idnits 2.17.1 draft-ietf-6man-hbh-header-handling-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC2460, updated by this document, for RFC5378 checks: 1997-07-30) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 16, 2016) is 2963 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC4302' is defined on line 373, but no explicit reference was found in the text == Unused Reference: 'RFC4303' is defined on line 377, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) == Outdated reference: A later version (-04) exists of draft-gont-v6ops-ipv6-ehs-packet-drops-03 == Outdated reference: A later version (-13) exists of draft-ietf-6man-rfc2460bis-03 Summary: 1 error (**), 0 flaws (~~), 5 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 IPv6 Maintenance F. Baker 3 Internet-Draft Cisco Systems 4 Updates: 2460,7045 (if approved) R. Bonica 5 Intended status: Standards Track Juniper Networks 6 Expires: September 17, 2016 March 16, 2016 8 IPv6 Hop-by-Hop Options Extension Header 9 draft-ietf-6man-hbh-header-handling-03 11 Abstract 13 This document clarifies requirements for IPv6 routers with respect to 14 the Hop-by-Hop (HBH) Options Extension Header. These requirements 15 are applicable to all IPv6 routers, regardless of whether they 16 maintain a strict separation between forwarding and control plane 17 hardware. In this respect, this document updates RFC 2460 and RFC 18 7045. 20 This document also describes forwarding plane procedures for 21 processing the HBH Options Extension Header. These procedures are 22 applicable to implementations that maintain a strict separation 23 between forwarding and control plane implementations. 25 The procedures described herein satisfy the above mentioned 26 requirements by processing HBH Options on the forwarding plane to the 27 greatest degree possible. If a packet containing HBH Options must be 28 dispatched to the control plane, it is rate limited before 29 dispatching. In order to comply with the requirements of this 30 specification, implementations may execute the procedures described 31 herein or any other procedures that result in compliant behavior. 33 Status of This Memo 35 This Internet-Draft is submitted in full conformance with the 36 provisions of BCP 78 and BCP 79. 38 Internet-Drafts are working documents of the Internet Engineering 39 Task Force (IETF). Note that other groups may also distribute 40 working documents as Internet-Drafts. The list of current Internet- 41 Drafts is at http://datatracker.ietf.org/drafts/current/. 43 Internet-Drafts are draft documents valid for a maximum of six months 44 and may be updated, replaced, or obsoleted by other documents at any 45 time. It is inappropriate to use Internet-Drafts as reference 46 material or to cite them other than as "work in progress." 48 This Internet-Draft will expire on September 17, 2016. 50 Copyright Notice 52 Copyright (c) 2016 IETF Trust and the persons identified as the 53 document authors. All rights reserved. 55 This document is subject to BCP 78 and the IETF Trust's Legal 56 Provisions Relating to IETF Documents 57 (http://trustee.ietf.org/license-info) in effect on the date of 58 publication of this document. Please review these documents 59 carefully, as they describe your rights and restrictions with respect 60 to this document. Code Components extracted from this document must 61 include Simplified BSD License text as described in Section 4.e of 62 the Trust Legal Provisions and are provided without warranty as 63 described in the Simplified BSD License. 65 Table of Contents 67 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 68 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 69 2. Requirements . . . . . . . . . . . . . . . . . . . . . . . . 4 70 3. Proposed Procedures . . . . . . . . . . . . . . . . . . . . . 6 71 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 72 5. Security Considerations . . . . . . . . . . . . . . . . . . . 7 73 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 74 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 75 7.1. Normative References . . . . . . . . . . . . . . . . . . 7 76 7.2. Informative References . . . . . . . . . . . . . . . . . 8 77 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 9 78 Appendix B. HBH Options . . . . . . . . . . . . . . . . . . . . 10 79 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 81 1. Introduction 83 In IPv6 [RFC2460], optional Internet-layer information is encoded in 84 extension headers that may be placed between the IPv6 header and the 85 upper-layer header. Currently, eleven extension headers are defined. 86 Among them is the Hop-by-Hop (HBH) Options Extension header. Unlike 87 any other extension header, the HBH Options Extension header is 88 examined by every node that a packet visits en route to its 89 destination. 91 The HBH Extension Header contains one or more HBH Options. Each HBH 92 Option contains a type identifier. Appendix B of this document 93 provides a list of currently defined HBH options. 95 Some HBH Options contain information that is useful to a router's 96 forwarding plane. In this document, we call these options "HBH 97 forwarding options". Among these is the Jumbo Payload Option 99 [RFC2675]. The Jumbo Payload Option indicates the payload length of 100 the packet that carries it. While this information is required to 101 forward the packet, it can be discarded as soon as the packet has 102 been forwarded. 104 By contrast, other HBH Options contain information that is useful to 105 a router's control plane. In this document, we call these options 106 "HBH control options". Among these is the Router Alert Option 107 [RFC2711]. The Router Alert Option informs transit routers that the 108 packet carrying it contains information to be consumed by the 109 router's control plane. In many cases, this information is used to 110 forward subsequent packets. 112 Finally, the Pad and Pad1 options contain no information at all. 113 These are included to ensure word-alignment of subsequent options and 114 headers. 116 Many modern routers maintain a strict separation between forwarding 117 plane hardware and control plane hardware. In these routers, 118 forwarding plane bandwidth is plentiful, while control plane 119 bandwidth is constrained. In order to protect scarce control plane 120 resources, these routers enforce policies the restrict access from 121 the from the forwarding plane to the control plane. Effective 122 policies address packets containing the HBH Options Extension header, 123 because HBH control options require access from the forwarding plane 124 to the control plane. 126 Many network operators perceive HBH Options to be a breach of the 127 separation between the forwarding and control planes 128 [I-D.ietf-v6ops-ipv6-ehs-in-real-world]. Therefore, some network 129 operators discard all packets containing the HBH Options Extension 130 Header, while others forward the packets but ignore the HBH Options. 131 Still other operators severely rate-limit packets containing the HBH 132 Options Extension Header. In addition, some (notably older) 133 implementations send all packets containing a HBH header to the 134 control plane even if they contain only pad options, resulting in an 135 effect DoS on the router and inconsistent drops among those packets 136 due to rate limiting or other factors. 138 [RFC7045] legitimizes the current state of affairs, severely limiting 139 the utility of HBH options. In the words of RFC 7045: 141 "The IPv6 Hop-by-Hop Options header SHOULD be processed by 142 intermediate forwarding nodes as described in RFC2460. However, 143 it is to be expected that high-performance routers will either 144 ignore it or assign packets containing it to a slow processing 145 path. Designers planning to use a Hop-by-Hop option need to be 146 aware of this likely behaviour." 148 This document clarifies requirements for IPv6 routers with respect to 149 the HBH Options Extension Header. These requirements are applicable 150 to all IPv6 routers, regardless of whether they maintain a strict 151 separation between forwarding and control plane hardware. In this 152 respect, this document updates RFC 2460 and RFC 7045. 154 This document also describes forwarding plane procedures for 155 processing the HBH Options Extension Header. These procedures are 156 applicable to implementations that maintain a strict separation 157 between forwarding and control plane hardware. 159 The procedures described herein satisfy the above mentioned 160 requirements by processing HBH Options on the forwarding plane to the 161 greatest degree possible. If a packet containing HBH Options must be 162 dispatched to the control plane, it is rate limited before 163 dispatching. In order to comply with the requirements of this 164 specification, implementations can execute the procedures described 165 herein or any other procedures that result in compliant behavior. 167 1.1. Requirements Language 169 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 170 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 171 document are to be interpreted as described in [RFC2119]. 173 2. Requirements 175 This section clarifies requirements for IPv6 routers with respect to 176 the HBH Options Extension Header. These requirements are applicable 177 to all IPv6 routers, regardless of whether they maintain a strict 178 separation between forwarding and control plane hardware. 180 o REQ1: Implementations MUST NOT discard otherwise forwardable 181 packets because they contain the HBH Options Extension header. 182 However, an implementation MAY be configured to discard packets 183 containing the HBH Options Extension Header, so long as this is 184 not the default behavior. 186 o REQ 2: Implementations MUST process unrecognized HBH Options as 187 described in Section 4.2 of RFC 2460. If an implementation 188 receives a packet that contains an unrecognized HBH Option, that 189 implementation MUST examine the first two bits of the HBH Option 190 Type indicator. Those bits determine whether the implementation 191 a) continues to process the packet, b) discards the packet without 192 sending an ICMP message or c) discards the packet and sends an 193 ICMP message. 195 o REQ 3: Unrecognized HBH Options MUST be evaluated sequentially. 196 For example, assume that an implementation receives a packet that 197 carries two unrecognized HBH Options. The Type indicator of the 198 first unrecognized option begins with 01 while the Type indicator 199 of the second unrecognized option begins with 10. In this case, 200 the implementation MUST discard the packet without sending an ICMP 201 message to the source. However, if the Type indicator of the 202 first unrecognized option begins with 10 and the Type indicator of 203 the second unrecognized option begins with 01, the implementation 204 MUST discard the packet and send and ICMP Parameter Problem 205 message to the source. 207 o REQ 4: Implementations MUST protect themselves against denial of 208 service attacks that are propagated through HBH Options. These 209 protections MUST be enabled by default, without special 210 configuration. 212 o REQ 5: The originator of a packet MAY insert the HBH Options 213 Extension header between the IPv6 header and the upper-layer 214 header. It MAY also insert HBH Options inside of the HBH Options 215 header. Transit routers MUST NOT insert the HBH Options Extension 216 header between the IPv6 header and the upper-layer header. 217 Furthermore, they MUST NOT add or delete HBH Options inside of the 218 HBH Options Extension header. 220 o REQ 6: Implementations SHOULD support a configuration option that 221 limits the set of HBH Options that they recognize. For example, 222 assume that an implementation recognizes a particular HBH Option. 223 Using this configuration option, an operator can cause the 224 implementation to behave as if it does not recognize that option. 225 This MAY be configured a side effect of other functionality. For 226 example, an implementation might not recognize the Router Alert 227 Option unless a protocol that relies on the Router Alert Option 228 (e.g., RSVP) is configured. 230 o REQ 7: The HBH Options Extension Header can contain as many as 231 2056 bytes. Some implementation are not capable of processing 232 extension headers of that length 233 [I-D.gont-v6ops-ipv6-ehs-packet-drops]. When an implementation 234 receives a packet that it cannot process due to its HBH Options 235 Extension Header length, the implementation MUST discard the 236 packet and send an ICMP Parameter Problem message to the packet 237 source. ICMP Parameter Problem Code MUST be "Long Extension 238 Header" (value TBD) and the ICMP Parameter Problem Pointer MUST 239 contain the offset of HBH Options Extension Header. 241 3. Proposed Procedures 243 This section describes forwarding plane procedures for processing the 244 HBH Options Extension Header. These procedures are applicable to 245 implementations that maintain a strict separation between forwarding 246 and control plane hardware. 248 The procedures described below process HBH Options on the forwarding 249 plane to the greatest degree possible. If a packet containing HBH 250 Options must be dispatched to the control plane, it is rate limited 251 before dispatching. In order to comply with the requirements of 252 Section 2, implementations can execute the procedures described 253 herein or any other procedures that result in compliant behavior. 255 Having received a packet containing the HBH Options Extension header, 256 the forwarding plane determines whether the HBH Options Extension 257 Header is too long for it to process. If so, the forwarding plane 258 discards the packet and sends an ICMP Parameter Problem message to 259 the packet source. ICMP Parameter Problem Code is set to "Long 260 Extension Header" and the ICMP Parameter Problem Pointer is set to 261 the offset of HBH Options Extension Header. 263 If the HBH Options Extension Header is not too long to process, the 264 forwarding plane hardware scans the header, assigning it to one of 265 the following classes: 267 o Discard 269 o Dispatch to control plane 271 o Forward, ignoring all HBH Option 273 o Forward, processing selected HBH Options 275 Forwarding plane hardware discards the packet if the HBH Options 276 Extension Header contains an unrecognized option whose Type indicator 277 begins with 01, 10 or 11. Forwarding plane hardware sends an ICMP 278 message if required. See Section 2 REQ 2 and REQ 3 for details. 280 If the packet is not discarded, and the HBH Options Extension header 281 contains at least one recognized control option, the forwarding plane 282 subjects the packet to a rate-limit and dispatches it to the control 283 plane 285 Otherwise, if the HBH Options Extension header contains only the 286 following option types, the packet is forwarded without further HBH 287 Option processing: 289 o Pad or Pad1 291 o Unrecognized options whose Type indicator begins with 00 293 Otherwise, the forwarding plane process forwarding options and 294 forwards the packet 296 4. IANA Considerations 298 IANA is requested to assign a new entry to the ICMP Parameter Problem 299 Code registry. The name of this code is "Long Extension Header". 301 5. Security Considerations 303 This document contributes to the security of IPv6 routers, by 304 defining forwarding plane procedures for the processing of HBH 305 Options. These procedures are applicable to implementations that 306 maintain a strict separation between forwarding and control plane 307 hardware. 309 The procedures described below process HBH Options on the forwarding 310 plane to the greatest degree possible. If a packet containing HBH 311 Options must be dispatched to the control plane, it is rate limited 312 before dispatching. 314 6. Acknowledgements 316 This note grew out of a discussion among the author, Ole Troan, Mark 317 Townsley, Frank Brockners, and Shwetha Bhandari, and benefited from 318 comments by Dennis Ferguson, Brian Carpenter, Panos Kampanakis, 319 Jinmei Tatuya, and Joe Touch. Thanks to Fernando Gont for his 320 thoughtful review. 322 7. References 324 7.1. Normative References 326 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 327 Requirement Levels", BCP 14, RFC 2119, 328 DOI 10.17487/RFC2119, March 1997, 329 . 331 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 332 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 333 December 1998, . 335 [RFC7045] Carpenter, B. and S. Jiang, "Transmission and Processing 336 of IPv6 Extension Headers", RFC 7045, 337 DOI 10.17487/RFC7045, December 2013, 338 . 340 7.2. Informative References 342 [I-D.gont-v6ops-ipv6-ehs-packet-drops] 343 Gont, F., Hilliard, N., Doering, G., LIU, S., and W. 344 Kumari, "Operational Implications of IPv6 Packets with 345 Extension Headers", draft-gont-v6ops-ipv6-ehs-packet- 346 drops-03 (work in progress), March 2016. 348 [I-D.ietf-6man-rfc2460bis] 349 Deering, S. and B. Hinden, "Internet Protocol, Version 6 350 (IPv6) Specification", draft-ietf-6man-rfc2460bis-03 (work 351 in progress), January 2016. 353 [I-D.ietf-roll-trickle-mcast] 354 Hui, J. and R. Kelsey, "Multicast Protocol for Low power 355 and Lossy Networks (MPL)", draft-ietf-roll-trickle- 356 mcast-12 (work in progress), June 2015. 358 [I-D.ietf-v6ops-ipv6-ehs-in-real-world] 359 Gont, F., Linkova, J., Chown, T., and S. LIU, 360 "Observations on the Dropping of Packets with IPv6 361 Extension Headers in the Real World", draft-ietf-v6ops- 362 ipv6-ehs-in-real-world-02 (work in progress), December 363 2015. 365 [RFC2675] Borman, D., Deering, S., and R. Hinden, "IPv6 Jumbograms", 366 RFC 2675, DOI 10.17487/RFC2675, August 1999, 367 . 369 [RFC2711] Partridge, C. and A. Jackson, "IPv6 Router Alert Option", 370 RFC 2711, DOI 10.17487/RFC2711, October 1999, 371 . 373 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, 374 DOI 10.17487/RFC4302, December 2005, 375 . 377 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 378 RFC 4303, DOI 10.17487/RFC4303, December 2005, 379 . 381 [RFC4782] Floyd, S., Allman, M., Jain, A., and P. Sarolahti, "Quick- 382 Start for TCP and IP", RFC 4782, DOI 10.17487/RFC4782, 383 January 2007, . 385 [RFC5570] StJohns, M., Atkinson, R., and G. Thomas, "Common 386 Architecture Label IPv6 Security Option (CALIPSO)", 387 RFC 5570, DOI 10.17487/RFC5570, July 2009, 388 . 390 [RFC6398] Le Faucheur, F., Ed., "IP Router Alert Considerations and 391 Usage", BCP 168, RFC 6398, DOI 10.17487/RFC6398, October 392 2011, . 394 [RFC6553] Hui, J. and JP. Vasseur, "The Routing Protocol for Low- 395 Power and Lossy Networks (RPL) Option for Carrying RPL 396 Information in Data-Plane Datagrams", RFC 6553, 397 DOI 10.17487/RFC6553, March 2012, 398 . 400 [RFC6621] Macker, J., Ed., "Simplified Multicast Forwarding", 401 RFC 6621, DOI 10.17487/RFC6621, May 2012, 402 . 404 [RFC6971] Herberg, U., Ed., Cardenas, A., Iwao, T., Dow, M., and S. 405 Cespedes, "Depth-First Forwarding (DFF) in Unreliable 406 Networks", RFC 6971, DOI 10.17487/RFC6971, June 2013, 407 . 409 Appendix A. Change Log 411 RFC Editor: this section need not be published in any RFC. 413 Initial Version: October 2015: text copied from draft-baker-6man- 414 hbh-header-handling-03.txt and discussed in IETF 94 416 IETF 94 Update: Sections 2.2, 2..3, and 2.4 moved to an appendix 417 reflecting (negative) working group viewpoint on the modification 418 of packet length in flight. 420 The content of this document is likely to be subsumed into 2460bis 421 [I-D.ietf-6man-rfc2460bis], but is held separate for the present 422 discussion. 424 A new section 2.2 added detailing conceptual processing model for 425 HBH options. 427 version 2 Addressed editorial comments 429 Appendix B. HBH Options 431 At this writing, there are several defined Hop-by-Hop options: 433 PAD Options: The PAD1 and PADn [RFC2460] 435 Router Alert Option: The IPv6 Router Alert Option [RFC2711] 436 [RFC6398] 438 Jumbo Payload: [RFC2675] 440 RPL Option: [RFC6553] 442 Quickstart Option [RFC4782] 444 Common Architecture Label IPv6 Security Option: [RFC5570] 446 SMF Option: [RFC6621] 448 MPL Option: [I-D.ietf-roll-trickle-mcast] 450 DFF Option: [RFC6971] 452 Authors' Addresses 454 Fred Baker 455 Cisco Systems 456 Santa Barbara, California 93117 457 USA 459 Email: fred@cisco.com 461 Ron Bonica 462 Juniper Networks 463 Herndon, Virginia 20171 464 USA 466 Email: rbonica@juniper.net