The OTC Attribute is an optional transitive Path Attribute of the UPDATE message with Attribute Type Code 35 and a length of 4 octets. The purpose of this attribute is to enforce that once a route is sent to a Customer, a Peer, or an RS-Client (see definitions in Section 3.1
), it will subsequently go only to the Customers. The attribute value is an AS number (ASN) determined by the procedures described below.
The following ingress procedure applies to the processing of the OTC Attribute on route receipt:
If a route with the OTC Attribute is received from a Customer or an RS-Client, then it is a route leak and MUST be considered ineligible (see Section 3).
If a route with the OTC Attribute is received from a Peer (i.e., remote AS with a Peer Role) and the Attribute has a value that is not equal to the remote (i.e., Peer's) AS number, then it is a route leak and MUST be considered ineligible.
If a route is received from a Provider, a Peer, or an RS and the OTC Attribute is not present, then it MUST be added with a value equal to the AS number of the remote AS.
The following egress procedure applies to the processing of the OTC Attribute on route advertisement:
If a route is to be advertised to a Customer, a Peer, or an RS-Client (when the sender is an RS), and the OTC Attribute is not present, then when advertising the route, an OTC Attribute MUST be added with a value equal to the AS number of the local AS.
If a route already contains the OTC Attribute, it MUST NOT be propagated to Providers, Peers, or RSes.
The above-described procedures provide both leak prevention for the local AS and leak detection and mitigation multiple hops away. In the case of prevention at the local AS, the presence of an OTC Attribute indicates to the egress router that the route was learned from a Peer, a Provider, or an RS, and it can be advertised only to the Customers. The same OTC Attribute that is set locally also provides a way to detect route leaks by an AS multiple hops away if a route is received from a Customer, a Peer, or an RS-Client. For example, if an AS sets the OTC Attribute on a route sent to a Peer and the route is subsequently received by a compliant AS from a Customer, then the receiving AS detects (based on the presence of the OTC Attribute) that the route is a leak.
The OTC Attribute might be set at the egress of the remote AS or at the ingress of the local AS, i.e., if the remote AS is non-compliant with this specification, then the local AS will have to set the OTC Attribute if it is absent. In both scenarios, the OTC value will be the same. This makes the scheme more robust and benefits early adopters.
The OTC Attribute is considered malformed if the length value is not 4. An UPDATE message with a malformed OTC Attribute SHALL
be handled using the approach of "treat-as-withdraw" [RFC 7606
The BGP Role negotiation and OTC-Attribute-based procedures specified in this document are NOT RECOMMENDED
to be used between autonomous systems in an AS Confederation [RFC 5065
]. If an OTC Attribute is added on egress from the AS Confederation, its value MUST
equal the AS Confederation Identifier. Also, on egress from the AS Confederation, an UPDATE MUST NOT
contain an OTC Attribute with a value corresponding to any Member-AS Number other than the AS Confederation Identifier.
The procedures specified in this document in scenarios that use private AS numbers behind an Internet-facing ASN (e.g., a data-center network [RFC 7938
] or stub customer) may be used, but any details are outside the scope of this document. On egress from the Internet-facing AS, the OTC Attribute MUST NOT
contain a value other than the Internet-facing ASN.
Once the OTC Attribute has been set, it MUST
be preserved unchanged (this also applies to an AS Confederation).
The described ingress and egress procedures are applicable only for the address families AFI 1 (IPv4) and AFI 2 (IPv6) with SAFI 1 (unicast) in both cases and MUST NOT
be applied to other address families by default. The operator MUST NOT
have the ability to modify the procedures defined in this section.