idnits 2.17.1 draft-ietf-6man-rfc2460bis-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 157 has weird spacing: '...r layer a pro...' == Line 171 has weird spacing: '...ighbors nod...' == Line 173 has weird spacing: '...terface a n...' == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 18, 2015) is 3113 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-06) exists of draft-hinden-6man-rfc4291bis-05 -- Obsolete informational reference (is this intentional?): RFC 1981 (Obsoleted by RFC 8201) -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. Deering 3 Internet-Draft Retired 4 Obsoletes: 2460 (if approved) R. Hinden 5 Intended status: Standards Track Check Point Software 6 Expires: April 20, 2016 October 18, 2015 8 Internet Protocol, Version 6 (IPv6) Specification 9 draft-ietf-6man-rfc2460bis-00 11 Abstract 13 This document specifies version 6 of the Internet Protocol (IPv6), 14 also sometimes referred to as IP Next Generation or IPng. It 15 obsoletes RFC2460 17 Status of This Memo 19 This Internet-Draft is submitted in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF). Note that other groups may also distribute 24 working documents as Internet-Drafts. The list of current Internet- 25 Drafts is at http://datatracker.ietf.org/drafts/current/. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 This Internet-Draft will expire on April 20, 2016. 34 Copyright Notice 36 Copyright (c) 2015 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (http://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with respect 44 to this document. Code Components extracted from this document must 45 include Simplified BSD License text as described in Section 4.e of 46 the Trust Legal Provisions and are provided without warranty as 47 described in the Simplified BSD License. 49 This document may contain material from IETF Documents or IETF 50 Contributions published or made publicly available before November 51 10, 2008. The person(s) controlling the copyright in some of this 52 material may not have granted the IETF Trust the right to allow 53 modifications of such material outside the IETF Standards Process. 54 Without obtaining an adequate license from the person(s) controlling 55 the copyright in such materials, this document may not be modified 56 outside the IETF Standards Process, and derivative works of it may 57 not be created outside the IETF Standards Process, except to format 58 it for publication as an RFC or to translate it into languages other 59 than English. 61 Table of Contents 63 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 64 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 65 3. IPv6 Header Format . . . . . . . . . . . . . . . . . . . . . 5 66 4. IPv6 Extension Headers . . . . . . . . . . . . . . . . . . . 6 67 4.1. Extension Header Order . . . . . . . . . . . . . . . . . 8 68 4.2. Options . . . . . . . . . . . . . . . . . . . . . . . . . 9 69 4.3. Hop-by-Hop Options Header . . . . . . . . . . . . . . . . 12 70 4.4. Routing Header . . . . . . . . . . . . . . . . . . . . . 12 71 4.5. Fragment Header . . . . . . . . . . . . . . . . . . . . . 14 72 4.6. Destination Options Header . . . . . . . . . . . . . . . 20 73 4.7. No Next Header . . . . . . . . . . . . . . . . . . . . . 21 74 4.8. Defining New Extention Headers and Options . . . . . . . 22 75 5. Packet Size Issues . . . . . . . . . . . . . . . . . . . . . 23 76 6. Flow Labels . . . . . . . . . . . . . . . . . . . . . . . . . 24 77 7. Traffic Classes . . . . . . . . . . . . . . . . . . . . . . . 24 78 8. Upper-Layer Protocol Issues . . . . . . . . . . . . . . . . . 24 79 8.1. Upper-Layer Checksums . . . . . . . . . . . . . . . . . . 24 80 8.2. Maximum Packet Lifetime . . . . . . . . . . . . . . . . . 26 81 8.3. Maximum Upper-Layer Payload Size . . . . . . . . . . . . 26 82 8.4. Responding to Packets Carrying Routing Headers . . . . . 27 83 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 84 10. Security Considerations . . . . . . . . . . . . . . . . . . . 27 85 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 28 86 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 28 87 12.1. Normative References . . . . . . . . . . . . . . . . . . 28 88 12.2. Informative References . . . . . . . . . . . . . . . . . 29 89 Appendix A. Formatting Guidelines for Options . . . . . . . . . 30 90 Appendix B. CHANGES SINCE RFC2460 . . . . . . . . . . . . . . . 33 91 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 36 93 1. Introduction 95 IP version 6 (IPv6) is a new version of the Internet Protocol, 96 designed as the successor to IP version 4 (IPv4) [RFC0791]. The 97 changes from IPv4 to IPv6 fall primarily into the following 98 categories: 100 o Expanded Addressing Capabilities 102 IPv6 increases the IP address size from 32 bits to 128 bits, to 103 support more levels of addressing hierarchy, a much greater 104 number of addressable nodes, and simpler auto-configuration of 105 addresses. The scalability of multicast routing is improved by 106 adding a "scope" field to multicast addresses. And a new type 107 of address called an "anycast address" is defined, used to send 108 a packet to any one of a group of nodes. 110 o Header Format Simplification 112 Some IPv4 header fields have been dropped or made optional, to 113 reduce the common-case processing cost of packet handling and 114 to limit the bandwidth cost of the IPv6 header. 116 o Improved Support for Extensions and Options 118 Changes in the way IP header options are encoded allows for 119 more efficient forwarding, less stringent limits on the length 120 of options, and greater flexibility for introducing new options 121 in the future. 123 o Flow Labeling Capability 125 A new capability is added to enable the labeling of sequences 126 of packets for which the sender requests to be treated in the 127 network as a single flow. 129 o Authentication and Privacy Capabilities 131 Extensions to support authentication, data integrity, and 132 (optional) data confidentiality are specified for IPv6. 134 This document specifies the basic IPv6 header and the initially- 135 defined IPv6 extension headers and options. It also discusses packet 136 size issues, the semantics of flow labels and traffic classes, and 137 the effects of IPv6 on upper-layer protocols. The format and 138 semantics of IPv6 addresses are specified separately in 140 [I-D.hinden-6man-rfc4291bis]. The IPv6 version of ICMP, which all 141 IPv6 implementations are required to include, is specified in 142 [RFC4443] 144 Note: As this document obsoletes [RFC2460], any document referenced 145 in this document that includes pointers to RFC2460, should be 146 interpreted as referencing this document. 148 2. Terminology 150 node a device that implements IPv6. 152 router a node that forwards IPv6 packets not explicitly 153 addressed to itself. [See Note below]. 155 host any node that is not a router. [See Note below]. 157 upper layer a protocol layer immediately above IPv6. Examples are 158 transport protocols such as TCP and UDP, control 159 protocols such as ICMP, routing protocols such as OSPF, 160 and internet or lower-layer protocols being "tunneled" 161 over (i.e., encapsulated in) IPv6 such as IPX, 162 AppleTalk, or IPv6 itself. 164 link a communication facility or medium over which nodes can 165 communicate at the link layer, i.e., the layer 166 immediately below IPv6. Examples are Ethernets (simple 167 or bridged); PPP links; X.25, Frame Relay, or ATM 168 networks; and internet (or higher) layer "tunnels", such 169 as tunnels over IPv4 or IPv6 itself. 171 neighbors nodes attached to the same link. 173 interface a node's attachment to a link. 175 address an IPv6-layer identifier for an interface or a set of 176 interfaces. 178 packet an IPv6 header plus payload. 180 link MTU the maximum transmission unit, i.e., maximum packet size 181 in octets, that can be conveyed over a link. 183 path MTU the minimum link MTU of all the links in a path between 184 a source node and a destination node. 186 Note: it is possible, though unusual, for a device with multiple 187 interfaces to be configured to forward non-self-destined packets 188 arriving from some set (fewer than all) of its interfaces, and to 189 discard non-self-destined packets arriving from its other interfaces. 190 Such a device must obey the protocol requirements for routers when 191 receiving packets from, and interacting with neighbors over, the 192 former (forwarding) interfaces. It must obey the protocol 193 requirements for hosts when receiving packets from, and interacting 194 with neighbors over, the latter (non-forwarding) interfaces. 196 3. IPv6 Header Format 198 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 199 |Version| Traffic Class | Flow Label | 200 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 201 | Payload Length | Next Header | Hop Limit | 202 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 203 | | 204 + + 205 | | 206 + Source Address + 207 | | 208 + + 209 | | 210 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 211 | | 212 + + 213 | | 214 + Destination Address + 215 | | 216 + + 217 | | 218 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 220 Version 4-bit Internet Protocol version number = 6. 222 Traffic Class 8-bit traffic class field. See section 7. 224 Flow Label 20-bit flow label. See section 6. 226 Payload Length 16-bit unsigned integer. Length of the IPv6 227 payload, i.e., the rest of the packet 228 following this IPv6 header, in octets. (Note 229 that any extension headers [section 4] present 230 are considered part of the payload, i.e., 231 included in the length count.) 233 Next Header 8-bit selector. Identifies the type of header 234 immediately following the IPv6 header. Uses 235 the same values as the IPv4 Protocol field 236 [IANA-PN]. 238 Hop Limit 8-bit unsigned integer. Decremented by 1 by 239 each node that forwards the packet. The 240 packet is discarded if Hop Limit is 241 decremented to zero, or is received with a 242 zero Hop Limit. 244 Source Address 128-bit address of the originator of the 245 packet. See [I-D.hinden-6man-rfc4291bis]. 247 Destination Address 128-bit address of the intended recipient of 248 the packet (possibly not the ultimate 249 recipient, if a Routing header is present). 250 See [I-D.hinden-6man-rfc4291bis] and section 251 4.4. 253 4. IPv6 Extension Headers 255 In IPv6, optional internet-layer information is encoded in separate 256 headers that may be placed between the IPv6 header and the upper- 257 layer header in a packet. There are a small number of such extension 258 headers, each identified by a distinct Next Header value. As 259 illustrated in these examples, an IPv6 packet may carry zero, one, or 260 more extension headers, each identified by the Next Header field of 261 the preceding header: 263 +---------------+------------------------ 264 | IPv6 header | TCP header + data 265 | | 266 | Next Header = | 267 | TCP | 268 +---------------+------------------------ 270 +---------------+----------------+------------------------ 271 | IPv6 header | Routing header | TCP header + data 272 | | | 273 | Next Header = | Next Header = | 274 | Routing | TCP | 275 +---------------+----------------+------------------------ 277 +---------------+----------------+-----------------+----------------- 278 | IPv6 header | Routing header | Fragment header | fragment of TCP 279 | | | | header + data 280 | Next Header = | Next Header = | Next Header = | 281 | Routing | Fragment | TCP | 282 +---------------+----------------+-----------------+----------------- 284 With one exception, extension headers are not processed by any node 285 along a packet's delivery path, until the packet reaches the node (or 286 each of the set of nodes, in the case of multicast) identified in the 287 Destination Address field of the IPv6 header. Note: If an 288 intermediate forwarding node examines an extension header for any 289 reason, it must do so in accordance with the provisions of [RFC7045]. 290 At the Destination node, normal demultiplexing on the Next Header 291 field of the IPv6 header invokes the module to process the first 292 extension header, or the upper-layer header if no extension header is 293 present. The contents and semantics of each extension header 294 determine whether or not to proceed to the next header. Therefore, 295 extension headers must be processed strictly in the order they appear 296 in the packet; a receiver must not, for example, scan through a 297 packet looking for a particular kind of extension header and process 298 that header prior to processing all preceding ones. 300 The exception referred to in the preceding paragraph is the Hop-by- 301 Hop Options header, which carries information that should be examined 302 and processed by every node along a packet's delivery path, including 303 the source and destination nodes. The Hop-by-Hop Options header, 304 when present, must immediately follow the IPv6 header. Its presence 305 is indicated by the value zero in the Next Header field of the IPv6 306 header. 308 It should be noted that due to performance restrictions nodes may 309 ignore the Hop-by-Hop Option header, drop packets containing a hop- 310 by-hop option header, or assign packets containing a hop-by-hop 311 option header to a slow processing path. Designers planning to use a 312 hop-by-hop option need to be aware of this likely behaviour. 314 If, as a result of processing a header, a node is required to proceed 315 to the next header but the Next Header value in the current header is 316 unrecognized by the node, it should discard the packet and send an 317 ICMP Parameter Problem message to the source of the packet, with an 318 ICMP Code value of 1 ("unrecognized Next Header type encountered") 319 and the ICMP Pointer field containing the offset of the unrecognized 320 value within the original packet. The same action should be taken if 321 a node encounters a Next Header value of zero in any header other 322 than an IPv6 header. 324 Each extension header is an integer multiple of 8 octets long, in 325 order to retain 8-octet alignment for subsequent headers. Multi- 326 octet fields within each extension header are aligned on their 327 natural boundaries, i.e., fields of width n octets are placed at an 328 integer multiple of n octets from the start of the header, for n = 1, 329 2, 4, or 8. 331 A full implementation of IPv6 includes implementation of the 332 following extension headers: 334 Hop-by-Hop Options 335 Fragment 336 Destination Options 337 Authentication 338 Encapsulating Security Payload 340 The first three are specified in this document; the last two are 341 specified in [RFC4302] and [RFC4303], respectively. 343 4.1. Extension Header Order 345 When more than one extension header is used in the same packet, it is 346 recommended that those headers appear in the following order: 348 IPv6 header 349 Hop-by-Hop Options header 350 Destination Options header (note 1) 351 Routing header 352 Fragment header 353 Authentication header (note 2) 354 Encapsulating Security Payload header (note 2) 355 Destination Options header (note 3) 356 upper-layer header 357 note 1: for options to be processed by the first destination that 358 appears in the IPv6 Destination Address field plus 359 subsequent destinations listed in the Routing header. 361 note 2: additional recommendations regarding the relative order of 362 the Authentication and Encapsulating Security Payload 363 headers are given in [RFC4303]. 365 note 3: for options to be processed only by the final destination 366 of the packet. 368 Each extension header should occur at most once, except for the 369 Destination Options header which should occur at most twice (once 370 before a Routing header and once before the upper-layer header). 372 If the upper-layer header is another IPv6 header (in the case of IPv6 373 being tunneled over or encapsulated in IPv6), it may be followed by 374 its own extension headers, which are separately subject to the same 375 ordering recommendations. 377 If and when other extension headers are defined, their ordering 378 constraints relative to the above listed headers must be specified. 380 IPv6 nodes must accept and attempt to process extension headers in 381 any order and occurring any number of times in the same packet, 382 except for the Hop-by-Hop Options header which is restricted to 383 appear immediately after an IPv6 header only. Nonetheless, it is 384 strongly advised that sources of IPv6 packets adhere to the above 385 recommended order until and unless subsequent specifications revise 386 that recommendation. 388 4.2. Options 390 Two of the currently-defined extension headers -- the Hop-by-Hop 391 Options header and the Destination Options header -- carry a variable 392 number of type-length-value (TLV) encoded "options", of the following 393 format: 395 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 396 | Option Type | Opt Data Len | Option Data 397 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 399 Option Type 8-bit identifier of the type of option. 401 Opt Data Len 8-bit unsigned integer. Length of the Option 402 Data field of this option, in octets. 404 Option Data Variable-length field. Option-Type-specific 405 data. 407 The sequence of options within a header must be processed strictly in 408 the order they appear in the header; a receiver must not, for 409 example, scan through the header looking for a particular kind of 410 option and process that option prior to processing all preceding 411 ones. 413 The Option Type identifiers are internally encoded such that their 414 highest-order two bits specify the action that must be taken if the 415 processing IPv6 node does not recognize the Option Type: 417 00 - skip over this option and continue processing the header. 419 01 - discard the packet. 421 10 - discard the packet and, regardless of whether or not the 422 packet's Destination Address was a multicast address, send an 423 ICMP Parameter Problem, Code 2, message to the packet's 424 Source Address, pointing to the unrecognized Option Type. 426 11 - discard the packet and, only if the packet's Destination 427 Address was not a multicast address, send an ICMP Parameter 428 Problem, Code 2, message to the packet's Source Address, 429 pointing to the unrecognized Option Type. 431 The third-highest-order bit of the Option Type specifies whether or 432 not the Option Data of that option can change en-route to the 433 packet's final destination. When an Authentication header is present 434 in the packet, for any option whose data may change en-route, its 435 entire Option Data field must be treated as zero-valued octets when 436 computing or verifying the packet's authenticating value. 438 0 - Option Data does not change en-route 440 1 - Option Data may change en-route 442 The three high-order bits described above are to be treated as part 443 of the Option Type, not independent of the Option Type. That is, a 444 particular option is identified by a full 8-bit Option Type, not just 445 the low-order 5 bits of an Option Type. 447 The same Option Type numbering space is used for both the Hop-by-Hop 448 Options header and the Destination Options header. However, the 449 specification of a particular option may restrict its use to only one 450 of those two headers. 452 Individual options may have specific alignment requirements, to 453 ensure that multi-octet values within Option Data fields fall on 454 natural boundaries. The alignment requirement of an option is 455 specified using the notation xn+y, meaning the Option Type must 456 appear at an integer multiple of x octets from the start of the 457 header, plus y octets. For example: 459 2n means any 2-octet offset from the start of the header. 460 8n+2 means any 8-octet offset from the start of the header, plus 2 461 octets. 463 There are two padding options which are used when necessary to align 464 subsequent options and to pad out the containing header to a multiple 465 of 8 octets in length. These padding options must be recognized by 466 all IPv6 implementations: 468 Pad1 option (alignment requirement: none) 470 +-+-+-+-+-+-+-+-+ 471 | 0 | 472 +-+-+-+-+-+-+-+-+ 474 NOTE! the format of the Pad1 option is a special case -- it does 475 not have length and value fields. 477 The Pad1 option is used to insert one octet of padding into the 478 Options area of a header. If more than one octet of padding is 479 required, the PadN option, described next, should be used, rather 480 than multiple Pad1 options. 482 PadN option (alignment requirement: none) 484 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 485 | 1 | Opt Data Len | Option Data 486 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 488 The PadN option is used to insert two or more octets of padding 489 into the Options area of a header. For N octets of padding, the 490 Opt Data Len field contains the value N-2, and the Option Data 491 consists of N-2 zero-valued octets. 493 Appendix A contains formatting guidelines for designing new options. 495 4.3. Hop-by-Hop Options Header 497 The Hop-by-Hop Options header is used to carry optional information 498 that must be examined by every node along a packet's delivery path. 499 The Hop-by-Hop Options header is identified by a Next Header value of 500 0 in the IPv6 header, and has the following format: 502 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 503 | Next Header | Hdr Ext Len | | 504 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 505 | | 506 . . 507 . Options . 508 . . 509 | | 510 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 512 Next Header 8-bit selector. Identifies the type of header 513 immediately following the Hop-by-Hop Options 514 header. Uses the same values as the IPv4 515 Protocol field [IANA-PN]. 517 Hdr Ext Len 8-bit unsigned integer. Length of the Hop-by- 518 Hop Options header in 8-octet units, not 519 including the first 8 octets. 521 Options Variable-length field, of length such that the 522 complete Hop-by-Hop Options header is an 523 integer multiple of 8 octets long. Contains 524 one or more TLV-encoded options, as described 525 in section 4.2. 527 The only hop-by-hop options defined in this document are the Pad1 and 528 PadN options specified in section 4.2. 530 4.4. Routing Header 532 The Routing header is used by an IPv6 source to list one or more 533 intermediate nodes to be "visited" on the way to a packet's 534 destination. This function is very similar to IPv4's Loose Source 535 and Record Route option. The Routing header is identified by a Next 536 Header value of 43 in the immediately preceding header, and has the 537 following format: 539 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 540 | Next Header | Hdr Ext Len | Routing Type | Segments Left | 541 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 542 | | 543 . . 544 . type-specific data . 545 . . 546 | | 547 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 549 Next Header 8-bit selector. Identifies the type of header 550 immediately following the Routing header. 551 Uses the same values as the IPv4 Protocol 552 field [IANA-PN]. 554 Hdr Ext Len 8-bit unsigned integer. Length of the Routing 555 header in 8-octet units, not including the 556 first 8 octets. 558 Routing Type 8-bit identifier of a particular Routing 559 header variant. 561 Segments Left 8-bit unsigned integer. Number of route 562 segments remaining, i.e., number of explicitly 563 listed intermediate nodes still to be visited 564 before reaching the final destination. 566 type-specific data Variable-length field, of format determined by 567 the Routing Type, and of length such that the 568 complete Routing header is an integer multiple 569 of 8 octets long. 571 If, while processing a received packet, a node encounters a Routing 572 header with an unrecognized Routing Type value, the required behavior 573 of the node depends on the value of the Segments Left field, as 574 follows: 576 If Segments Left is zero, the node must ignore the Routing header 577 and proceed to process the next header in the packet, whose type 578 is identified by the Next Header field in the Routing header. 580 If Segments Left is non-zero, the node must discard the packet and 581 send an ICMP Parameter Problem, Code 0, message to the packet's 582 Source Address, pointing to the unrecognized Routing Type. 584 If, after processing a Routing header of a received packet, an 585 intermediate node determines that the packet is to be forwarded onto 586 a link whose link MTU is less than the size of the packet, the node 587 must discard the packet and send an ICMP Packet Too Big message to 588 the packet's Source Address. 590 The currently defined IPv6 Routing Headers and their status can be 591 found at [IANA-RH]. Allocation guidelines for IPv6 Routing Headers 592 can be found in [RFC5871]. 594 4.5. Fragment Header 596 The Fragment header is used by an IPv6 source to send a packet larger 597 than would fit in the path MTU to its destination. (Note: unlike 598 IPv4, fragmentation in IPv6 is performed only by source nodes, not by 599 routers along a packet's delivery path -- see section 5.) The 600 Fragment header is identified by a Next Header value of 44 in the 601 immediately preceding header, and has the following format: 603 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 604 | Next Header | Reserved | Fragment Offset |Res|M| 605 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 606 | Identification | 607 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 609 Next Header 8-bit selector. Identifies the initial header 610 type of the Fragmentable Part of the original 611 packet (defined below). Uses the same values 612 as the IPv4 Protocol field [IANA-PN]. 614 Reserved 8-bit reserved field. Initialized to zero for 615 transmission; ignored on reception. 617 Fragment Offset 13-bit unsigned integer. The offset, in 618 8-octet units, of the data following this 619 header, relative to the start of the 620 Fragmentable Part of the original packet. 622 Res 2-bit reserved field. Initialized to zero for 623 transmission; ignored on reception. 625 M flag 1 = more fragments; 0 = last fragment. 627 Identification 32 bits. See description below. 629 In order to send a packet that is too large to fit in the MTU of the 630 path to its destination, a source node may divide the packet into 631 fragments and send each fragment as a separate packet, to be 632 reassembled at the receiver. 634 For every packet that is to be fragmented, the source node generates 635 an Identification value. The Identification must be different than 636 that of any other fragmented packet sent recently* with the same 637 Source Address and Destination Address. If a Routing header is 638 present, the Destination Address of concern is that of the final 639 destination. 641 * "recently" means within the maximum likely lifetime of a 642 packet, including transit time from source to destination and 643 time spent awaiting reassembly with other fragments of the same 644 packet. However, it is not required that a source node know 645 the maximum packet lifetime. Rather, it is assumed that the 646 requirement can be met by maintaining the Identification value 647 as a simple, 32-bit, "wrap-around" counter, incremented each 648 time a packet must be fragmented. It is an implementation 649 choice whether to maintain a single counter for the node or 650 multiple counters, e.g., one for each of the node's possible 651 source addresses, or one for each active (source address, 652 destination address) combination. 654 The initial, large, unfragmented packet is referred to as the 655 "original packet", and it is considered to consist of three parts, as 656 illustrated: 658 original packet: 660 +------------------+-------------------------+---//----------------+ 661 | Unfragmentable | Extention & Upper-Layer | Fragmentable | 662 | Headers | Headers | Part | 663 +------------------+-------------------------+---//----------------+ 665 The Unfragmentable Headers consists of the IPv6 header plus any 666 extension headers that must be processed by nodes en route to the 667 destination, that is, all headers up to and including the Routing 668 header if present, else the Hop-by-Hop Options header if present, 669 else no extension headers. 671 The Ext Hdrs are all other extension headers that are not included 672 in the Unfragmentable headers part of the packet. For this 673 purpose, the IP Authentication Header (AH) and the Encapsulating 674 Security Payload (ESP) are not considered extension headers. The 675 Upper-Layer Header is the first upper-layer header that is not an 676 IPv6 extension header. Examples of upper-layer headers include 677 TCP, UDP, IPv4, IPv6, ICMPv6, and as noted AH and ESP. 679 The Fragmentable Part consists of the rest of the packet after the 680 upper-layer header. 682 The Fragmentable Part of the original packet is divided into 683 fragments, each, except possibly the last ("rightmost") one, being an 684 integer multiple of 8 octets long. The fragments are transmitted in 685 separate "fragment packets" as illustrated: 687 original packet: 689 +-----------------+-----------------+--------+--------+-//-+--------+ 690 | Unfragmentable |Ext & Upper-Layer| first | second | | last | 691 | Headers | Headers |fragment|fragment|....|fragment| 692 +-----------------+-----------------+--------+--------+-//-+--------+ 694 fragment packets: 696 +------------------+---------+-------------------+----------+ 697 | Unfragmentable |Fragment | Ext & Upper-Layer | first | 698 | Headers | Header | Headers | fragment | 699 +------------------+---------+-------------------+----------+ 701 +------------------+--------+-------------------------------+ 702 | Unfragmentable |Fragment| second | 703 | Headers | Header | fragment | 704 +------------------+--------+-------------------------------+ 705 o 706 o 707 o 708 +------------------+--------+----------+ 709 | Unfragmentable |Fragment| last | 710 | Headers | Header | fragment | 711 +------------------+--------+----------+ 713 The first fragment packet is composed of: 715 (1) The Unfragmentable Headers of the original packet, with the 716 Payload Length of the original IPv6 header changed to contain the 717 length of this fragment packet only (excluding the length of the 718 IPv6 header itself), and the Next Header field of the last header 719 of the Unfragmentable Headers changed to 44. 721 (2) A Fragment header containing: 723 The Next Header value that identifies the first header after 724 the Unfragmentable Headers of the original packet. 726 A Fragment Offset containing the offset of the fragment, in 727 8-octet units, relative to the start of the Fragmentable Part 728 of the original packet. The Fragment Offset of the first 729 ("leftmost") fragment is 0. 731 An M flag value of 1 as this is the first fragment. 733 The Identification value generated for the original packet. 735 (3) Extension Headers, if any, and the Upper-Layer header. These 736 headers must be in the first fragment. 738 (4) The first fragment. 740 The subsequent fragment packets are composed of: 742 (1) The Unfragmentable Headers of the original packet, with the 743 Payload Length of the original IPv6 header changed to contain the 744 length of this fragment packet only (excluding the length of the 745 IPv6 header itself), and the Next Header field of the last header 746 of the Unfragmentable Headers changed to 44. 748 (2) A Fragment header containing: 750 The Next Header value that identifies the first header after 751 the Unfragmentable Headers of the original packet. 753 A Fragment Offset containing the offset of the fragment, in 754 8-octet units, relative to the start of the Fragmentable part 755 of the original packet. 757 An M flag value of 0 if the fragment is the last ("rightmost") 758 one, else an M flag value of 1. 760 The Identification value generated for the original packet. 762 (3) The fragment itself. 764 The lengths of the fragments must be chosen such that the resulting 765 fragment packets fit within the MTU of the path to the packets' 766 destination(s). 768 Fragments must not be created that overlap with any other fragments 769 created from the original packet. 771 At the destination, fragment packets are reassembled into their 772 original, unfragmented form, as illustrated: 774 reassembled original packet: 776 +---------------+-----------------+---------+--------+-//--+--------+ 777 | Unfragmentable|Ext & Upper-Layer| first | second | | last | 778 | Headers | Headers |frag data|fragment|.....|fragment| 779 +---------------+-----------------+---------+--------+-//--+--------+ 781 The following rules govern reassembly: 783 An original packet is reassembled only from fragment packets that 784 have the same Source Address, Destination Address, and Fragment 785 Identification. 787 The Unfragmentable Headers of the reassembled packet consists of 788 all headers up to, but not including, the Fragment header of the 789 first fragment packet (that is, the packet whose Fragment Offset 790 is zero), with the following two changes: 792 The Next Header field of the last header of the Unfragmentable 793 Headers is obtained from the Next Header field of the first 794 fragment's Fragment header. 796 The Payload Length of the reassembled packet is computed from 797 the length of the Unfragmentable Headers and the length and 798 offset of the last fragment. For example, a formula for 799 computing the Payload Length of the reassembled original packet 800 is: 802 PL.orig = PL.first - FL.first - 8 + (8 * FO.last) + FL.last 804 where 805 PL.orig = Payload Length field of reassembled packet. 806 PL.first = Payload Length field of first fragment packet. 808 FL.first = length of fragment following Fragment header of 809 first fragment packet. 810 FO.last = Fragment Offset field of Fragment header of last 811 fragment packet. 812 FL.last = length of fragment following Fragment header of 813 last fragment packet. 815 The Fragmentable Part of the reassembled packet is constructed 816 from the fragments following the Fragment headers in each of 817 the fragment packets. The length of each fragment is computed 818 by subtracting from the packet's Payload Length the length of 819 the headers between the IPv6 header and fragment itself; its 820 relative position in Fragmentable Part is computed from its 821 Fragment Offset value. 823 The Fragment header is not present in the final, reassembled 824 packet. 826 If any of the fragments being reassembled overlaps with any 827 other fragments being reassembled for the same packet, 828 reassembly of that packet must be abandoned and all the 829 fragments that have been received for that packet must be 830 discarded. 832 If the fragment is a whole datagram (that is, both the Fragment 833 Offset field and the M flag are zero), then it does not need 834 any further reassembly and should be processed as a fully 835 reassembled packet (i.e., updating Next Header, adjust Payload 836 Length, removing the Fragmentation Header, etc.). Any other 837 fragments that match this packet (i.e., the same IPv6 Source 838 Address, IPv6 Destination Address, and Fragment Identification) 839 should be processed independently. 841 The following error conditions may arise when reassembling fragmented 842 packets: 844 If insufficient fragments are received to complete reassembly of a 845 packet within 60 seconds of the reception of the first-arriving 846 fragment of that packet, reassembly of that packet must be 847 abandoned and all the fragments that have been received for that 848 packet must be discarded. If the first fragment (i.e., the one 849 with a Fragment Offset of zero) has been received, an ICMP Time 850 Exceeded -- Fragment Reassembly Time Exceeded message should be 851 sent to the source of that fragment. 853 If the length of a fragment, as derived from the fragment packet's 854 Payload Length field, is not a multiple of 8 octets and the M flag 855 of that fragment is 1, then that fragment must be discarded and an 856 ICMP Parameter Problem, Code 0, message should be sent to the 857 source of the fragment, pointing to the Payload Length field of 858 the fragment packet. 860 If the length and offset of a fragment are such that the Payload 861 Length of the packet reassembled from that fragment would exceed 862 65,535 octets, then that fragment must be discarded and an ICMP 863 Parameter Problem, Code 0, message should be sent to the source of 864 the fragment, pointing to the Fragment Offset field of the 865 fragment packet. 867 If the first fragment does not include all headers through an 868 Upper-Layer header, then that fragment should be discarded and an 869 ICMP Parameter Problem, Code 3, message should be sent to the 870 source of the fragment, with the Pointer field set to zero. 872 The following conditions are not expected to occur, but are not 873 considered errors if they do: 875 The number and content of the headers preceding the Fragment 876 header of different fragments of the same original packet may 877 differ. Whatever headers are present, preceding the Fragment 878 header in each fragment packet, are processed when the packets 879 arrive, prior to queueing the fragments for reassembly. Only 880 those headers in the Offset zero fragment packet are retained in 881 the reassembled packet. 883 The Next Header values in the Fragment headers of different 884 fragments of the same original packet may differ. Only the value 885 from the Offset zero fragment packet is used for reassembly. 887 4.6. Destination Options Header 889 The Destination Options header is used to carry optional information 890 that need be examined only by a packet's destination node(s). The 891 Destination Options header is identified by a Next Header value of 60 892 in the immediately preceding header, and has the following format: 894 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 895 | Next Header | Hdr Ext Len | | 896 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 897 | | 898 . . 899 . Options . 900 . . 901 | | 902 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 903 Next Header 8-bit selector. Identifies the type of header 904 immediately following the Destination Options 905 header. Uses the same values as the IPv4 906 Protocol field [IANA-PN]. 908 Hdr Ext Len 8-bit unsigned integer. Length of the 909 Destination Options header in 8-octet units, 910 not including the first 8 octets. 912 Options Variable-length field, of length such that the 913 complete Destination Options header is an 914 integer multiple of 8 octets long. Contains 915 one or more TLV-encoded options, as described 916 in section 4.2. 918 The only destination options defined in this document are the Pad1 919 and PadN options specified in section 4.2. 921 Note that there are two possible ways to encode optional destination 922 information in an IPv6 packet: either as an option in the Destination 923 Options header, or as a separate extension header. The Fragment 924 header and the Authentication header are examples of the latter 925 approach. Which approach can be used depends on what action is 926 desired of a destination node that does not understand the optional 927 information: 929 o If the desired action is for the destination node to discard 930 the packet and, only if the packet's Destination Address is not 931 a multicast address, send an ICMP Unrecognized Type message to 932 the packet's Source Address, then the information may be 933 encoded either as a separate header or as an option in the 934 Destination Options header whose Option Type has the value 11 935 in its highest-order two bits. The choice may depend on such 936 factors as which takes fewer octets, or which yields better 937 alignment or more efficient parsing. 939 o If any other action is desired, the information must be encoded 940 as an option in the Destination Options header whose Option 941 Type has the value 00, 01, or 10 in its highest-order two bits, 942 specifying the desired action (see section 4.2). 944 4.7. No Next Header 946 The value 59 in the Next Header field of an IPv6 header or any 947 extension header indicates that there is nothing following that 948 header. If the Payload Length field of the IPv6 header indicates the 949 presence of octets past the end of a header whose Next Header field 950 contains 59, those octets must be ignored, and passed on unchanged if 951 the packet is forwarded. 953 4.8. Defining New Extention Headers and Options 955 No new extension headers that require hop-by-hop behavior should be 956 defined. 958 New hop-by-hop options are not recommended because, due to 959 performance restrictions, nodes may ignore the Hop-by-Hop Option 960 header, drop packets containing a hop-by-hop header, or assign 961 packets containing a hop-by-hop header to a slow processing path. 962 Designers considering defining new hop-by-hop options need to be 963 aware of this likely behaviour. There has to a very clear 964 justification why any new hop-by-hop option is needed before it is 965 standardized. 967 Instead of defining new Extension Headers, it is recommended that the 968 Destination Options header is used to carry optional information that 969 need be examined only by a packet's destination node(s), because they 970 provide better handling and backward compatibility. Defining new 971 IPv6 extension headers is not recommended. There has to a very clear 972 justification why any new extension header is needed before it is 973 standardized. 975 If new Extension Headers are defined, they need to use the following 976 format: 978 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 979 | Next Header | Hdr Ext Len | | 980 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 981 | | 982 . . 983 . Header Specific Data . 984 . . 985 | | 986 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 988 Next Header 8-bit selector. Identifies the type of 989 header immediately following the extension 990 header. Uses the same values as the IPv4 991 Protocol field [IANA-PN]. 993 Hdr Ext Len 8-bit unsigned integer. Length of the 994 Destination Options header in 8-octet units, 995 not including the first 8 octets. 997 Header Specific Data Variable-length field, Fields specific to 998 the extension header. 1000 5. Packet Size Issues 1002 IPv6 requires that every link in the internet have an MTU of 1280 1003 octets or greater. On any link that cannot convey a 1280-octet 1004 packet in one piece, link-specific fragmentation and reassembly must 1005 be provided at a layer below IPv6. 1007 Links that have a configurable MTU (for example, PPP links [RFC1661]) 1008 must be configured to have an MTU of at least 1280 octets; it is 1009 recommended that they be configured with an MTU of 1500 octets or 1010 greater, to accommodate possible encapsulations (i.e., tunneling) 1011 without incurring IPv6-layer fragmentation. 1013 From each link to which a node is directly attached, the node must be 1014 able to accept packets as large as that link's MTU. 1016 It is strongly recommended that IPv6 nodes implement Path MTU 1017 Discovery [RFC1981], in order to discover and take advantage of path 1018 MTUs greater than 1280 octets. However, a minimal IPv6 1019 implementation (e.g., in a boot ROM) may simply restrict itself to 1020 sending packets no larger than 1280 octets, and omit implementation 1021 of Path MTU Discovery. 1023 In order to send a packet larger than a path's MTU, a node may use 1024 the IPv6 Fragment header to fragment the packet at the source and 1025 have it reassembled at the destination(s). However, the use of such 1026 fragmentation is discouraged in any application that is able to 1027 adjust its packets to fit the measured path MTU (i.e., down to 1280 1028 octets). 1030 A node must be able to accept a fragmented packet that, after 1031 reassembly, is as large as 1500 octets. A node is permitted to 1032 accept fragmented packets that reassemble to more than 1500 octets. 1033 An upper-layer protocol or application that depends on IPv6 1034 fragmentation to send packets larger than the MTU of a path should 1035 not send packets larger than 1500 octets unless it has assurance that 1036 the destination is capable of reassembling packets of that larger 1037 size. 1039 In response to an IPv6 packet that is sent to an IPv4 destination 1040 (i.e., a packet that undergoes translation from IPv6 to IPv4), the 1041 originating IPv6 node may receive an ICMP Packet Too Big message 1042 reporting a Next-Hop MTU less than 1280. In that case, the IPv6 node 1043 is not required to reduce the size of subsequent packets to less than 1044 1280, but must include a Fragment header in those packets so that the 1045 IPv6-to-IPv4 translating router can obtain a suitable Identification 1046 value to use in resulting IPv4 fragments. Note that this means the 1047 payload may have to be reduced to 1232 octets (1280 minus 40 for the 1048 IPv6 header and 8 for the Fragment header), and smaller still if 1049 additional extension headers are used. 1051 6. Flow Labels 1053 The 20-bit Flow Label field in the IPv6 header is used by a source to 1054 label sequences of packets to be treated in the network as a single 1055 flow. 1057 The current definition of the IPv6 Flow Label can be found in 1058 [RFC6437]. 1060 7. Traffic Classes 1062 The 8-bit Traffic Class field in the IPv6 header is used by the 1063 network for traffic management. The value of the Traffic Class bits 1064 in a received packet might be different from the value sent by the 1065 packet's source. 1067 The current use of the Traffic Class field for Differentiated 1068 Services and Explicit Congestion Notification is specified in 1069 [RFC2474] and [RFC3168]. 1071 8. Upper-Layer Protocol Issues 1073 8.1. Upper-Layer Checksums 1075 Any transport or other upper-layer protocol that includes the 1076 addresses from the IP header in its checksum computation must be 1077 modified for use over IPv6, to include the 128-bit IPv6 addresses 1078 instead of 32-bit IPv4 addresses. In particular, the following 1079 illustration shows the TCP and UDP "pseudo-header" for IPv6: 1081 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1082 | | 1083 + + 1084 | | 1085 + Source Address + 1086 | | 1087 + + 1088 | | 1089 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1090 | | 1091 + + 1092 | | 1093 + Destination Address + 1094 | | 1095 + + 1096 | | 1097 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1098 | Upper-Layer Packet Length | 1099 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1100 | zero | Next Header | 1101 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1103 o If the IPv6 packet contains a Routing header, the Destination 1104 Address used in the pseudo-header is that of the final 1105 destination. At the originating node, that address will be in 1106 the last element of the Routing header; at the recipient(s), 1107 that address will be in the Destination Address field of the 1108 IPv6 header. 1110 o The Next Header value in the pseudo-header identifies the 1111 upper-layer protocol (e.g., 6 for TCP, or 17 for UDP). It will 1112 differ from the Next Header value in the IPv6 header if there 1113 are extension headers between the IPv6 header and the upper- 1114 layer header. 1116 o The Upper-Layer Packet Length in the pseudo-header is the 1117 length of the upper-layer header and data (e.g., TCP header 1118 plus TCP data). Some upper-layer protocols carry their own 1119 length information (e.g., the Length field in the UDP header); 1120 for such protocols, that is the length used in the pseudo- 1121 header. Other protocols (such as TCP) do not carry their own 1122 length information, in which case the length used in the 1123 pseudo-header is the Payload Length from the IPv6 header, minus 1124 the length of any extension headers present between the IPv6 1125 header and the upper-layer header. 1127 o Unlike IPv4, the default behavior when UDP packets are 1128 originated by an IPv6 node, is that the UDP checksum is not 1129 optional. That is, whenever originating a UDP packet, an IPv6 1130 node must compute a UDP checksum over the packet and the 1131 pseudo-header, and, if that computation yields a result of 1132 zero, it must be changed to hex FFFF for placement in the UDP 1133 header. IPv6 receivers must discard UDP packets containing a 1134 zero checksum, and should log the error. 1136 o As an exception to the default behaviour, protocols that use 1137 UDP as a tunnel encapsulation may enable zero-checksum mode for 1138 a specific port (or set of ports) for sending and/or receiving. 1139 Any node implementing zero-checksum mode must follow the 1140 requirements specified in "Applicability Statement for the use 1141 of IPv6 UDP Datagrams with Zero Checksums" [RFC6936]. 1143 The IPv6 version of ICMP [RFC4443] includes the above pseudo-header 1144 in its checksum computation; this is a change from the IPv4 version 1145 of ICMP, which does not include a pseudo-header in its checksum. The 1146 reason for the change is to protect ICMP from misdelivery or 1147 corruption of those fields of the IPv6 header on which it depends, 1148 which, unlike IPv4, are not covered by an internet-layer checksum. 1149 The Next Header field in the pseudo-header for ICMP contains the 1150 value 58, which identifies the IPv6 version of ICMP. 1152 8.2. Maximum Packet Lifetime 1154 Unlike IPv4, IPv6 nodes are not required to enforce maximum packet 1155 lifetime. That is the reason the IPv4 "Time to Live" field was 1156 renamed "Hop Limit" in IPv6. In practice, very few, if any, IPv4 1157 implementations conform to the requirement that they limit packet 1158 lifetime, so this is not a change in practice. Any upper-layer 1159 protocol that relies on the internet layer (whether IPv4 or IPv6) to 1160 limit packet lifetime ought to be upgraded to provide its own 1161 mechanisms for detecting and discarding obsolete packets. 1163 8.3. Maximum Upper-Layer Payload Size 1165 When computing the maximum payload size available for upper-layer 1166 data, an upper-layer protocol must take into account the larger size 1167 of the IPv6 header relative to the IPv4 header. For example, in 1168 IPv4, TCP's MSS option is computed as the maximum packet size (a 1169 default value or a value learned through Path MTU Discovery) minus 40 1170 octets (20 octets for the minimum-length IPv4 header and 20 octets 1171 for the minimum-length TCP header). When using TCP over IPv6, the 1172 MSS must be computed as the maximum packet size minus 60 octets, 1173 because the minimum-length IPv6 header (i.e., an IPv6 header with no 1174 extension headers) is 20 octets longer than a minimum-length IPv4 1175 header. 1177 8.4. Responding to Packets Carrying Routing Headers 1179 When an upper-layer protocol sends one or more packets in response to 1180 a received packet that included a Routing header, the response 1181 packet(s) must not include a Routing header that was automatically 1182 derived by "reversing" the received Routing header UNLESS the 1183 integrity and authenticity of the received Source Address and Routing 1184 header have been verified (e.g., via the use of an Authentication 1185 header in the received packet). In other words, only the following 1186 kinds of packets are permitted in response to a received packet 1187 bearing a Routing header: 1189 o Response packets that do not carry Routing headers. 1191 o Response packets that carry Routing headers that were NOT 1192 derived by reversing the Routing header of the received packet 1193 (for example, a Routing header supplied by local 1194 configuration). 1196 o Response packets that carry Routing headers that were derived 1197 by reversing the Routing header of the received packet IF AND 1198 ONLY IF the integrity and authenticity of the Source Address 1199 and Routing header from the received packet have been verified 1200 by the responder. 1202 9. IANA Considerations 1204 RFC2460 is referenced in a number of IANA registries. These include: 1206 o Internet Protocol Version 6 (IPv6) Parameters [IANA-6P] 1208 o Assigned Internet Protocol Numbers [IANA-PN] 1210 The IANA should update these references to point to this document. 1212 10. Security Considerations 1214 The security features of IPv6 are described in the Security 1215 Architecture for the Internet Protocol [RFC4301]. 1217 11. Acknowledgments 1219 The authors gratefully acknowledge the many helpful suggestions of 1220 the members of the IPng working group, the End-to-End Protocols 1221 research group, and the Internet Community At Large. 1223 The authors would also like to acknowledge the authors of the 1224 updating RFCs that were incorporated in this version of the document 1225 to move the IPv6 specification to Internet Standard. They are Joe 1226 Abley, Shane Amante, Jari Arkko, Manav Bhatia, Ronald P. Bonica, 1227 Scott Bradner, Brian Carpenter, P.F. Chimento, Marshall Eubanks, 1228 Fernando Gont, James Hoagland, Sheng Jiang, Erik Kline, Suresh 1229 Krishnan, Vishwas Manral, George Neville-Neil, Jarno Rajahalme, Pekka 1230 Savola, Magnus Westerlund, and James Woodyatt. 1232 12. References 1234 12.1. Normative References 1236 [I-D.hinden-6man-rfc4291bis] 1237 Hinden, B. and S. Deering, "IP Version 6 Addressing 1238 Architecture", draft-hinden-6man-rfc4291bis-05 (work in 1239 progress), October 2015. 1241 [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, 1242 "Definition of the Differentiated Services Field (DS 1243 Field) in the IPv4 and IPv6 Headers", RFC 2474, DOI 1244 10.17487/RFC2474, December 1998, 1245 . 1247 [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition 1248 of Explicit Congestion Notification (ECN) to IP", RFC 1249 3168, DOI 10.17487/RFC3168, September 2001, 1250 . 1252 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1253 Control Message Protocol (ICMPv6) for the Internet 1254 Protocol Version 6 (IPv6) Specification", RFC 4443, DOI 1255 10.17487/RFC4443, March 2006, 1256 . 1258 [RFC6437] Amante, S., Carpenter, B., Jiang, S., and J. Rajahalme, 1259 "IPv6 Flow Label Specification", RFC 6437, DOI 10.17487/ 1260 RFC6437, November 2011, 1261 . 1263 12.2. Informative References 1265 [IANA-6P] "Internet Protocol Version 6 (IPv6) Parameters", 1266 . 1269 [IANA-PN] "Assigned Internet Protocol Numbers", 1270 . 1273 [IANA-RH] "IANA Routing Types Parameter Registry", 1274 . 1277 [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, DOI 1278 10.17487/RFC0791, September 1981, 1279 . 1281 [RFC1661] Simpson, W., Ed., "The Point-to-Point Protocol (PPP)", STD 1282 51, RFC 1661, DOI 10.17487/RFC1661, July 1994, 1283 . 1285 [RFC1981] McCann, J., Deering, S., and J. Mogul, "Path MTU Discovery 1286 for IP version 6", RFC 1981, DOI 10.17487/RFC1981, August 1287 1996, . 1289 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1290 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1291 December 1998, . 1293 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1294 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 1295 December 2005, . 1297 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, DOI 1298 10.17487/RFC4302, December 2005, 1299 . 1301 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 1302 4303, DOI 10.17487/RFC4303, December 2005, 1303 . 1305 [RFC5871] Arkko, J. and S. Bradner, "IANA Allocation Guidelines for 1306 the IPv6 Routing Header", RFC 5871, DOI 10.17487/RFC5871, 1307 May 2010, . 1309 [RFC6936] Fairhurst, G. and M. Westerlund, "Applicability Statement 1310 for the Use of IPv6 UDP Datagrams with Zero Checksums", 1311 RFC 6936, DOI 10.17487/RFC6936, April 2013, 1312 . 1314 [RFC7045] Carpenter, B. and S. Jiang, "Transmission and Processing 1315 of IPv6 Extension Headers", RFC 7045, DOI 10.17487/ 1316 RFC7045, December 2013, 1317 . 1319 Appendix A. Formatting Guidelines for Options 1321 This appendix gives some advice on how to lay out the fields when 1322 designing new options to be used in the Hop-by-Hop Options header or 1323 the Destination Options header, as described in section 4.2. These 1324 guidelines are based on the following assumptions: 1326 o One desirable feature is that any multi-octet fields within the 1327 Option Data area of an option be aligned on their natural 1328 boundaries, i.e., fields of width n octets should be placed at 1329 an integer multiple of n octets from the start of the Hop-by- 1330 Hop or Destination Options header, for n = 1, 2, 4, or 8. 1332 o Another desirable feature is that the Hop-by-Hop or Destination 1333 Options header take up as little space as possible, subject to 1334 the requirement that the header be an integer multiple of 8 1335 octets long. 1337 o It may be assumed that, when either of the option-bearing 1338 headers are present, they carry a very small number of options, 1339 usually only one. 1341 These assumptions suggest the following approach to laying out the 1342 fields of an option: order the fields from smallest to largest, with 1343 no interior padding, then derive the alignment requirement for the 1344 entire option based on the alignment requirement of the largest field 1345 (up to a maximum alignment of 8 octets). This approach is 1346 illustrated in the following examples: 1348 Example 1 1350 If an option X required two data fields, one of length 8 octets and 1351 one of length 4 octets, it would be laid out as follows: 1353 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1354 | Option Type=X |Opt Data Len=12| 1355 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1356 | 4-octet field | 1357 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1358 | | 1359 + 8-octet field + 1360 | | 1361 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1363 Its alignment requirement is 8n+2, to ensure that the 8-octet field 1364 starts at a multiple-of-8 offset from the start of the enclosing 1365 header. A complete Hop-by-Hop or Destination Options header 1366 containing this one option would look as follows: 1368 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1369 | Next Header | Hdr Ext Len=1 | Option Type=X |Opt Data Len=12| 1370 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1371 | 4-octet field | 1372 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1373 | | 1374 + 8-octet field + 1375 | | 1376 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1378 Example 2 1380 If an option Y required three data fields, one of length 4 octets, 1381 one of length 2 octets, and one of length 1 octet, it would be laid 1382 out as follows: 1384 +-+-+-+-+-+-+-+-+ 1385 | Option Type=Y | 1386 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1387 |Opt Data Len=7 | 1-octet field | 2-octet field | 1388 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1389 | 4-octet field | 1390 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1392 Its alignment requirement is 4n+3, to ensure that the 4-octet field 1393 starts at a multiple-of-4 offset from the start of the enclosing 1394 header. A complete Hop-by-Hop or Destination Options header 1395 containing this one option would look as follows: 1397 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1398 | Next Header | Hdr Ext Len=1 | Pad1 Option=0 | Option Type=Y | 1399 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1400 |Opt Data Len=7 | 1-octet field | 2-octet field | 1401 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1402 | 4-octet field | 1403 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1404 | PadN Option=1 |Opt Data Len=2 | 0 | 0 | 1405 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1407 Example 3 1409 A Hop-by-Hop or Destination Options header containing both options X 1410 and Y from Examples 1 and 2 would have one of the two following 1411 formats, depending on which option appeared first: 1413 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1414 | Next Header | Hdr Ext Len=3 | Option Type=X |Opt Data Len=12| 1415 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1416 | 4-octet field | 1417 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1418 | | 1419 + 8-octet field + 1420 | | 1421 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1422 | PadN Option=1 |Opt Data Len=1 | 0 | Option Type=Y | 1423 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1424 |Opt Data Len=7 | 1-octet field | 2-octet field | 1425 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1426 | 4-octet field | 1427 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1428 | PadN Option=1 |Opt Data Len=2 | 0 | 0 | 1429 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1431 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1432 | Next Header | Hdr Ext Len=3 | Pad1 Option=0 | Option Type=Y | 1433 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1434 |Opt Data Len=7 | 1-octet field | 2-octet field | 1435 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1436 | 4-octet field | 1437 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1438 | PadN Option=1 |Opt Data Len=4 | 0 | 0 | 1439 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1440 | 0 | 0 | Option Type=X |Opt Data Len=12| 1441 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1442 | 4-octet field | 1443 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1444 | | 1445 + 8-octet field + 1446 | | 1447 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1449 Appendix B. CHANGES SINCE RFC2460 1451 This memo has the following changes from RFC2460. Numbers identify 1452 the Internet-Draft version in which the change was made. 1454 Working Group Internet Drafts 1456 00) Add instruction to the IANA to change references to RFC2460 1457 to this document 1459 00) Add a paragraph to the reference section acknowledging the 1460 authors of the updating documents 1462 00) Remove old paragraph in Section 4 that should have been 1463 removed when incorporating the update from RFC7045. 1465 00) Editorial changes. 1467 Individual Internet Drafts 1469 07) Update references to current versions and assign references 1470 to normative and informative. 1472 07) Editorial changes. 1474 06) The purpose of this draft is to incorporate the updates 1475 dealing with Extension headers as defined in RFC6564, 1476 RFC7045, and RFC7112. The changes include: 1478 RFC6564: Added new Section 4.8 that describe 1479 recommendations for defining new Extension headers and 1480 options 1482 RFC7045: The changes were to add a reference to RFC7045, 1483 change the requirement for processing the hop-by-hop 1484 option to a should, and added a note that due to 1485 performance restrictions some nodes won't process the Hop- 1486 by-Hop Option header. 1488 RFC7112: The changes were to revise the Fragmentation 1489 Section to require that all headers through the first 1490 Upper-Layer Header are in the first fragment. This 1491 changed the text describing how packets are fragmented and 1492 reassembled and added a new error case. 1494 06) Editorial changes. 1496 05) The purpose of this draft is to incorporate the updates 1497 dealing with fragmentation as defined in RFC5722 and RFC6946. 1499 Note: The issue relating to the handling of exact duplicate 1500 fragments identified on the mailing list is left open. 1502 05) Fix text in the end of Section 4.0 to correct the number of 1503 extension headers defined in this document. 1505 05) Editorial changes. 1507 04) The purpose of this draft is to update the document to 1508 incorporate the update made by RFC6935 "UDP Checksums for 1509 Tunneled Packets". 1511 04) Remove Routing (Type 0) header from the list of required 1512 extension headers. 1514 04) Editorial changes. 1516 03) The purpose of this draft is to update the document for the 1517 deprecation of the RH0 Routing Header as specified in RFC5095 1518 and the allocations guidelines for routing headers as 1519 specified in RFC5871. Both of these RFCs updated RFC2460. 1521 02) The purpose of this version of the draft is to update the 1522 document to resolve the open Errata on RFC2460. 1524 Errata ID: 2541: This errata notes that RFC2460 didn't 1525 update RFC2205 when the length of the Flow Label was 1526 changed from 24 to 20 bits from RFC1883. This issue was 1527 resolved in RFC6437 where the Flow Label is defined. This 1528 draft now references RFC6437. No change is required. 1530 Errata ID: 4279: This errata noted that the specification 1531 doesn't handle the case of a forwarding node receiving a 1532 packet with a zero Hop Limit. This is fixed in 1533 Section 3.0 of this draft. Note: No change was made 1534 regarding host behaviour. 1536 Errata ID: 2843: This errata is marked rejected. No 1537 change is required. 1539 02) Editorial changes to the Flow Label and Traffic Class text. 1541 01) The purpose of this version of the draft is to update the 1542 document to point to the current specifications of the IPv6 1543 Flow Label field as defined in [RFC6437] and the Traffic 1544 Class as defined in [RFC2474] and [RFC3168]. 1546 00) The purpose of this version is to establish a baseline from 1547 RFC2460. The only intended changes are formatting (XML is 1548 slightly different from .nroff), differences between an RFC 1549 and Internet Draft, fixing a few ID Nits, and updates to the 1550 authors information. There should not be any content changes 1551 to the specification. 1553 Authors' Addresses 1555 Stephen E. Deering 1556 Retired 1557 Vancouver, British Columbia 1558 Canada 1560 Robert M. Hinden 1561 Check Point Software 1562 959 Skyway Road 1563 San Carlos, CA 94070 1564 USA 1566 Email: bob.hinden@gmail.com