Protocol Action: 'BGP operations and security' to Best Current Practice (draft-ietf-opsec-bgp-security-07.txt)
The IESG <iesg-secretary@ietf.org> Mon, 08 December 2014 17:18 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B5E571AC409; Mon, 8 Dec 2014 09:18:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3wSeS7dqEzTf; Mon, 8 Dec 2014 09:18:11 -0800 (PST)
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 534581AC40F; Mon, 8 Dec 2014 09:18:06 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'BGP operations and security' to Best Current Practice (draft-ietf-opsec-bgp-security-07.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 5.7.4
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20141208171806.22046.40468.idtracker@ietfa.amsl.com>
Date: Mon, 08 Dec 2014 09:18:06 -0800
Archived-At: http://mailarchive.ietf.org/arch/msg/ietf-announce/UuUwcUd4vKO1mRssEi3_Q7WTyEY
Cc: opsec mailing list <opsec@ietf.org>, opsec chair <opsec-chairs@tools.ietf.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.15
Reply-To: ietf@ietf.org
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Dec 2014 17:18:12 -0000
The IESG has approved the following document: - 'BGP operations and security' (draft-ietf-opsec-bgp-security-07.txt) as Best Current Practice This document is the product of the Operational Security Capabilities for IP Network Infrastructure Working Group. The IESG contact persons are Joel Jaeggli and Benoit Claise. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-opsec-bgp-security/ Technical Summary BGP (Border Gateway Protocol) is the protocol almost exclusively used in the Internet to exchange routing information between network domains. Due to this central nature, it is important to understand the security measures that can and should be deployed to prevent accidental or intentional routing disturbances. This document describes measures to protect the BGP sessions itself (like TTL, TCP-AO, control plane filtering) and to better control the flow of routing information, using prefix filtering and automatization of prefix filters, max-prefix filtering, AS path filtering, route flap dampening and BGP community scrubbing. Working Group Summary Nothing particular to point out. The document and work contribution went smoothly without hiccups. Document Quality This Is an operational document describing best practices. The baseline of the document is the writing down of what successful BGP network implementations have deployed. Personnel Document Shepherd: Gunter Van de Velde Responsible Area director: Joel Jaeggli