< draft-woodyatt-ald-00.txt   draft-woodyatt-ald-01.txt >
IP Version 6 j h. woodyatt IP Version 6 j h. woodyatt
Internet-Draft Apple Internet-Draft Apple
Intended status: Standards Track May 8, 2007 Intended status: Standards Track June 6, 2007
Expires: November 9, 2007 Expires: December 8, 2007
Application Listener Discovery (ALD) for IPv6 Application Listener Discovery (ALD) for IPv6
draft-woodyatt-ald-00 draft-woodyatt-ald-01
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 34 skipping to change at page 1, line 34
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on November 9, 2007. This Internet-Draft will expire on December 8, 2007.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2007).
Abstract Abstract
This document specifies the protocol used by IPv6 nodes comprising This document specifies the protocol used by IPv6 nodes comprising
stateful packet filters to discover the transport addresses of stateful packet filters to discover the transport addresses of
listening applications (that is, application endpoints for which listening applications (that is, application endpoints for which
skipping to change at page 2, line 23 skipping to change at page 2, line 23
3.2. Listener Discovery . . . . . . . . . . . . . . . . . . . . 6 3.2. Listener Discovery . . . . . . . . . . . . . . . . . . . . 6
3.3. Firewall Reset Detection . . . . . . . . . . . . . . . . . 6 3.3. Firewall Reset Detection . . . . . . . . . . . . . . . . . 6
3.4. Application Programming Interface . . . . . . . . . . . . 6 3.4. Application Programming Interface . . . . . . . . . . . . 6
4. OPTION FORMATS . . . . . . . . . . . . . . . . . . . . . . . . 7 4. OPTION FORMATS . . . . . . . . . . . . . . . . . . . . . . . . 7
4.1. Firewall Discovery Router Advertisement Option . . . . . . 7 4.1. Firewall Discovery Router Advertisement Option . . . . . . 7
5. MESSAGE FORMATS . . . . . . . . . . . . . . . . . . . . . . . 8 5. MESSAGE FORMATS . . . . . . . . . . . . . . . . . . . . . . . 8
5.1. Firewall Solicitation . . . . . . . . . . . . . . . . . . 9 5.1. Firewall Solicitation . . . . . . . . . . . . . . . . . . 9
5.2. Firewall Advertisement . . . . . . . . . . . . . . . . . . 10 5.2. Firewall Advertisement . . . . . . . . . . . . . . . . . . 10
5.3. Listener Address Specifier . . . . . . . . . . . . . . . . 11 5.3. Listener Address Specifier . . . . . . . . . . . . . . . . 11
5.3.1. All Protocols Listener Address Specifier . . . . . . . 12 5.3.1. All Protocols Listener Address Specifier . . . . . . . 12
5.3.2. Encapsulating Security Payload Listener Address 5.3.2. All Specific Protocol Listener Address Specifier . . . 12
Specifier . . . . . . . . . . . . . . . . . . . . . . 12 5.3.3. Encapsulating Security Payload Listener Address
5.3.3. TCP Listener Address Specifier . . . . . . . . . . . . 12 Specifier . . . . . . . . . . . . . . . . . . . . . . 13
5.3.4. UDP Listener Address Specifier . . . . . . . . . . . . 13 5.3.4. TCP Listener Address Specifier . . . . . . . . . . . . 13
5.4. Listener Notification . . . . . . . . . . . . . . . . . . 13 5.3.5. UDP Listener Address Specifier . . . . . . . . . . . . 14
5.5. Listener Acknowledgement . . . . . . . . . . . . . . . . . 14 5.3.6. SCTP Listener Address Specifier . . . . . . . . . . . 14
6. APPLICATION PROGRAMMING INTERFACE . . . . . . . . . . . . . . 16 5.3.7. DCCP Listener Address Specifier . . . . . . . . . . . 15
7. IANA CONSIDERATIONS . . . . . . . . . . . . . . . . . . . . . 16 5.4. Listener Notification . . . . . . . . . . . . . . . . . . 16
8. SECURITY CONSIDERATIONS . . . . . . . . . . . . . . . . . . . 16 5.5. Listener Acknowledgement . . . . . . . . . . . . . . . . . 17
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17 6. APPLICATION PROGRAMMING INTERFACE . . . . . . . . . . . . . . 18
9.1. Normative References . . . . . . . . . . . . . . . . . . . 17 7. IANA CONSIDERATIONS . . . . . . . . . . . . . . . . . . . . . 18
9.2. Informative References . . . . . . . . . . . . . . . . . . 17 8. SECURITY CONSIDERATIONS . . . . . . . . . . . . . . . . . . . 18
Appendix A. Additional Stuff . . . . . . . . . . . . . . . . . . 17 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 18 9.1. Normative References . . . . . . . . . . . . . . . . . . . 19
Intellectual Property and Copyright Statements . . . . . . . . . . 19 9.2. Informative References . . . . . . . . . . . . . . . . . . 19
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 20
A.1. draft-woodyatt-ald-00 to draft-woodyatt-ald-01 . . . . . . 20
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 20
Intellectual Property and Copyright Statements . . . . . . . . . . 22
1. INTRODUCTION 1. INTRODUCTION
In "Local Network Protection for IPv6" [IPv6-NAP], IETF recommends In "Local Network Protection for IPv6" [IPv6-NAP], IETF recommends
'simple security' capabilities for residential and small office 'simple security' capabilities for residential and small office
gateways that prohibit, by default, all inbound traffic except those gateways that prohibit, by default, all inbound traffic except those
packets returning as part of locally initiated outbound flows. It packets returning as part of locally initiated outbound flows. It
further recommends "an easy interface which allows users to create further recommends "an easy interface which allows users to create
inbound 'pinholes' for specific purposes such as online gaming." inbound 'pinholes' for specific purposes such as online gaming."
skipping to change at page 9, line 48 skipping to change at page 9, line 48
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum | | Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: TBD. Assigned by IANA to ALD messages. Type: TBD. Assigned by IANA to ALD messages.
Code: 1. Code: 1.
Checksum: Checksum:
Used to detect data corruption in the ICMPv6 message and ICMPv6 checksum.
parts of the IPv6 header.
EXPERIMENTAL: Nodes operating in experimental mode MAY send the EXPERIMENTAL: Nodes operating in experimental mode MAY send the
Experimental Firewall Solicitation message, i.e. the same message Experimental Firewall Solicitation message, i.e. the same message
except with type value 100 as defined in "Internet Control Message except with type value 100 as defined in "Internet Control Message
Protocol (ICMPv6)" [RFC4443] for use in experimental protocols, and Protocol (ICMPv6)" [RFC4443] for use in experimental protocols, and
the four octet code 0x6161706c appended after the checksum. Nodes the four octet code 0x6161706c appended after the checksum. Nodes
MUST NOT send Experimental Firewall Solicitation messages to MUST NOT send Experimental Firewall Solicitation messages to
destination addresses received in the regular Firewall Discovery destination addresses received in the regular Firewall Discovery
Option. Option.
skipping to change at page 10, line 44 skipping to change at page 10, line 43
| | | |
+ + + +
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type: TBD. Assigned by IANA to ALD messages. Type: TBD. Assigned by IANA to ALD messages.
Code: 2. Code: 2.
Checksum: Checksum:
Used to detect data corruption in the ICMPv6 message and ICMPv6 checksum.
parts of the IPv6 header.
Elapsed Time Since Reset: Elapsed Time Since Reset:
Number of elapsed seconds since the firewall state was last Number of elapsed seconds since the firewall state was last
reset. reset.
IPL: The length of the interior prefix. Values less than 48 are IPL: The length of the interior prefix. Values less than 48 are
reserved. Senders MUST NOT use them, and receivers MUST NOT reserved. Senders MUST NOT use them, and receivers MUST NOT
process any messages that contain them. (Note: the width of process any messages that contain them. (Note: the width of
this field is seven bits.) this field is seven bits.)
skipping to change at page 11, line 45 skipping to change at page 11, line 45
address, i.e. FF08::114, instead of the All Nodes address. Nodes address, i.e. FF08::114, instead of the All Nodes address. Nodes
MUST NOT send Experimental Firewall Advertisement messages to any MUST NOT send Experimental Firewall Advertisement messages to any
other multicast destination. other multicast destination.
5.3. Listener Address Specifier 5.3. Listener Address Specifier
Listener Notification and Listener Acknowledgement messages (see Listener Notification and Listener Acknowledgement messages (see
below) each contain Listener Address Specifier elements. These are below) each contain Listener Address Specifier elements. These are
structured data that describe the transport layer component of a structured data that describe the transport layer component of a
listener address that firewalls are expected to filter, e.g. TCP and listener address that firewalls are expected to filter, e.g. TCP and
UDP ports, etc. UDP ports, etc. As a general rule, this protocol number is expected
to match the upper-layer-protocol of the outer-most IPv6 header
(including all its extension headers). See "Internet Protocol,
Version 6" [RFC2460] for details.
The first octet of any Listener Address Specifier is an Internet The first octet of any Listener Address Specifier is an Internet
protocol number. Subtypes are defined for some protocols below. All protocol number, which serves as the type discriminator for a variant
other subtypes not defined in this document are reserved for future subtype of Listener Address Specifier elements.
specification. Nodes MUST NOT send Listener Address Specifiers
except for protocols defined in this document. Nodes MUST NOT Nodes MUST NOT send Listener Address Specifiers with protocol numbers
process any messages with Listener Address Specifiers other than assigned for identifying IPv6 extension headers.
those defined in this document.
5.3.1. All Protocols Listener Address Specifier 5.3.1. All Protocols Listener Address Specifier
Nodes notify firewalls that inbound flow initiations are expected by Nodes notify firewalls that inbound flow initiations are expected by
sending a Listener Notification message with the All Protocols sending a Listener Notification message with the All Protocols
Listener Address Specifier. This is a single octet with the IPv6 Listener Address Specifier. This is a single octet with all zero
protocol number in it, followed by a reserved field of three octets. bits, followed by a reserved field of three octets.
All Protocols Listener Address Specifier All Protocols Listener Address Specifier
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 41 | Reserved | | 00 | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved: Reserved:
This field is unused. It MUST be initialized to zero by the This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver. sender and MUST be ignored by the receiver.
5.3.2. Encapsulating Security Payload Listener Address Specifier Note: the value of zero is used here for specifying all protocols,
even though it is used in IPv6 for specifying hop-by-hop options.
Nodes notify firewalls of that inbound Encapsulating Security Payload 5.3.2. All Specific Protocol Listener Address Specifier
(ESP) flows are expected by sending a Listener Notification message
with the Encapsulating Security Payload Listener Address Specifier. Nodes notify firewalls that all inbound flow initiations for a
This is a single octet with the ESP protocol number in it, followed specific upper-layer protocol are expected by sending a Listener
by a reserved field of three octets. Notification message with an All Specific Protocol Listener Address
Specifier. This is a single octet with the protocol number, followed
by three octets of zeroes.
All Specific Protocol Listener Address Specifier
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Protocol | 000000 |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Protocol:
The upper-layer protocol number.
Nodes MUST NOT send All Specific Protocol Listener Address Specifier
elements with protocol numbers reserved for IPv6 header extensions in
the Protocol field.
Nodes MUST NOT send All Specific Protocol Listener Address Specifier
elements with 255 in the Protocol field.
5.3.3. Encapsulating Security Payload Listener Address Specifier
Nodes notify firewalls of that inbound IP Encapsulating Security
Payload (ESP) flows [RFC4303] are expected by sending a Listener
Notification message with the Encapsulating Security Payload Listener
Address Specifier. This is a single octet with the ESP protocol
number in it, followed by a reserved field of three octets.
Encapsulating Security Payload Listener Address Specifier Encapsulating Security Payload Listener Address Specifier
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 50 | Reserved | | 50 | Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| SPI |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved: Reserved:
This field is unused. It MUST be initialized to zero by the This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver. sender and MUST be ignored by the receiver.
5.3.3. TCP Listener Address Specifier SPI: Security Parameter Index for inbound flow.
Nodes notify firewalls that inbound TCP connections are expected by An ESP Listener Address Specifier with a value of all zero octets in
sending a Listener Notification message with the TCP Listener Address the SPI field is equivalent to the All Specific Protocol Listener
Specifier. This is a single octet with the TCP protocol number in Address Specifier with the ESP protocol number in the Protocol field.
it, followed by a reserved octet, followed by the TCP port number for
the application endpoint. 5.3.4. TCP Listener Address Specifier
Nodes notify firewalls that inbound Transmission Control Protocol
(TCP) connections [RFC0793] are expected by sending a Listener
Notification message with the TCP Listener Address Specifier. This
is a single octet with the TCP protocol number in it, followed by a
reserved octet, followed by the TCP port number for the application
endpoint.
TCP Listener Address Specifier TCP Listener Address Specifier
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 6 | Reserved | TCP Port Number | | 6 | Reserved | TCP Port Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved: Reserved:
This field is unused. It MUST be initialized to zero by the This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver. sender and MUST be ignored by the receiver.
TCP Port Number: TCP Port Number:
The TCP port for the application endpoint. The TCP port for the application endpoint.
5.3.4. UDP Listener Address Specifier A value of zero in the TCP Port Number field indicates all TCP flows.
This is identical to the All Specific Protocol Listener Address
Specifier for TCP.
Nodes notify firewalls that inbound flow initiations are expected by 5.3.5. UDP Listener Address Specifier
sending a Listener Notification message with the UDP Listener Address
Specifier. This is a single octet with the UDP protocol number in Nodes notify firewalls that inbound User Datagram Protocol (UDP) flow
it, followed by a reserved octet, followed by the UDP port number for initiations [RFC0768] are expected by sending a Listener Notification
the application endpoint. message with the UDP Listener Address Specifier. This is a single
octet with the UDP protocol number in it, followed by a reserved
octet, followed by the UDP port number for the application endpoint.
UDP Listener Address Specifier UDP Listener Address Specifier
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 17 | Reserved | UDP Port Number | | 17 | Reserved | UDP Port Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved: Reserved:
This field is unused. It MUST be initialized to zero by the This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver. sender and MUST be ignored by the receiver.
UDP Port Number: UDP Port Number:
The TCP port for the application endpoint. The UDP port for the application endpoint.
A value of zero in the UDP Port Number field indicates all UDP flows.
This is identical to the All Specific Protocol Listener Address
Specifier for UDP.
5.3.6. SCTP Listener Address Specifier
Nodes notify firewalls that inbound Stream Control Transport Protocol
(SCTP) flow initiations [RFC2960] are expected by sending a Listener
Notification message with the SCTP Listener Address Specifier. This
is a single octet with the SCTP protocol number in it, followed by a
reserved octet, followed by the SCTP port number for the application
endpoint.
SCTP Listener Address Specifier
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 132 | Reserved | SCTP Port Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved:
This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
UDP Port Number:
The SCTP port for the application endpoint.
A value of zero in the SCTP Port Number field indicates all SCTP
flows. This is identical to the All Specific Protocol Listener
Address Specifier for SCTP.
5.3.7. DCCP Listener Address Specifier
Nodes notify firewalls that inbound Datagram Congestion Control
Protocol (DCCP) flow initiations [RFC4340] are expected by sending a
Listener Notification message with the DCCP Listener Address
Specifier. This is a single octet with the DCCP protocol number in
it, followed by a reserved octet, followed by the DCCP port number
for the application endpoint.
DCCP Listener Address Specifier
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| 33 | Reserved | DCCP Port Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Reserved:
This field is unused. It MUST be initialized to zero by the
sender and MUST be ignored by the receiver.
UDP Port Number:
The DCCP port for the application endpoint.
A value of zero in the DCCP Port Number field indicates all DCCP
flows. This is identical to the All Specific Protocol Listener
Address Specifier for DCCP.
5.4. Listener Notification 5.4. Listener Notification
When a node expects to receive inbound flows from the exterior of a When a node expects to receive inbound flows from the exterior of a
firewall, it MAY send a Listener Notification message to signal that firewall, it MAY send a Listener Notification message to signal that
inbound flow initiations should not be prohibited. inbound flow initiations should not be prohibited.
Listener Notification Listener Notification
0 1 2 3 0 1 2 3
skipping to change at page 14, line 22 skipping to change at page 16, line 28
| Expected Duration | | Expected Duration |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Listener Address Specifier | Listener Address Specifier
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ...
Type: TBD. Assigned by IANA to ALD messages. Type: TBD. Assigned by IANA to ALD messages.
Code: 3. Code: 3.
Checksum: Checksum:
Used to detect data corruption in the ICMPv6 message and ICMPv6 checksum.
parts of the IPv6 header.
Expected Duration: Expected Duration:
The number of seconds the application expects to be The number of seconds the application expects to be
listening. listening.
Listener Address Specifier: Listener Address Specifier:
Describes the transport address of the application listener. Describes the transport address of the application listener.
See Section 5.3. See Section 5.3.
Nodes MUST NOT send Listener Notification messages on any network to Nodes MUST NOT send Listener Notification messages on any network to
skipping to change at page 15, line 24 skipping to change at page 17, line 29
| Acknowledged Duration | | Acknowledged Duration |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Listener Address Specifier | Listener Address Specifier
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ... +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ...
Type: TBD. Assigned by IANA to ALD messages. Type: TBD. Assigned by IANA to ALD messages.
Code: 4. Code: 4.
Checksum: Checksum:
Used to detect data corruption in the ICMPv6 message and ICMPv6 checksum.
parts of the IPv6 header.
Elapsed Time Since Reset: Elapsed Time Since Reset:
Number of elapsed seconds since the firewall state was last Number of elapsed seconds since the firewall state was last
reset. reset.
Acknowledged Duration: Acknowledged Duration:
The number of seconds the firewall acknowledges the node will The number of seconds the firewall acknowledges the node will
be listening. be listening.
Listener Address Specifier: Listener Address Specifier:
skipping to change at page 17, line 4 skipping to change at page 19, line 8
appropriate method for addressing such issues. An argument might be appropriate method for addressing such issues. An argument might be
entertained for protecting the privacy of Listener Notification and entertained for protecting the privacy of Listener Notification and
Acknowledgement messages, and the author likewise believes IPsec Acknowledgement messages, and the author likewise believes IPsec
Encapsulating Security Payload is the appropriate method for that. Encapsulating Security Payload is the appropriate method for that.
Key exchange for such security mechanisms should be specified by this Key exchange for such security mechanisms should be specified by this
document if IETF consensus regards addressing these considerations as document if IETF consensus regards addressing these considerations as
essential. essential.
All drafts are required to have a security considerations section. All drafts are required to have a security considerations section.
See "Guidelines for Writing RFC Text on Security Considerations" See "Guidelines for Writing RFC Text on Security Considerations"
[RFC3552] for a guide. [RFC3552] for a guide.
9. References 9. References
9.1. Normative References 9.1. Normative References
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
August 1980.
[RFC0793] Postel, J., "Transmission Control Protocol", STD 7,
RFC 793, September 1981.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6
(IPv6) Specification", RFC 2460, December 1998.
[RFC2960] Stewart, R., Xie, Q., Morneault, K., Sharp, C.,
Schwarzbauer, H., Taylor, T., Rytina, I., Kalla, M.,
Zhang, L., and V. Paxson, "Stream Control Transmission
Protocol", RFC 2960, October 2000.
[RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)",
RFC 4303, December 2005.
[RFC4340] Kohler, E., Handley, M., and S. Floyd, "Datagram
Congestion Control Protocol (DCCP)", RFC 4340, March 2006.
[RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control [RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control
Message Protocol (ICMPv6) for the Internet Protocol Message Protocol (ICMPv6) for the Internet Protocol
Version 6 (IPv6) Specification", RFC 4443, March 2006. Version 6 (IPv6) Specification", RFC 4443, March 2006.
[RFC4727] Fenner, B., "Experimental Values In IPv4, IPv6, ICMPv4, [RFC4727] Fenner, B., "Experimental Values In IPv4, IPv6, ICMPv4,
ICMPv6, UDP, and TCP Headers", RFC 4727, November 2006. ICMPv6, UDP, and TCP Headers", RFC 4727, November 2006.
9.2. Informative References 9.2. Informative References
[I-D.narten-iana-considerations-rfc2434bis] [I-D.narten-iana-considerations-rfc2434bis]
skipping to change at page 17, line 48 skipping to change at page 20, line 24
[RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC [RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC
Text on Security Considerations", BCP 72, RFC 3552, Text on Security Considerations", BCP 72, RFC 3552,
July 2003. July 2003.
[UPnP-IGD] [UPnP-IGD]
UPnP Forum, "Universal Plug and Play Internet Gateway UPnP Forum, "Universal Plug and Play Internet Gateway
Device Standardized Gateway Device Protocol", Device Standardized Gateway Device Protocol",
September 2006, September 2006,
<http://www.upnp.org/standardizeddcps/igd.asp>. <http://www.upnp.org/standardizeddcps/igd.asp>.
Appendix A. Additional Stuff Appendix A. Change Log
This becomes an appendix, in the event one is required. A.1. draft-woodyatt-ald-00 to draft-woodyatt-ald-01
o Added geeky cross-references for TCP and UDP.
o Simplified description of ICMPv6 checksum field descriptions.
o Changed the All Protocols Listener Address Specifier to use zero
instead of 41, so that IPv6-in-IPv6 is eligible for specification.
o Added the SPI field to the ESP Listener Address Specifier.
o Added a note about zero UDP and TCP port numbers in the associated
Listener Address Specifiers.
o Added Listener Address Specifiers for SCTP and DCCP.
o Added the All Specific Protocol Listener Address Specifier element
and changed the associated requirements langauge to allow nodes to
send them, and to explicitly disallow protocol numbers
corresponding to IPv6 header extensions and the reserved protocol
number.
Author's Address Author's Address
james woodyatt james woodyatt
Apple Inc. Apple Inc.
1 Infinite Loop 1 Infinite Loop
Cupertino, CA 95014 Cupertino, CA 95014
US US
Email: jhw@apple.com Email: jhw@apple.com
 End of changes. 25 change blocks. 
59 lines changed or deleted 202 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/