ripe.net
draft-parent-multiprotocol-rpsl-00
(3)
• Peering-set class
peering-set: AS1-v6
peering: AS1 afi ipv6 3ffe:ffff::1 at afi ipv6 3ffe:ffff::2
• Autnum
– Extend dictionary to define
– afi (IPv4, IPv6)
address family
– safi (unicast, multicast)
subsequent address family
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
8
http://www.ripe.net
draft-parent-multiprotocol-rpsl-00
(4)
import:
[protocol <protocol> [afi(address-family)
safi(subsequent-address-family)]]
[into protocol <protocol>]
from <peering> [action <action>]
accept <filter>
export:
[protocol <protocol> [afi(address-family)]
safi(subsequent-address-family)]]
[into protocol <protocol>]
to <peering> [action <action>]
announce <filter>
Example:
import: protocol BGP afi(ipv6), safi(unicast)
from AS1 afi ipv6 3ffe:ffff::1 at afi ipv6 3ffe:ffff::2
accept AS1:RS-PROVIDER
import: protocol BGP afi(ipv6), safi(unicast)
from AS1-v6
accept AS1:RS-PROVIDER
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
9
http://www.ripe.net
Comments on the draft
• More consideration needs to be given to
– currently available systems, both server and client side
• scripts will “choke” If they receive something like
route: afi ipv4 10.0.0.0/6
origin: AS1
route: afi ipv6 3ffe:ffff::/28
origin: AS1
– clarity for the user who needs to write and read the new RPSL
import: protocol BGP afi(ipv6), safi(unicast)
from AS1 afi ipv6 3ffe:ffff::1 at afi ipv6 3ffe:ffff::2
accept AS1:RS-PROVIDER
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
10
http://www.ripe.net
Second proposal (1)
• Recognise three main items in RPSL
– Objects where policy is described (autnum)
• May or may not be dependant on the address family.
– Objects identifying prefixes and their relationship to
ASNs (route)
• Fully dependant on the address family
– shorthand notation objects (as-set,route-set,filter-set)
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
11
http://www.ripe.net
Second proposal (2)
• Create new route6 class
route6: 3ffe:ffff::/28
origin: AS1
• Clearly separates address family representation.
• Allows for query level selection of returned results
and helps prevent current tools from facing
unexpected input.
• It also reflects server side representation
differences, since the prefix is a lookup key
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
12
http://www.ripe.net
Second proposal (3)
• autnum class
– option would be to define import6 and export6 attributes inside the
object.
– Separates policy items for different address families
– Is more clear for humans
– existing tools are not faced with unexpected data
Pitfall:
– May require duplication of policy if it is your IPv4 and IPv6 policies
are the same
– Is less elegant from a pure language perspective
• Other classes
– would follow the same pattern as for classes above
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
13
http://www.ripe.net
Questions?
João Damas
.
APRICOT 2002 , March 2002, Bangkok
.
14
http://www.ripe.net