I-D Action: draft-khare-idr-bgp-flowspec-payload-match-04.txt
internet-drafts@ietf.org Thu, 13 June 2019 17:19 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietf.org
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id A46351201CB for <i-d-announce@ietf.org>; Thu, 13 Jun 2019 10:19:07 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-khare-idr-bgp-flowspec-payload-match-04.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 6.97.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <156044634759.12590.2739002854488011619@ietfa.amsl.com>
Date: Thu, 13 Jun 2019 10:19:07 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/i-d-announce/VdkAvAi4KUy-bt-_eNluWAkuPXo>
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i-d-announce/>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Jun 2019 17:19:08 -0000
A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : BGP FlowSpec Payload Matching
Authors : Anurag Khare
John Scudder
Luay Jalil
Michael Gallagher
Kirill Kasavchenko
Filename : draft-khare-idr-bgp-flowspec-payload-match-04.txt
Pages : 13
Date : 2019-06-13
Abstract:
The rise in frequency, volume, and pernicious effects of DDoS attacks
has elevated them from fare for the specialist to generalist press.
Numerous reports detail the taxonomy of DDoS types, the varying
motivations of their attackers, as well as the resulting business and
reputation loss of their targets.
BGP FlowSpec (RFC 5575, "Dissemination of Flow Specification Rules")
can be used to rapidly disseminate filters that thwart attacks, being
particularly effective against the volumetric type. Operators can
use existing FlowSpec components to match on pre-defined packet
header fields. However recent enhancements to forwarding plane
filter implementations allow matches at arbitary locations within the
packet header and, to some extent, the payload. This capability can
be used to detect highly amplified attacks whose attack signature
remains relatively constant while values in the packet header vary,
as well as the burgeoning variety of tunneled traffic.
We define a new FlowSpec component, "Flexible Match Conditions", with
similar matching semantics to those of existing components. This
component will allow the operator to define bounded match conditions
using offsets and a variety of match types.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-khare-idr-bgp-flowspec-payload-match/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-khare-idr-bgp-flowspec-payload-match-04
https://datatracker.ietf.org/doc/html/draft-khare-idr-bgp-flowspec-payload-match-04
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-khare-idr-bgp-flowspec-payload-match-04
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
- I-D Action: draft-khare-idr-bgp-flowspec-payload-… internet-drafts