idnits 2.17.1 draft-ietf-6man-flow-3697bis-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document obsoletes RFC3697, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document updates RFC2460, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document updates RFC2205, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC2205, updated by this document, for RFC5378 checks: 1997-09-01) (Using the creation date from RFC2460, updated by this document, for RFC5378 checks: 1997-07-30) -- The document seems to contain a disclaimer for pre-RFC5378 work, and may have content which was first submitted before 10 November 2008. The disclaimer is necessary when there are original authors that you have been unable to contact, or if some do not wish to grant the BCP78 rights to the IETF Trust. If you are able to get all authors (current and original) to grant those rights, you can and should remove the disclaimer; otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 29, 2011) is 4648 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) == Outdated reference: A later version (-03) exists of draft-gont-6man-flowlabel-security-01 -- Obsolete informational reference (is this intentional?): RFC 2629 (Obsoleted by RFC 7749) -- Obsolete informational reference (is this intentional?): RFC 3697 (Obsoleted by RFC 6437) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6MAN S. Amante 3 Internet-Draft Level 3 4 Obsoletes: 3697 (if approved) B. Carpenter 5 Updates: 2205, 2460 (if approved) Univ. of Auckland 6 Intended status: Standards Track S. Jiang 7 Expires: January 30, 2012 Huawei Technologies Co., Ltd 8 J. Rajahalme 9 Nokia Siemens Networks 10 July 29, 2011 12 IPv6 Flow Label Specification 13 draft-ietf-6man-flow-3697bis-07 15 Abstract 17 This document specifies the IPv6 Flow Label field and the minimum 18 requirements for IPv6 nodes labeling flows, IPv6 nodes forwarding 19 labeled packets, and flow state establishment methods. Even when 20 mentioned as examples of possible uses of the flow labeling, more 21 detailed requirements for specific use cases are out of scope for 22 this document. 24 The usage of the Flow Label field enables efficient IPv6 flow 25 classification based only on IPv6 main header fields in fixed 26 positions. 28 Status of this Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at http://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on January 30, 2012. 45 Copyright Notice 47 Copyright (c) 2011 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 This document may contain material from IETF Documents or IETF 61 Contributions published or made publicly available before November 62 10, 2008. The person(s) controlling the copyright in some of this 63 material may not have granted the IETF Trust the right to allow 64 modifications of such material outside the IETF Standards Process. 65 Without obtaining an adequate license from the person(s) controlling 66 the copyright in such materials, this document may not be modified 67 outside the IETF Standards Process, and derivative works of it may 68 not be created outside the IETF Standards Process, except to format 69 it for publication as an RFC or to translate it into languages other 70 than English. 72 Table of Contents 74 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 75 2. IPv6 Flow Label Specification . . . . . . . . . . . . . . . . 5 76 3. Flow Labeling Requirements in the Stateless Scenario . . . . . 6 77 4. Flow State Establishment Requirements . . . . . . . . . . . . 8 78 5. Essential correction to RFC 2205 . . . . . . . . . . . . . . . 8 79 6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 80 6.1. Covert Channel Risk . . . . . . . . . . . . . . . . . . . 9 81 6.2. Theft and Denial of Service . . . . . . . . . . . . . . . 10 82 6.3. IPsec and Tunneling Interactions . . . . . . . . . . . . . 11 83 6.4. Security Filtering Interactions . . . . . . . . . . . . . 12 84 7. Differences from RFC 3697 . . . . . . . . . . . . . . . . . . 12 85 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 86 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12 87 10. Change log [RFC Editor: Please remove] . . . . . . . . . . . . 13 88 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 89 11.1. Normative References . . . . . . . . . . . . . . . . . . . 14 90 11.2. Informative References . . . . . . . . . . . . . . . . . . 14 91 Appendix A. Example 20-bit Hash Function . . . . . . . . . . . . 15 92 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 16 94 1. Introduction 96 From the viewpoint of the network layer, a flow is a sequence of 97 packets sent from a particular source to a particular unicast, 98 anycast, or multicast destination that a node desires to label as a 99 flow. From an upper layer viewpoint, a flow could consist of all 100 packets in one direction of a specific transport connection or media 101 stream. However, a flow is not necessarily 1:1 mapped to a transport 102 connection. 104 Traditionally, flow classifiers have been based on the 5-tuple of the 105 source and destination addresses, ports, and the transport protocol 106 type. However, some of these fields may be unavailable due to either 107 fragmentation or encryption, or locating them past a chain of IPv6 108 extension headers may be inefficient. Additionally, if classifiers 109 depend only on IP layer headers, later introduction of alternative 110 transport layer protocols will be easier. 112 The usage of the 3-tuple of the Flow Label and the Source and 113 Destination Address fields enables efficient IPv6 flow 114 classification, where only IPv6 main header fields in fixed positions 115 are used. 117 The flow label could be used in both stateless and stateful 118 scenarios. A stateless scenario is one where any node that processes 119 the flow label in any way does not need to store any information 120 about a flow before or after a packet has been processed. A stateful 121 scenario is one where a node that processes the flow label value 122 needs to store information about the flow, including the flow label 123 value. A stateful scenario might also require a signaling mechanism 124 to inform downstream nodes that the flow label is being used in a 125 certain way and to establish flow state in the network. For example, 126 RSVP [RFC2205] and GIST [RFC5971] can signal flow label values. 128 The flow label can be used most simply in stateless scenarios. This 129 specification concentrates on the stateless model and how it can be 130 used as a default mechanism. Details of stateful models, signaling, 131 specific flow state establishment methods and their related service 132 models are out of scope for this specification. The basic 133 requirement for stateful models is set forth in Section 4. 135 The minimum level of IPv6 flow support consists of labeling the 136 flows. A specific goal is to enable and encourage the use of the 137 flow label for various forms of stateless load distribution, 138 especially across Equal Cost Multi-Path (EMCP) and/or Link 139 Aggregation Group (LAG) paths. ECMP and LAG are methods to bond 140 together multiple physical links used to procure the required 141 capacity necessary to carry an offered load greater than the 142 bandwidth of an individual physical link. Further details are in a 143 separate document [I-D.ietf-6man-flow-ecmp]. IPv6 source nodes 144 SHOULD be able to label known flows (e.g., TCP connections, 145 application streams), even if the node itself does not require any 146 flow-specific treatment. Node requirements for stateless flow 147 labeling are given in Section 3. 149 This document replaces [RFC3697] and Section 6 and Appendix A of 150 [RFC2460]. A rationale for the changes made is documented in 151 [I-D.ietf-6man-flow-update]. The present document also includes a 152 correction to [RFC2205] concerning the flow label. 154 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 155 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 156 "OPTIONAL" in this document are to be interpreted as described in 157 [RFC2119]. 159 2. IPv6 Flow Label Specification 161 The 20-bit Flow Label field in the IPv6 header [RFC2460] is used by a 162 node to label packets of a flow. A Flow Label of zero is used to 163 indicate packets that have not been labeled. Packet classifiers can 164 use the triplet of Flow Label, Source Address, and Destination 165 Address fields to identify which flow a particular packet belongs to. 166 Packets are processed in a flow-specific manner by nodes that are 167 able to do so in a stateless manner, or that have been set up with 168 flow-specific state. The nature of the specific treatment and the 169 methods for flow state establishment are out of scope for this 170 specification. 172 Flow label values should be chosen such that their bits exhibit a 173 high degree of variability, making them suitable for use as part of 174 the input to a hash function used in a load distribution scheme. At 175 the same time, third parties should be unlikely to be able to guess 176 the next value that a source of flow labels will choose. 178 In statistics, a discrete uniform distribution is defined as a 179 probability distribution in which each value in a given range of 180 equally spaced values (such as a sequence of integers) is equally 181 likely to be chosen as the next value. The values in such a 182 distribution exhibit both variability and unguessability. Thus, as 183 specified below in Section 3, an approximation to a discrete uniform 184 distribution is preferable as the source of flow label values. 185 Intentionally, there are no precise mathematical requirements placed 186 on the distribution or the method used to achieve such a 187 distribution. 189 Once set to a non-zero value, the Flow Label is expected to be 190 delivered unchanged to the destination node(s). A forwarding node 191 MUST either leave a non-zero flow label value unchanged, or change it 192 only for compelling operational security reasons as described in 193 Section 6.1. 195 There is no way to verify whether a flow label has been modified en 196 route or whether it belongs to a uniform distribution. Therefore, no 197 Internet-wide mechanism can depend mathematically on unmodified and 198 uniformly distributed flow labels; they have a "best effort" quality. 199 Implementers should be aware that the flow label is an unprotected 200 field that could have been accidentally or intentionally changed en 201 route (see Section 6). This leads to the following formal rule: 203 o Forwarding nodes such as routers and load distributors MUST NOT 204 depend only on Flow Label values being uniformly distributed. In 205 any usage such as a hash key for load distribution, the Flow Label 206 bits MUST be combined at least with bits from other sources within 207 the packet, so as to produce a constant hash value for each flow 208 and a suitable distribution of hash values across flows. 209 Typically the other fields used will be some or all components of 210 the usual 5-tuple. In this way, load distribution will still 211 occur even if the Flow Label values are poorly distributed. 213 Although uniformly distributed flow label values are recommended 214 below, and will always be helpful for load distribution, it is unsafe 215 to assume their presence in the general case, and the use case needs 216 to work even if the flow label value is zero. 218 As a general practice, packet flows should not be reordered, and the 219 use of the Flow Label field does not affect this. In particular, a 220 Flow label value of zero does not imply that reordering is 221 acceptable. 223 3. Flow Labeling Requirements in the Stateless Scenario 225 This section defines the minimum requirements for methods of setting 226 the flow label value within the stateless scenario of flow label 227 usage. 229 To enable Flow Label based classification, source nodes SHOULD assign 230 each unrelated transport connection and application data stream to a 231 new flow. A typical definition of a flow for this purpose is any set 232 of packets carrying the same 5-tuple {dest addr, source addr, 233 protocol, dest port, source port}. It should be noted that a source 234 node always has convenient and efficient access to this 5-tuple, 235 which is not always the case for nodes that subsequently forward the 236 packet. 238 It is desirable that flow label values should be uniformly 239 distributed to assist load distribution. It is therefore RECOMMENDED 240 that source hosts support the flow label by setting the flow label 241 field for all packets of a given flow to the same value chosen from 242 an approximation to a discrete uniform distribution. Both stateful 243 and stateless methods of assigning a value could be used, but it is 244 outside the scope of this specification to mandate an algorithm. The 245 algorithm SHOULD ensure that the resulting flow label values are 246 unique with high probability. However, if two simultaneous flows are 247 by chance assigned the same flow label value, and have the same 248 source and destination addresses, it simply means that they will 249 receive the same treatment throughout the network. As long as this 250 is a low probability event, it will not significantly affect load 251 distribution. 253 A possible stateless algorithm is to use a suitable 20 bit hash of 254 values from the IP packet's 5-tuple. A simple example hash function 255 is described in Appendix A. 257 An alternative approach is to use a pseudo-random number generator to 258 assign a flow label value for a given transport session; such a 259 method will require minimal local state to be kept at the source 260 node, by recording the flow label associated with each transport 261 socket. 263 Viewed externally, either of these approaches will produce values 264 that appear to be uniformly distributed and pseudo-random. 266 An implementation in which flow labels are assigned sequentially is 267 NOT RECOMMENDED, as it would then be simple for on-path observers to 268 guess the next value. 270 A source node which does not otherwise set the flow label MUST set 271 its value to zero. 273 A node that forwards a flow whose flow label value in arriving 274 packets is zero MAY change the flow label value. In that case, it is 275 RECOMMENDED that the forwarding node sets the flow label field for a 276 flow to a uniformly distributed value as just described for source 277 nodes. 279 o The same considerations apply as to source hosts setting the flow 280 label; in particular, the preferred case is that a flow is defined 281 by the 5-tuple. However, there are cases in which the complete 282 5-tuple for all packets is not readily available to a forwarding 283 node, in particular for fragmented packets. In such cases a flow 284 can be defined by fewer IPv6 header fields, typically using only 285 the 2-tuple {dest addr, source addr}. There are alternative 286 approaches that implementers could choose, such as: 287 * A forwarding node might use the 5-tuple to define a flow 288 whenever possible, but use the 2-tuple when the complete 289 5-tuple is not available. In this case, unfragmented and 290 fragmented packets belonging to the same transport session 291 would receive different flow label values, altering the effect 292 of subsequent load distribution based on the flow label. 293 * A forwarding node might use the 2-tuple to define a flow in all 294 cases. In this case, subsequent load distribution would be 295 based only on IP addresses. 296 o The option to set the flow label in a forwarding node, if 297 implemented, would presumably be of value in first-hop or ingress 298 routers. It might place a considerable per-packet processing load 299 on them, even if they adopted a stateless method of flow 300 identification and label assignment. However, it will not 301 interfere with host-to-router load sharing [RFC4311]. It needs to 302 be under the control of network managers, to avoid unwanted 303 processing load and any other undesirable effects. For this 304 reason it MUST be a configurable option, disabled by default. 306 The preceding rules taken together allow a given network to include 307 routers that set flow labels on behalf of hosts that do not do so. 308 The complications described explain why the principal recommendation 309 is that the source hosts should set the label. 311 4. Flow State Establishment Requirements 313 A node that sets the flow label MAY also take part in a flow state 314 establishment method that results in assigning specific treatments to 315 specific flows, possibly including signaling. Any such method MUST 316 NOT disturb nodes taking part in the stateless scenario just 317 described. Thus, any node that sets flow label values according to a 318 stateful scheme MUST choose labels that conform to Section 3 of the 319 present specification. Further details are not discussed in this 320 document. 322 5. Essential correction to RFC 2205 324 [RFC2460] reduced the size of the flow label field from 24 to 20 325 bits. The references to a 24 bit flow label field on pages 87 and 88 326 of [RFC2205] are updated accordingly. 328 6. Security Considerations 330 This section considers security issues raised by the use of the Flow 331 Label, including the potential for denial-of-service attacks, and the 332 related potential for theft of service by unauthorized traffic 333 (Section 6.2). Section 6.3 addresses the use of the Flow Label in 334 the presence of IPsec including its interaction with IPsec tunnel 335 mode and other tunneling protocols. We also note that inspection of 336 unencrypted Flow Labels may allow some forms of traffic analysis by 337 revealing some structure of the underlying communications. Even if 338 the flow label were encrypted, its presence as a constant value in a 339 fixed position might assist traffic analysis and cryptoanalysis. 341 The flow label is not protected in any way, even if IPsec 342 authentication [RFC4302] is in use, so it can be forged by an on-path 343 attacker. Implementers are advised that any en-route change to the 344 flow label value is undetectable. On the other hand, a uniformly 345 distributed pseudo-random flow label cannot be readily guessed by an 346 attacker; see [I-D.gont-6man-flowlabel-security] for further 347 discussion. If a hash algorithm is used, as suggested in Section 3, 348 it SHOULD include a step that makes the flow-label value 349 significantly difficult to predict [RFC4086], even with knowledge of 350 the algorithm being used. 352 6.1. Covert Channel Risk 354 The flow label could be used as a covert data channel, since 355 apparently pseudo-random flow label values could in fact consist of 356 covert data [NSA]. This could for example be achieved using a series 357 of otherwise innocuous UDP packets whose flow label values constitute 358 a covert message, or by co-opting a TCP session to carry a covert 359 message in the flow labels of successive packets. Both of these 360 could be recognised as suspicious - the first because isolated UDP 361 packets would not normally be expected to have non-zero flow labels, 362 and the second because the flow label values in a given TCP session 363 should all be equal. However, other methods, such as co-opting the 364 flow labels of occasional packets, might be rather hard to detect. 366 In situations where the covert channel risk is considered 367 significant, the only certain defense is for a firewall to rewrite 368 non-zero flow labels. This would be an exceptional violation of the 369 rule that the flow label, once set to a non-zero value, must not be 370 changed. To preserve load distribution capability, such a firewall 371 SHOULD rewrite labels by following the method described for a 372 forwarding node (see Section 3), as if the incoming label value were 373 zero, and MUST NOT set non-zero flow labels to zero. This behaviour 374 is nevertheless undesirable, since (as discussed in Section 3), only 375 source nodes have straightforward access to the complete 5-tuple. 377 6.2. Theft and Denial of Service 379 Since the mapping of network traffic to flow-specific treatment is 380 triggered by the IP addresses and Flow Label value of the IPv6 381 header, an adversary may be able to obtain a class of service that 382 the network did not intend to provide by modifying the IPv6 header or 383 by injecting packets with false addresses and/or labels. A concrete 384 analysis of this threat is only possible for specific stateful 385 methods of signaling and using the flow label, which are out of scope 386 for this document. Clearly, a full analysis will be required when 387 any such method is specified, but in general networks SHOULD NOT make 388 resource allocation decisions based on flow labels without some 389 external means of assurance. 391 A denial of service attack [RFC4732] becomes possible in the 392 stateless model when the modified or injected traffic depletes the 393 resources available to forward it and other traffic streams. If a 394 DoS attack were undertaken against a given Flow Label (or set of Flow 395 Labels), then traffic containing an affected Flow Label might well 396 experience worse-than-best-effort network performance. 398 Note that since the treatment of IP headers by nodes is typically 399 unverified, there is no guarantee that flow labels sent by a node are 400 set according to the recommendations in this document. A man-in-the- 401 middle or injected-traffic denial of service attack specifically 402 directed at flow label handling would involve setting unusual flow 403 labels. For example, an attacker could set all flow labels reaching 404 a given router to the same arbitrary non-zero value, or could perform 405 rapid cycling of flow label values such that the packets of a given 406 flow will each have a different value. Either of these attacks would 407 cause a stateless load distribution algorithm to perform badly and 408 would cause a stateful classifier to behave incorrectly. For this 409 reason, stateless classifiers should not use the flow label alone to 410 control load distribution, and stateful classifiers should include 411 explicit methods to detect and ignore suspect flow label values. 413 Since flows are identified by the 3-tuple of the Flow Label and the 414 Source and Destination Address, the risk of denial of service 415 introduced by the Flow Label is closely related to the risk of denial 416 of service by address spoofing. An adversary who is in a position to 417 forge an address is also likely to be able to forge a label, and vice 418 versa. 420 There are two issues with different properties: Spoofing of the Flow 421 Label only, and spoofing of the whole 3-tuple, including Source and 422 Destination Address. 424 The former can be done inside a node which is using or transmitting 425 the correct source address. The ability to spoof a Flow Label 426 typically implies being in a position to also forge an address, but 427 in many cases, spoofing an address may not be interesting to the 428 spoofer, especially if the spoofer's goal is theft of service, rather 429 than denial of service. 431 The latter can be done by a host which is not subject to ingress 432 filtering [RFC2827] or by an intermediate router. Due to its 433 properties, this is typically useful only for denial of service. In 434 the absence of ingress filtering, almost any third party could 435 instigate such an attack. 437 In the presence of ingress filtering, forging a non-zero Flow Label 438 on packets that originated with a zero label, or modifying or 439 clearing a label, could only occur if an intermediate system such as 440 a router was compromised, or through some other form of man-in-the- 441 middle attack. 443 6.3. IPsec and Tunneling Interactions 445 The IPsec protocol, as defined in [RFC4301], [RFC4302], [RFC4303] 446 does not include the IPv6 header's Flow Label in any of its 447 cryptographic calculations (in the case of tunnel mode, it is the 448 outer IPv6 header's Flow Label that is not included). Hence 449 modification of the Flow Label by a network node has no effect on 450 IPsec end-to-end security, because it cannot cause any IPsec 451 integrity check to fail. As a consequence, IPsec does not provide 452 any defense against an adversary's modification of the Flow Label 453 (i.e., a man-in-the-middle attack). 455 IPsec tunnel mode provides security for the encapsulated IP header's 456 Flow Label. A tunnel mode IPsec packet contains two IP headers: an 457 outer header supplied by the tunnel ingress node and an encapsulated 458 inner header supplied by the original source of the packet. When an 459 IPsec tunnel is passing through nodes performing flow classification, 460 the intermediate network nodes operate on the Flow Label in the outer 461 header. At the tunnel egress node, IPsec processing includes 462 removing the outer header and forwarding the packet (if required) 463 using the inner header. The IPsec protocol requires that the inner 464 header's Flow Label not be changed by this decapsulation processing 465 to ensure that modifications to label cannot be used to launch theft- 466 or denial-of-service attacks across an IPsec tunnel endpoint. This 467 document makes no change to that requirement; indeed it forbids 468 changes to the Flow Label. 470 When IPsec tunnel egress decapsulation processing includes a 471 sufficiently strong cryptographic integrity check of the encapsulated 472 packet (where sufficiency is determined by local security policy), 473 the tunnel egress node can safely assume that the Flow Label in the 474 inner header has the same value as it had at the tunnel ingress node. 476 This analysis and its implications apply to any tunneling protocol 477 that performs integrity checks. Of course, any Flow Label set in an 478 encapsulating IPv6 header is subject to the risks described in the 479 previous section. 481 6.4. Security Filtering Interactions 483 The Flow Label does nothing to eliminate the need for packet 484 filtering based on headers past the IP header, if such filtering is 485 deemed necessary for security reasons on nodes such as firewalls or 486 filtering routers. 488 7. Differences from RFC 3697 490 The main differences between this specification and its predecessor 491 are as follows: 493 o This specification encourages non-zero flow label values to be 494 used, and clearly defines how to set a non-zero value. 495 o It encourages a stateless model with uniformly distributed flow 496 label values. 497 o It does not specify any details of a stateful model. 498 o It retains the rule that the flow label must not be changed en 499 route, but allows routers to set the label on behalf of hosts that 500 do not do so. 501 o It discusses the covert channel risk and its consequences for 502 firewalls. 504 For further details see [I-D.ietf-6man-flow-update]. 506 8. IANA Considerations 508 This document requests no action by IANA. 510 9. Acknowledgements 512 Valuable comments and contributions were made by Jari Arkko, Ran 513 Atkinson, Fred Baker, Richard Barnes, Steve Blake, Remi Despres, Alan 514 Ford, Fernando Gont, Brian Haberman, Tony Hain, Joel Halpern, Qinwen 515 Hu, Chris Morrow, Thomas Narten, Mark Smith, Pascal Thubert, Iljitsch 516 van Beijnum, and other participants in the 6man working group. 518 Cristian Calude suggested the von Neumann algorithm in Appendix A. 519 David Malone and Donald Eastlake gave additional input about hash 520 algorithms. 522 Steve Deering and Alex Conta were co-authors of RFC 3697, on which 523 this document is based. 525 Contributors to the original development of RFC 3697 included Ran 526 Atkinson, Steve Blake, Jim Bound, Francis Dupont, Robert Elz, Tony 527 Hain, Robert Hancock, Bob Hinden, Christian Huitema, Frank 528 Kastenholz, Thomas Narten, Charles Perkins, Pekka Savola, Hesham 529 Soliman, Michael Thomas, Margaret Wasserman, and Alex Zinin. 531 This document was produced using the xml2rfc tool [RFC2629]. 533 10. Change log [RFC Editor: Please remove] 535 draft-ietf-6man-flow-3697bis-06: resolved IESG comments, 2011-07-29. 537 draft-ietf-6man-flow-3697bis-06: resolved IETF Last Call comments, 538 2011-07-11. 540 draft-ietf-6man-flow-3697bis-05: resolved AD comments, improved hash 541 algorithm, 2011-06-29. 543 draft-ietf-6man-flow-3697bis-04: update to resolve further WG 544 comments, 2011-05-11: 546 o Suggested a specific hash algorithm to generate a flow label. 547 o Removed reference to stateful domain. 548 o Added text about covert channel and tuned text about firewall 549 behavior; removed the confusing word "immutable". 550 o Added that Section 6 of RFC 2460 is replaced. 551 o Editorial fixes. 553 draft-ietf-6man-flow-3697bis-03: update to resolve WGLC comments, 554 2011-05-02: 556 o Clarified that the network layer view of flows is agnostic about 557 transport sessions. 558 o Honed the definition of stateless v stateful models. 559 o Honed the text about using a pseudo-random function. 560 o Moved material about violation of immutability to Security 561 section, and rephrased accordingly. 562 o Dropped material about setting the flow label at a domain exit 563 router: doesn't belong here now that we have dropped almost all 564 the stateful text. 566 o Removed normative reference to draft-gont-6man-flowlabel-security. 567 o Removed the statement that a node that does not set or use the 568 flow label must ignore it: this statement appears to be a no-op. 569 o Added a summary of changes from RFC 3697. 570 o Miscellaneous editorial fixes. 572 draft-ietf-6man-flow-3697bis-02: update to remove most text about 573 stateful methods, 2011-03-13 575 draft-ietf-6man-flow-3697bis-01: update after resolving 11 initial 576 issues, 2011-02-26 578 draft-ietf-6man-flow-3697bis-00: original version, built from RFC3697 579 and draft-ietf-6man-flow-update-01, 2011-01-31 581 11. References 583 11.1. Normative References 585 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 586 Requirement Levels", BCP 14, RFC 2119, March 1997. 588 [RFC2205] Braden, B., Zhang, L., Berson, S., Herzog, S., and S. 589 Jamin, "Resource ReSerVation Protocol (RSVP) -- Version 1 590 Functional Specification", RFC 2205, September 1997. 592 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 593 (IPv6) Specification", RFC 2460, December 1998. 595 [RFC4086] Eastlake, D., Schiller, J., and S. Crocker, "Randomness 596 Requirements for Security", BCP 106, RFC 4086, June 2005. 598 11.2. Informative References 600 [I-D.gont-6man-flowlabel-security] 601 Gont, F., "Security Assessment of the IPv6 Flow Label", 602 draft-gont-6man-flowlabel-security-01 (work in progress), 603 November 2010. 605 [I-D.ietf-6man-flow-ecmp] 606 Carpenter, B. and S. Amante, "Using the IPv6 flow label 607 for equal cost multipath routing and link aggregation in 608 tunnels", draft-ietf-6man-flow-ecmp-05 (work in progress), 609 July 2011. 611 [I-D.ietf-6man-flow-update] 612 Amante, S., Carpenter, B., and S. Jiang, "Rationale for 613 update to the IPv6 flow label specification", 614 draft-ietf-6man-flow-update-07 (work in progress), 615 July 2011. 617 [NSA] Potyraj, C., "Firewall Design Considerations for IPv6", 618 National Security Agency I733-041R-2007, 2007, 619 . 621 [RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629, 622 June 1999. 624 [RFC2827] Ferguson, P. and D. Senie, "Network Ingress Filtering: 625 Defeating Denial of Service Attacks which employ IP Source 626 Address Spoofing", BCP 38, RFC 2827, May 2000. 628 [RFC3697] Rajahalme, J., Conta, A., Carpenter, B., and S. Deering, 629 "IPv6 Flow Label Specification", RFC 3697, March 2004. 631 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 632 Internet Protocol", RFC 4301, December 2005. 634 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, 635 December 2005. 637 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 638 RFC 4303, December 2005. 640 [RFC4311] Hinden, R. and D. Thaler, "IPv6 Host-to-Router Load 641 Sharing", RFC 4311, November 2005. 643 [RFC4732] Handley, M., Rescorla, E., and IAB, "Internet Denial-of- 644 Service Considerations", RFC 4732, December 2006. 646 [RFC5971] Schulzrinne, H. and R. Hancock, "GIST: General Internet 647 Signalling Transport", RFC 5971, October 2010. 649 [vonNeumann] 650 von Neumann, J., "Various techniques used in connection 651 with random digits", National Bureau of Standards Applied 652 Math Series 12, 36-38, 1951. 654 Appendix A. Example 20-bit Hash Function 656 As mentioned in Section 3, a stateless hash function may be used to 657 generate a flow label value from an IPv6 packet's 5-tuple. It is not 658 trivial to choose a suitable hash function, and it is expected that 659 extensive practical experience will be required to identify the best 660 choices. An example function, based on an algorithm by von Neumann 661 known to produce an approximately uniform distribution [vonNeumann], 662 follows. For each packet for which a flow label must be generated, 663 execute the following steps: 665 1. Split the destination and source addresses into two 64 bit values 666 each, thus transforming the 5-tuple into a 7-tuple. 667 2. Add the following five components together using unsigned 64 bit 668 arithmetic, discarding any carry bits: both parts of the source 669 address, both parts of the destination address, and the protocol 670 number. 671 3. Apply the von Neumann algorithm to the resulting string of 64 672 bits: 673 1. Starting at the least significant end, select two bits. 674 2. If the two bits are 00 or 11, discard them. 675 3. If the two bits are 01, output a 0 bit. 676 4. If the two bits are 10, output a 1 bit. 677 5. Repeat with the next two bits in the input 64 bit string. 678 6. Stop when 16 bits have been output (or when the 64 bit string 679 is exhausted). 680 4. Add the two port numbers to the resulting 16 bit number. 681 5. Shift the resulting value 4 bits left and mask with 0xfffff. 682 6. In the highly unlikely event that the result is exactly zero, set 683 the flow label arbitrarily to the value 1. 685 Note that this simple example does not include a step to prevent 686 predictability, as recommended in Section 6. 688 Authors' Addresses 690 Shane Amante 691 Level 3 Communications, LLC 692 1025 Eldorado Blvd 693 Broomfield, CO 80021 694 USA 696 Email: shane@level3.net 697 Brian Carpenter 698 Department of Computer Science 699 University of Auckland 700 PB 92019 701 Auckland, 1142 702 New Zealand 704 Email: brian.e.carpenter@gmail.com 706 Sheng Jiang 707 Huawei Technologies Co., Ltd 708 Huawei Building, No.3 Xinxi Rd., 709 Shang-Di Information Industry Base, Hai-Dian District, Beijing 710 P.R. China 712 Email: jiangsheng@huawei.com 714 Jarno Rajahalme 715 Nokia Siemens Networks 716 Linnoitustie 6 717 02600 Espoo 718 Finland 720 Email: jarno.rajahalme@nsn.com