idnits 2.17.1 draft-ietf-6man-hbh-header-handling-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC2460, updated by this document, for RFC5378 checks: 1997-07-30) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 3, 2016) is 2976 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC4302' is defined on line 366, but no explicit reference was found in the text == Unused Reference: 'RFC4303' is defined on line 370, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) == Outdated reference: A later version (-13) exists of draft-ietf-6man-rfc2460bis-03 Summary: 1 error (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IPv6 Maintenance F. Baker 3 Internet-Draft Cisco Systems 4 Updates: 2460,7045 (if approved) R. Bonica 5 Intended status: Standards Track Juniper Networks 6 Expires: September 4, 2016 March 3, 2016 8 IPv6 Hop-by-Hop Options Extension Header 9 draft-ietf-6man-hbh-header-handling-01 11 Abstract 13 This document clarifies requirements for IPv6 routers with respect to 14 the Hop-by-Hop (HBH) Options Extension Header. These requirements 15 are applicable to all IPv6 routers, regardless of whether they 16 maintain a strict separation between forwarding and control plane 17 hardware. In this respect, this document updates RFC 2460 and RFC 18 7045. 20 This document also describes forwarding plane procedures for 21 processing the HBH Options Extension Header. These procedures are 22 applicable to implementations that maintain a strict separation 23 between forwarding and control plane implementations. 25 The procedures described herein satisfy the above mentioned 26 requirements by processing HBH Options on the forwarding plane to the 27 greatest degree possible. If a packet containing HBH Options must be 28 dispatched to the control plane, it is rate limited before 29 dispatching. In order to comply with the requirements of this 30 specification, implementations may execute the procedures described 31 herein or any other procedures that result in compliant behavior. 33 Status of This Memo 35 This Internet-Draft is submitted in full conformance with the 36 provisions of BCP 78 and BCP 79. 38 Internet-Drafts are working documents of the Internet Engineering 39 Task Force (IETF). Note that other groups may also distribute 40 working documents as Internet-Drafts. The list of current Internet- 41 Drafts is at http://datatracker.ietf.org/drafts/current/. 43 Internet-Drafts are draft documents valid for a maximum of six months 44 and may be updated, replaced, or obsoleted by other documents at any 45 time. It is inappropriate to use Internet-Drafts as reference 46 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on September 4, 2016. 50 Copyright Notice 52 Copyright (c) 2016 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents 57 (http://trustee.ietf.org/license-info) in effect on the date of 58 publication of this document. Please review these documents 59 carefully, as they describe your rights and restrictions with respect 60 to this document. Code Components extracted from this document must 61 include Simplified BSD License text as described in Section 4.e of 62 the Trust Legal Provisions and are provided without warranty as 63 described in the Simplified BSD License. 65 Table of Contents 67 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 68 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 69 2. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 4 70 3. Proposed Procedures . . . . . . . . . . . . . . . . . . . . . 6 71 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 72 5. Security Considerations . . . . . . . . . . . . . . . . . . . 7 73 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 74 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 75 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 76 7.2. Informative References . . . . . . . . . . . . . . . . . 8 77 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 9 78 Appendix B. HBH Options . . . . . . . . . . . . . . . . . . . . 9 79 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 81 1. Introduction 83 In IPv6 [RFC2460], optional Internet-layer information is encoded in 84 extension headers that may be placed between the IPv6 header and the 85 upper-layer header. Currently, eleven extension headers are defined. 86 Among them is the Hop-by-Hop (HBH) Options Extension header. Unlike 87 any other extension header, the HBH Options Extension header is 88 examined by every node that a packet visits en route to its 89 destination. 91 The HBH Extension Header contains one or more HBH Options. Each HBH 92 Option contains a type identifier. Appendix B of this document 93 provides a list of currently defined HBH options. 95 Some HBH Options contain information that is useful to a router's 96 forwarding plane. In this document, we call these options "HBH 97 forwarding options". Among these is the Jumbo Payload Option 99 [RFC2675]. The Jumbo Payload Option indicates the payload length of 100 the packet that carries it. While this information is required to 101 forward the packet, it can be discarded as soon as the packet has 102 been forwarded. 104 By contrast, other HBH Options contain information that is useful to 105 a router's control plane. In this document, we call these options 106 "HBH control options". Among these is the Router Alert Option 107 [RFC2711]. The Router Alert Option informs transit routers that the 108 packet carrying it contains information to be consumed by the 109 router's control plane. In many cases, this information is used to 110 forward subsequent packets. 112 Finally, the Pad and Pad1 options contain no information at all. 113 These are included to ensure word-alignment of subsequent options and 114 headers. 116 Many modern routers maintain a strict separation between forwarding 117 plane hardware and control plane hardware. In these routers, 118 forwarding plane bandwidth is plentiful, while control plane 119 bandwidth is constrained. In order to protect scarce control plane 120 resources, these routers enforce policies the restrict access from 121 the from the forwarding plane to the control plane. Effective 122 policies address packets containing the HBH Options Extension header, 123 because HBH control options require access from the forwarding lane 124 to the control plane. 126 Many network operators perceive HBH Options to be a breach of the 127 separation between the forwarding and control planes 128 [I-D.ietf-v6ops-ipv6-ehs-in-real-world]. Therefore, some network 129 operators discard all packets containing the HBH Options Extension 130 Header, while others forward the packets but ignore the HBH Options. 131 Still other operators severely rate-limit packets containing the HBH 132 Options Extension Header. In addition, some (notably older) 133 implementations send all packets containing a HBH header to the 134 control plane even if they contain only pad options, resulting in an 135 effect DOS on the router and inconsistent drops among those packets 136 due to rate limiting or other factors. 138 [RFC7045] legitimizes the current state of affairs, severely limiting 139 the utility of HBH options. In the words of RFC 7045: 141 "The IPv6 Hop-by-Hop Options header SHOULD be processed by 142 intermediate forwarding nodes as described in RFC2460. However, 143 it is to be expected that high-performance routers will either 144 ignore it or assign packets containing it to a slow processing 145 path. Designers planning to use a Hop-by-Hop option need to be 146 aware of this likely behaviour." 148 This document clarifies requirements for IPv6 routers with respect to 149 the HBH Options Extension Header. These requirements are applicable 150 to all IPv6 routers, regardless of whether they maintain a strict 151 separation between forwarding and control plane hardware. In this 152 respect, this document updates RFC 2460 and RFC 7045. 154 This document also describes forwarding plane procedures for 155 processing the HBH Options Extension Header. These procedures are 156 applicable to implementations that maintain a strict separation 157 between forwarding and control plane hardware. 159 The procedures described herein satisfy the above mentioned 160 requirements by processing HBH Options on the forwarding plane to the 161 greatest degree possible. If a packet containing HBH Options must be 162 dispatched to the control plane, it is rate limited before 163 dispatching. In order to comply with the requirements of this 164 specification, implementations can execute the procedures described 165 herein or any other procedures that result in compliant behavior. 167 1.1. Requirements Language 169 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 170 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 171 document are to be interpreted as described in [RFC2119]. 173 2. Requirements 175 This section clarifies requirements for IPv6 routers with respect to 176 the HBH Options Extension Header. These requirements are applicable 177 to all IPv6 routers, regardless of whether they maintain a strict 178 separation between forwarding and control plane hardware. 180 o REQ1: Implementations MUST NOT discard otherwise forwardable 181 packets because the contain the HBH Options Extension header. 182 While an implementation MAY be configured to discard packets 183 containing the HBH Options Extension Header, this MUST NOT be the 184 default behavior. 186 o REQ 2: Implementations MUST scan the entire HBH Options Extension 187 header, processing unrecognized options as described in 188 Section 4.2 of RFC 2460. Specifically, if an implementation 189 receives a packet that contains an unrecognized HBH Option, the 190 implementation MUST examine the first two bits of the Type 191 indicator contained by the unrecognized option. Those bits 192 determine whether the implementation will a) continue to process 193 the packet, b) discard the packet without sending an ICMP message 194 or c) discard the packet and send an ICMP message. 196 o REQ 3: If an implementation receives a packet that contains 197 multiple unrecognized HBH Options, and at least one of those 198 unrecognized options contains a Type indicator whose first two bit 199 are 01, the implementation MUST discard the packet, without 200 sending an ICMP message. The implementation MUST NOT send an ICMP 201 message, even if one of the other unrecognized options contains a 202 Type indicator that begins with 10 or 11. 204 o REQ 4: Implementations MUST protect themselves against denial of 205 service attack against the control plane are propagated through 206 HBH Options. These protections MUST be enabled by default, 207 without special configuration. 209 o REQ 5: Implementations MUST protect themselves against denial of 210 service attack against the control plane are propagated through 211 HBH Options. These protections MAY require special configuration. 213 o REQ 6: The originator of a packet MAY insert the HBH Options 214 Extension header between the IPv6 header and the upper-layer 215 header. It MAY also insert HBH Options inside of the HBH Options 216 header. Transit routers MUST NOT insert the HBH Options Extension 217 header between the IPv6 header and the upper-layer header. 218 Furthermore, they MUST NOT add or delete HBH Options inside of the 219 HBH Options Extension header. 221 o REQ 7: Implementations SHOULD support a configuration option that 222 limits the set of HBH Options that they recognize. For example, 223 assume that an implementation recognizes a particular HBH Option. 224 Using this configuration option, an operator can cause the 225 implementation to behave as if it does not recognize that option. 226 This MAY be configured a a side effect of other functionality. 227 For example, an implementation might not recognize the Router 228 Alert Option unless a protocol that relies on the Router Alert 229 Option (e.g., RSVP) is configured. 231 o REQ 8: The HBH Options Extension Header can contain as many as 232 2056 bytes. Some implementation are not capable of processing 233 extension headers of that length. When an implementation receives 234 a packet that it cannot process due to its HBH Options Extension 235 Header length, the implementation MUST discard the packet and send 236 an ICMP Parameter Problem message the packet source. ICMP 237 Parameter Problem Code MUST be "Long Extension Header" (value TBD) 238 and the ICMP Parameter Problem Pointer MUST contain the offset of 239 HBH Options Extension Header. 241 3. Proposed Procedures 243 This section describes forwarding plane procedures for processing the 244 HBH Options Extension Header. These procedures are applicable to 245 implementations that maintain a strict separation between forwarding 246 and control plane hardware. 248 The procedures described below process HBH Options on the forwarding 249 plane to the greatest degree possible. If a packet containing HBH 250 Options must be dispatched to the control plane, it is rate limited 251 before dispatching. In order to comply with the requirements of 252 Section 2, implementations can execute the procedures described 253 herein or any other procedures that result in compliant behavior. 255 Having received a packet containing the HBH Options Extension header, 256 the forwarding plane determines whether the HBH Options Extension 257 Header is too long for it to process. If so, the forwarding plane 258 discards the packet and sends an ICMP Parameter Problem message to 259 the packet source. ICMP Parameter Problem Code is set to "Long 260 Extension Header" and the ICMP Parameter Problem Pointer is set to 261 the offset of HBH Options Extension Header. 263 If the HBH Options Extension Header is not too long to process, the 264 forwarding plane hardware scans the header, assigning it to one of 265 the following classes: 267 o Discard 269 o Dispatch to control plane 271 o Forward, ignoring all HBH Option 273 o Forward, processing selected HBH Options 275 Forwarding plane hardware discards the packet if the HBH Options 276 Extension Header contains an unrecognized option whose Type indicator 277 begins with 01, 10 or 11. Forwarding plane hardware sends an ICMP 278 message if required. See Section 2 REQ 2 and REQ 3 for details. 280 If the packet is not discarded, and the HBH Options Extension header 281 contains at least one recognized control option, the forwarding plane 282 subjects the packet to a rate-limit and dispatches it to the control 283 plane 285 Otherwise, if the HBH Options Extension header contains only the 286 following option types, the packet is forwarded without further HBH 287 Option processing: 289 o Pad or Pad1 291 o Unrecognized options whose Type indicator begins with 00 293 Otherwise, the forwarding plane process forwarding options and 294 forwards the packet 296 4. IANA Considerations 298 IANA is requested to assign a new entry to the ICMP Parameter Problem 299 Code registry. The name of this code is "Long Extension Header". 301 5. Security Considerations 303 This document contributes to the security of IPv6 routers, by 304 defining forwarding plane procedures for the processing of HBH 305 Options. These procedures are applicable to implementations that 306 maintain a strict separation between forwarding and control plane 307 hardware. 309 The procedures described below process HBH Options on the forwarding 310 plane to the greatest degree possible. If a packet containing HBH 311 Options must be dispatched to the control plane, it is rate limited 312 before dispatching. 314 6. Acknowledgements 316 This note grew out of a discussion among the author, Ole Troan, Mark 317 Townsley, Frank Brockners, and Shwetha Bhandari, and benefited from 318 comments by Dennis Ferguson, Brian Carpenter, Panos Kampanakis, 319 Jinmei Tatuya, and Joe Touch. 321 7. References 323 7.1. Normative References 325 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 326 Requirement Levels", BCP 14, RFC 2119, 327 DOI 10.17487/RFC2119, March 1997, 328 . 330 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 331 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 332 December 1998, . 334 [RFC7045] Carpenter, B. and S. Jiang, "Transmission and Processing 335 of IPv6 Extension Headers", RFC 7045, 336 DOI 10.17487/RFC7045, December 2013, 337 . 339 7.2. Informative References 341 [I-D.ietf-6man-rfc2460bis] 342 Deering, S. and B. Hinden, "Internet Protocol, Version 6 343 (IPv6) Specification", draft-ietf-6man-rfc2460bis-03 (work 344 in progress), January 2016. 346 [I-D.ietf-roll-trickle-mcast] 347 Hui, J. and R. Kelsey, "Multicast Protocol for Low power 348 and Lossy Networks (MPL)", draft-ietf-roll-trickle- 349 mcast-12 (work in progress), June 2015. 351 [I-D.ietf-v6ops-ipv6-ehs-in-real-world] 352 Gont, F., Linkova, J., Chown, T., and S. LIU, 353 "Observations on the Dropping of Packets with IPv6 354 Extension Headers in the Real World", draft-ietf-v6ops- 355 ipv6-ehs-in-real-world-02 (work in progress), December 356 2015. 358 [RFC2675] Borman, D., Deering, S., and R. Hinden, "IPv6 Jumbograms", 359 RFC 2675, DOI 10.17487/RFC2675, August 1999, 360 . 362 [RFC2711] Partridge, C. and A. Jackson, "IPv6 Router Alert Option", 363 RFC 2711, DOI 10.17487/RFC2711, October 1999, 364 . 366 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, 367 DOI 10.17487/RFC4302, December 2005, 368 . 370 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 371 RFC 4303, DOI 10.17487/RFC4303, December 2005, 372 . 374 [RFC4782] Floyd, S., Allman, M., Jain, A., and P. Sarolahti, "Quick- 375 Start for TCP and IP", RFC 4782, DOI 10.17487/RFC4782, 376 January 2007, . 378 [RFC5570] StJohns, M., Atkinson, R., and G. Thomas, "Common 379 Architecture Label IPv6 Security Option (CALIPSO)", 380 RFC 5570, DOI 10.17487/RFC5570, July 2009, 381 . 383 [RFC6398] Le Faucheur, F., Ed., "IP Router Alert Considerations and 384 Usage", BCP 168, RFC 6398, DOI 10.17487/RFC6398, October 385 2011, . 387 [RFC6553] Hui, J. and JP. Vasseur, "The Routing Protocol for Low- 388 Power and Lossy Networks (RPL) Option for Carrying RPL 389 Information in Data-Plane Datagrams", RFC 6553, 390 DOI 10.17487/RFC6553, March 2012, 391 . 393 [RFC6621] Macker, J., Ed., "Simplified Multicast Forwarding", 394 RFC 6621, DOI 10.17487/RFC6621, May 2012, 395 . 397 [RFC6971] Herberg, U., Ed., Cardenas, A., Iwao, T., Dow, M., and S. 398 Cespedes, "Depth-First Forwarding (DFF) in Unreliable 399 Networks", RFC 6971, DOI 10.17487/RFC6971, June 2013, 400 . 402 Appendix A. Change Log 404 RFC Editor: this section need not be published in any RFC. 406 Initial Version: October 2015: text copied from draft-baker-6man- 407 hbh-header-handling-03.txt and discussed in IETF 94 409 IETF 94 Update: Sections 2.2, 2..3, and 2.4 moved to an appendix 410 reflecting (negative) working group viewpoint on the modification 411 of packet length in flight. 413 The content of this document is likely to be subsumed into 2460bis 414 [I-D.ietf-6man-rfc2460bis], but is held separate for the present 415 discussion. 417 A new section 2.2 added detailing conceptual processing model for 418 HBH options. 420 Appendix B. HBH Options 422 At this writing, there are several defined Hop-by-Hop options: 424 PAD Options: The PAD1 and PADn [RFC2460] 426 Router Alert Option: The IPv6 Router Alert Option [RFC2711] 427 [RFC6398] 429 Jumbo Payload: [RFC2675] 430 RPL Option: [RFC6553] 432 Quickstart Option [RFC4782] 434 Common Architecture Label IPv6 Security Option: [RFC5570] 436 SMF Option: [RFC6621] 438 MPL Option: [I-D.ietf-roll-trickle-mcast] 440 DFF Option: [RFC6971] 442 Authors' Addresses 444 Fred Baker 445 Cisco Systems 446 Santa Barbara, California 93117 447 USA 449 Email: fred@cisco.com 451 Ron Bonica 452 Juniper Networks 453 Herndon, Virginia 20171 454 USA 456 Email: rbonica@juniper.net