idnits 2.17.1 draft-ietf-6man-rfc2460bis-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 159 has weird spacing: '...r layer a pro...' == Line 173 has weird spacing: '...ighbors nod...' == Line 175 has weird spacing: '...terface a n...' == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 21, 2016) is 2958 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 1981 (Obsoleted by RFC 8201) -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) Summary: 0 errors (**), 0 flaws (~~), 5 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. Deering 3 Internet-Draft Retired 4 Obsoletes: 2460 (if approved) R. Hinden 5 Intended status: Standards Track Check Point Software 6 Expires: September 22, 2016 March 21, 2016 8 Internet Protocol, Version 6 (IPv6) Specification 9 draft-ietf-6man-rfc2460bis-04 11 Abstract 13 This document specifies version 6 of the Internet Protocol (IPv6). 14 It obsoletes RFC2460 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on September 22, 2016. 33 Copyright Notice 35 Copyright (c) 2016 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 This document may contain material from IETF Documents or IETF 49 Contributions published or made publicly available before November 50 10, 2008. The person(s) controlling the copyright in some of this 51 material may not have granted the IETF Trust the right to allow 52 modifications of such material outside the IETF Standards Process. 53 Without obtaining an adequate license from the person(s) controlling 54 the copyright in such materials, this document may not be modified 55 outside the IETF Standards Process, and derivative works of it may 56 not be created outside the IETF Standards Process, except to format 57 it for publication as an RFC or to translate it into languages other 58 than English. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 63 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 64 3. IPv6 Header Format . . . . . . . . . . . . . . . . . . . . . 5 65 4. IPv6 Extension Headers . . . . . . . . . . . . . . . . . . . 6 66 4.1. Extension Header Order . . . . . . . . . . . . . . . . . 8 67 4.2. Options . . . . . . . . . . . . . . . . . . . . . . . . . 9 68 4.3. Hop-by-Hop Options Header . . . . . . . . . . . . . . . . 12 69 4.4. Routing Header . . . . . . . . . . . . . . . . . . . . . 13 70 4.5. Fragment Header . . . . . . . . . . . . . . . . . . . . . 14 71 4.6. Destination Options Header . . . . . . . . . . . . . . . 21 72 4.7. No Next Header . . . . . . . . . . . . . . . . . . . . . 22 73 4.8. Defining New Extension Headers and Options . . . . . . . 22 74 5. Packet Size Issues . . . . . . . . . . . . . . . . . . . . . 23 75 6. Flow Labels . . . . . . . . . . . . . . . . . . . . . . . . . 24 76 7. Traffic Classes . . . . . . . . . . . . . . . . . . . . . . . 24 77 8. Upper-Layer Protocol Issues . . . . . . . . . . . . . . . . . 25 78 8.1. Upper-Layer Checksums . . . . . . . . . . . . . . . . . . 25 79 8.2. Maximum Packet Lifetime . . . . . . . . . . . . . . . . . 26 80 8.3. Maximum Upper-Layer Payload Size . . . . . . . . . . . . 27 81 8.4. Responding to Packets Carrying Routing Headers . . . . . 27 82 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 83 10. Security Considerations . . . . . . . . . . . . . . . . . . . 28 84 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 28 85 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 28 86 12.1. Normative References . . . . . . . . . . . . . . . . . . 28 87 12.2. Informative References . . . . . . . . . . . . . . . . . 29 88 Appendix A. Formatting Guidelines for Options . . . . . . . . . 30 89 Appendix B. CHANGES SINCE RFC2460 . . . . . . . . . . . . . . . 33 90 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 37 92 1. Introduction 94 IP version 6 (IPv6) is a new version of the Internet Protocol, 95 designed as the successor to IP version 4 (IPv4) [RFC0791]. The 96 changes from IPv4 to IPv6 fall primarily into the following 97 categories: 99 o Expanded Addressing Capabilities 101 IPv6 increases the IP address size from 32 bits to 128 bits, to 102 support more levels of addressing hierarchy, a much greater 103 number of addressable nodes, and simpler auto-configuration of 104 addresses. The scalability of multicast routing is improved by 105 adding a "scope" field to multicast addresses. And a new type 106 of address called an "anycast address" is defined, used to send 107 a packet to any one of a group of nodes. 109 o Header Format Simplification 111 Some IPv4 header fields have been dropped or made optional, to 112 reduce the common-case processing cost of packet handling and 113 to limit the bandwidth cost of the IPv6 header. 115 o Improved Support for Extensions and Options 117 Changes in the way IP header options are encoded allows for 118 more efficient forwarding, less stringent limits on the length 119 of options, and greater flexibility for introducing new options 120 in the future. 122 o Flow Labeling Capability 124 A new capability is added to enable the labeling of sequences 125 of packets for which the sender requests to be treated in the 126 network as a single flow. 128 o Authentication and Privacy Capabilities 130 Extensions to support authentication, data integrity, and 131 (optional) data confidentiality are specified for IPv6. 133 This document specifies the basic IPv6 header and the initially- 134 defined IPv6 extension headers and options. It also discusses packet 135 size issues, the semantics of flow labels and traffic classes, and 136 the effects of IPv6 on upper-layer protocols. The format and 137 semantics of IPv6 addresses are specified separately in 139 [I-D.hinden-6man-rfc4291bis]. The IPv6 version of ICMP, which all 140 IPv6 implementations are required to include, is specified in 141 [RFC4443] 143 The data transmission order for IPv6 is the same as for IPv4 as 144 defined in Appendix B of [RFC0791]. 146 Note: As this document obsoletes [RFC2460], any document referenced 147 in this document that includes pointers to RFC2460, should be 148 interpreted as referencing this document. 150 2. Terminology 152 node a device that implements IPv6. 154 router a node that forwards IPv6 packets not explicitly 155 addressed to itself. [See Note below]. 157 host any node that is not a router. [See Note below]. 159 upper layer a protocol layer immediately above IPv6. Examples are 160 transport protocols such as TCP and UDP, control 161 protocols such as ICMP, routing protocols such as OSPF, 162 and internet or lower-layer protocols being "tunneled" 163 over (i.e., encapsulated in) IPv6 such as IPX, 164 AppleTalk, or IPv6 itself. 166 link a communication facility or medium over which nodes can 167 communicate at the link layer, i.e., the layer 168 immediately below IPv6. Examples are Ethernets (simple 169 or bridged); PPP links; X.25, Frame Relay, or ATM 170 networks; and internet (or higher) layer "tunnels", such 171 as tunnels over IPv4 or IPv6 itself. 173 neighbors nodes attached to the same link. 175 interface a node's attachment to a link. 177 address an IPv6-layer identifier for an interface or a set of 178 interfaces. 180 packet an IPv6 header plus payload. 182 link MTU the maximum transmission unit, i.e., maximum packet size 183 in octets, that can be conveyed over a link. 185 path MTU the minimum link MTU of all the links in a path between 186 a source node and a destination node. 188 Note: it is possible, though unusual, for a device with multiple 189 interfaces to be configured to forward non-self-destined packets 190 arriving from some set (fewer than all) of its interfaces, and to 191 discard non-self-destined packets arriving from its other interfaces. 192 Such a device must obey the protocol requirements for routers when 193 receiving packets from, and interacting with neighbors over, the 194 former (forwarding) interfaces. It must obey the protocol 195 requirements for hosts when receiving packets from, and interacting 196 with neighbors over, the latter (non-forwarding) interfaces. 198 3. IPv6 Header Format 200 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 201 |Version| Traffic Class | Flow Label | 202 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 203 | Payload Length | Next Header | Hop Limit | 204 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 205 | | 206 + + 207 | | 208 + Source Address + 209 | | 210 + + 211 | | 212 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 213 | | 214 + + 215 | | 216 + Destination Address + 217 | | 218 + + 219 | | 220 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 222 Version 4-bit Internet Protocol version number = 6. 224 Traffic Class 8-bit traffic class field. See section 7. 226 Flow Label 20-bit flow label. See section 6. 228 Payload Length 16-bit unsigned integer. Length of the IPv6 229 payload, i.e., the rest of the packet 230 following this IPv6 header, in octets. (Note 231 that any extension headers [section 4] present 232 are considered part of the payload, i.e., 233 included in the length count.) 235 Next Header 8-bit selector. Identifies the type of header 236 immediately following the IPv6 header. Uses 237 the same values as the IPv4 Protocol field 238 [IANA-PN]. 240 Hop Limit 8-bit unsigned integer. Decremented by 1 by 241 each node that forwards the packet. When 242 forwarding, the packet is discarded if Hop 243 Limit was zero when received or is decremented 244 to zero. A node that is the destination of a 245 packet should not discard a packet with hop 246 limit equal to zero, it should process the 247 packet normally. 249 Source Address 128-bit address of the originator of the 250 packet. See [I-D.hinden-6man-rfc4291bis]. 252 Destination Address 128-bit address of the intended recipient of 253 the packet (possibly not the ultimate 254 recipient, if a Routing header is present). 255 See [I-D.hinden-6man-rfc4291bis] and section 256 4.4. 258 4. IPv6 Extension Headers 260 In IPv6, optional internet-layer information is encoded in separate 261 headers that may be placed between the IPv6 header and the upper- 262 layer header in a packet. There are a small number of such extension 263 headers, each identified by a distinct Next Header value. As 264 illustrated in these examples, an IPv6 packet may carry zero, one, or 265 more extension headers, each identified by the Next Header field of 266 the preceding header: 268 +---------------+------------------------ 269 | IPv6 header | TCP header + data 270 | | 271 | Next Header = | 272 | TCP | 273 +---------------+------------------------ 275 +---------------+----------------+------------------------ 276 | IPv6 header | Routing header | TCP header + data 277 | | | 278 | Next Header = | Next Header = | 279 | Routing | TCP | 280 +---------------+----------------+------------------------ 282 +---------------+----------------+-----------------+----------------- 283 | IPv6 header | Routing header | Fragment header | fragment of TCP 284 | | | | header + data 285 | Next Header = | Next Header = | Next Header = | 286 | Routing | Fragment | TCP | 287 +---------------+----------------+-----------------+----------------- 289 Extension headers must never be inserted by any node other than the 290 source of the packet. IP Encapsulation must be used to meet any 291 requirement for inserting headers, for example, as defined in 292 [RFC2473]. 294 With one exception, extension headers are not processed by any node 295 along a packet's delivery path, until the packet reaches the node (or 296 each of the set of nodes, in the case of multicast) identified in the 297 Destination Address field of the IPv6 header. Note: If an 298 intermediate forwarding node examines an extension header for any 299 reason, it must do so in accordance with the provisions of [RFC7045]. 300 At the Destination node, normal demultiplexing on the Next Header 301 field of the IPv6 header invokes the module to process the first 302 extension header, or the upper-layer header if no extension header is 303 present. The contents and semantics of each extension header 304 determine whether or not to proceed to the next header. Therefore, 305 extension headers must be processed strictly in the order they appear 306 in the packet; a receiver must not, for example, scan through a 307 packet looking for a particular kind of extension header and process 308 that header prior to processing all preceding ones. 310 The exception referred to in the preceding paragraph is the Hop-by- 311 Hop Options header, which carries information that should be examined 312 and processed by every node along a packet's delivery path, including 313 the source and destination nodes. The Hop-by-Hop Options header, 314 when present, must immediately follow the IPv6 header. Its presence 315 is indicated by the value zero in the Next Header field of the IPv6 316 header. 318 It should be noted that due to performance restrictions nodes may 319 ignore the Hop-by-Hop Option header, drop packets containing a hop- 320 by-hop option header, or assign packets containing a hop-by-hop 321 option header to a slow processing path. Designers planning to use a 322 hop-by-hop option need to be aware of this likely behaviour. 324 If, as a result of processing a header, a node is required to proceed 325 to the next header but the Next Header value in the current header is 326 unrecognized by the node, it should discard the packet and send an 327 ICMP Parameter Problem message to the source of the packet, with an 328 ICMP Code value of 1 ("unrecognized Next Header type encountered") 329 and the ICMP Pointer field containing the offset of the unrecognized 330 value within the original packet. The same action should be taken if 331 a node encounters a Next Header value of zero in any header other 332 than an IPv6 header. 334 Each extension header is an integer multiple of 8 octets long, in 335 order to retain 8-octet alignment for subsequent headers. Multi- 336 octet fields within each extension header are aligned on their 337 natural boundaries, i.e., fields of width n octets are placed at an 338 integer multiple of n octets from the start of the header, for n = 1, 339 2, 4, or 8. 341 A full implementation of IPv6 includes implementation of the 342 following extension headers: 344 Hop-by-Hop Options 345 Fragment 346 Destination Options 347 Authentication 348 Encapsulating Security Payload 350 The first three are specified in this document; the last two are 351 specified in [RFC4302] and [RFC4303], respectively. The current list 352 of IPv6 extension headers can be found at [IANA-EH]. 354 4.1. Extension Header Order 356 When more than one extension header is used in the same packet, it is 357 recommended that those headers appear in the following order: 359 IPv6 header 360 Hop-by-Hop Options header 361 Destination Options header (note 1) 362 Routing header 363 Fragment header 364 Authentication header (note 2) 365 Encapsulating Security Payload header (note 2) 366 Destination Options header (note 3) 367 upper-layer header 369 note 1: for options to be processed by the first destination that 370 appears in the IPv6 Destination Address field plus 371 subsequent destinations listed in the Routing header. 373 note 2: additional recommendations regarding the relative order of 374 the Authentication and Encapsulating Security Payload 375 headers are given in [RFC4303]. 377 note 3: for options to be processed only by the final destination 378 of the packet. 380 Each extension header should occur at most once, except for the 381 Destination Options header which should occur at most twice (once 382 before a Routing header and once before the upper-layer header). 384 If the upper-layer header is another IPv6 header (in the case of IPv6 385 being tunneled over or encapsulated in IPv6), it may be followed by 386 its own extension headers, which are separately subject to the same 387 ordering recommendations. 389 If and when other extension headers are defined, their ordering 390 constraints relative to the above listed headers must be specified. 392 IPv6 nodes must accept and attempt to process extension headers in 393 any order and occurring any number of times in the same packet, 394 except for the Hop-by-Hop Options header which is restricted to 395 appear immediately after an IPv6 header only. Nonetheless, it is 396 strongly advised that sources of IPv6 packets adhere to the above 397 recommended order until and unless subsequent specifications revise 398 that recommendation. 400 4.2. Options 402 Two of the currently-defined extension headers defined in this 403 document -- the Hop-by-Hop Options header and the Destination Options 404 header -- carry a variable number of type-length-value (TLV) encoded 405 "options", of the following format: 407 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 408 | Option Type | Opt Data Len | Option Data 409 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 411 Option Type 8-bit identifier of the type of option. 413 Opt Data Len 8-bit unsigned integer. Length of the Option 414 Data field of this option, in octets. 416 Option Data Variable-length field. Option-Type-specific 417 data. 419 The sequence of options within a header must be processed strictly in 420 the order they appear in the header; a receiver must not, for 421 example, scan through the header looking for a particular kind of 422 option and process that option prior to processing all preceding 423 ones. 425 The Option Type identifiers are internally encoded such that their 426 highest-order two bits specify the action that must be taken if the 427 processing IPv6 node does not recognize the Option Type: 429 00 - skip over this option and continue processing the header. 431 01 - discard the packet. 433 10 - discard the packet and, regardless of whether or not the 434 packet's Destination Address was a multicast address, send an 435 ICMP Parameter Problem, Code 2, message to the packet's 436 Source Address, pointing to the unrecognized Option Type. 438 11 - discard the packet and, only if the packet's Destination 439 Address was not a multicast address, send an ICMP Parameter 440 Problem, Code 2, message to the packet's Source Address, 441 pointing to the unrecognized Option Type. 443 The third-highest-order bit of the Option Type specifies whether or 444 not the Option Data of that option can change en-route to the 445 packet's final destination. When an Authentication header is present 446 in the packet, for any option whose data may change en-route, its 447 entire Option Data field must be treated as zero-valued octets when 448 computing or verifying the packet's authenticating value. 450 0 - Option Data does not change en-route 452 1 - Option Data may change en-route 454 The three high-order bits described above are to be treated as part 455 of the Option Type, not independent of the Option Type. That is, a 456 particular option is identified by a full 8-bit Option Type, not just 457 the low-order 5 bits of an Option Type. 459 The same Option Type numbering space is used for both the Hop-by-Hop 460 Options header and the Destination Options header. However, the 461 specification of a particular option may restrict its use to only one 462 of those two headers. 464 Individual options may have specific alignment requirements, to 465 ensure that multi-octet values within Option Data fields fall on 466 natural boundaries. The alignment requirement of an option is 467 specified using the notation xn+y, meaning the Option Type must 468 appear at an integer multiple of x octets from the start of the 469 header, plus y octets. For example: 471 2n means any 2-octet offset from the start of the header. 472 8n+2 means any 8-octet offset from the start of the header, plus 2 473 octets. 475 There are two padding options which are used when necessary to align 476 subsequent options and to pad out the containing header to a multiple 477 of 8 octets in length. These padding options must be recognized by 478 all IPv6 implementations: 480 Pad1 option (alignment requirement: none) 482 +-+-+-+-+-+-+-+-+ 483 | 0 | 484 +-+-+-+-+-+-+-+-+ 486 NOTE! the format of the Pad1 option is a special case -- it does 487 not have length and value fields. 489 The Pad1 option is used to insert one octet of padding into the 490 Options area of a header. If more than one octet of padding is 491 required, the PadN option, described next, should be used, rather 492 than multiple Pad1 options. 494 PadN option (alignment requirement: none) 496 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 497 | 1 | Opt Data Len | Option Data 498 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 500 The PadN option is used to insert two or more octets of padding 501 into the Options area of a header. For N octets of padding, the 502 Opt Data Len field contains the value N-2, and the Option Data 503 consists of N-2 zero-valued octets. 505 Appendix A contains formatting guidelines for designing new options. 507 4.3. Hop-by-Hop Options Header 509 The Hop-by-Hop Options header is used to carry optional information 510 that should be examined by every node along a packet's delivery path. 511 The Hop-by-Hop Options header is identified by a Next Header value of 512 0 in the IPv6 header, and has the following format: 514 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 515 | Next Header | Hdr Ext Len | | 516 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 517 | | 518 . . 519 . Options . 520 . . 521 | | 522 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 524 Next Header 8-bit selector. Identifies the type of header 525 immediately following the Hop-by-Hop Options 526 header. Uses the same values as the IPv4 527 Protocol field [IANA-PN]. 529 Hdr Ext Len 8-bit unsigned integer. Length of the Hop-by- 530 Hop Options header in 8-octet units, not 531 including the first 8 octets. 533 Options Variable-length field, of length such that the 534 complete Hop-by-Hop Options header is an 535 integer multiple of 8 octets long. Contains 536 one or more TLV-encoded options, as described 537 in section 4.2. 539 The only hop-by-hop options defined in this document are the Pad1 and 540 PadN options specified in section 4.2. 542 4.4. Routing Header 544 The Routing header is used by an IPv6 source to list one or more 545 intermediate nodes to be "visited" on the way to a packet's 546 destination. This function is very similar to IPv4's Loose Source 547 and Record Route option. The Routing header is identified by a Next 548 Header value of 43 in the immediately preceding header, and has the 549 following format: 551 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 552 | Next Header | Hdr Ext Len | Routing Type | Segments Left | 553 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 554 | | 555 . . 556 . type-specific data . 557 . . 558 | | 559 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 561 Next Header 8-bit selector. Identifies the type of header 562 immediately following the Routing header. 563 Uses the same values as the IPv4 Protocol 564 field [IANA-PN]. 566 Hdr Ext Len 8-bit unsigned integer. Length of the Routing 567 header in 8-octet units, not including the 568 first 8 octets. 570 Routing Type 8-bit identifier of a particular Routing 571 header variant. 573 Segments Left 8-bit unsigned integer. Number of route 574 segments remaining, i.e., number of explicitly 575 listed intermediate nodes still to be visited 576 before reaching the final destination. 578 type-specific data Variable-length field, of format determined by 579 the Routing Type, and of length such that the 580 complete Routing header is an integer multiple 581 of 8 octets long. 583 If, while processing a received packet, a node encounters a Routing 584 header with an unrecognized Routing Type value, the required behavior 585 of the node depends on the value of the Segments Left field, as 586 follows: 588 If Segments Left is zero, the node must ignore the Routing header 589 and proceed to process the next header in the packet, whose type 590 is identified by the Next Header field in the Routing header. 592 If Segments Left is non-zero, the node must discard the packet and 593 send an ICMP Parameter Problem, Code 0, message to the packet's 594 Source Address, pointing to the unrecognized Routing Type. 596 If, after processing a Routing header of a received packet, an 597 intermediate node determines that the packet is to be forwarded onto 598 a link whose link MTU is less than the size of the packet, the node 599 must discard the packet and send an ICMP Packet Too Big message to 600 the packet's Source Address. 602 The currently defined IPv6 Routing Headers and their status can be 603 found at [IANA-RH]. Allocation guidelines for IPv6 Routing Headers 604 can be found in [RFC5871]. 606 4.5. Fragment Header 608 The Fragment header is used by an IPv6 source to send a packet larger 609 than would fit in the path MTU to its destination. (Note: unlike 610 IPv4, fragmentation in IPv6 is performed only by source nodes, not by 611 routers along a packet's delivery path -- see section 5.) The 612 Fragment header is identified by a Next Header value of 44 in the 613 immediately preceding header, and has the following format: 615 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 616 | Next Header | Reserved | Fragment Offset |Res|M| 617 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 618 | Identification | 619 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 621 Next Header 8-bit selector. Identifies the initial header 622 type of the Fragmentable Part of the original 623 packet (defined below). Uses the same values 624 as the IPv4 Protocol field [IANA-PN]. 626 Reserved 8-bit reserved field. Initialized to zero for 627 transmission; ignored on reception. 629 Fragment Offset 13-bit unsigned integer. The offset, in 630 8-octet units, of the data following this 631 header, relative to the start of the 632 Fragmentable Part of the original packet. 634 Res 2-bit reserved field. Initialized to zero for 635 transmission; ignored on reception. 637 M flag 1 = more fragments; 0 = last fragment. 639 Identification 32 bits. See description below. 641 In order to send a packet that is too large to fit in the MTU of the 642 path to its destination, a source node may divide the packet into 643 fragments and send each fragment as a separate packet, to be 644 reassembled at the receiver. 646 For every packet that is to be fragmented, the source node generates 647 an Identification value. The Identification must be different than 648 that of any other fragmented packet sent recently* with the same 649 Source Address and Destination Address. If a Routing header is 650 present, the Destination Address of concern is that of the final 651 destination. 653 * "recently" means within the maximum likely lifetime of a 654 packet, including transit time from source to destination and 655 time spent awaiting reassembly with other fragments of the same 656 packet. However, it is not required that a source node know 657 the maximum packet lifetime. Rather, it is assumed that the 658 requirement can be met by implementing an algorithm that 659 results in a low identification reuse frequency. Examples of 660 algorithms that can meet this requirement are described in 661 [RFC7739]. 663 The initial, large, unfragmented packet is referred to as the 664 "original packet", and it is considered to consist of three parts, as 665 illustrated: 667 original packet: 669 +------------------+-------------------------+---//----------------+ 670 | Per-Fragment | Extension & Upper-Layer | Fragmentable | 671 | Headers | Headers | Part | 672 +------------------+-------------------------+---//----------------+ 674 The Per-Fragment Headers consists of the IPv6 header plus any 675 extension headers that must be processed by nodes en route to the 676 destination, that is, all headers up to and including the Routing 677 header if present, else the Hop-by-Hop Options header if present, 678 else no extension headers. 680 The Extension Headers are all other extension headers that are not 681 included in the Per-Fragment headers part of the packet. For this 682 purpose, the Encapsulating Security Payload (ESP) is not 683 considered an extension header. The Upper-Layer Header is the 684 first upper-layer header that is not an IPv6 extension header. 685 Examples of upper-layer headers include TCP, UDP, IPv4, IPv6, 686 ICMPv6, and as noted ESP. 688 The Fragmentable Part consists of the rest of the packet after the 689 upper-layer header or after any header (i.e., initial IPv6 header 690 or extension header) that contains a Next Header value of No Next 691 Header. 693 The Fragmentable Part of the original packet is divided into 694 fragments. The lengths of the fragments must be chosen such that the 695 resulting fragment packets fit within the MTU of the path to the 696 packets' destination(s). Each complete fragment, except possibly the 697 last ("rightmost") one, being an integer multiple of 8 octets long. 699 The fragments are transmitted in separate "fragment packets" as 700 illustrated: 702 original packet: 704 +-----------------+-----------------+--------+--------+-//-+--------+ 705 | Per-Fragment |Ext & Upper-Layer| first | second | | last | 706 | Headers | Headers |fragment|fragment|....|fragment| 707 +-----------------+-----------------+--------+--------+-//-+--------+ 709 fragment packets: 711 +------------------+---------+-------------------+----------+ 712 | Per-Fragment |Fragment | Ext & Upper-Layer | first | 713 | Headers | Header | Headers | fragment | 714 +------------------+---------+-------------------+----------+ 716 +------------------+--------+-------------------------------+ 717 | Per-Fragment |Fragment| second | 718 | Headers | Header | fragment | 719 +------------------+--------+-------------------------------+ 720 o 721 o 722 o 723 +------------------+--------+----------+ 724 | Per-Fragment |Fragment| last | 725 | Headers | Header | fragment | 726 +------------------+--------+----------+ 728 The first fragment packet is composed of: 730 (1) The Per-Fragment Headers of the original packet, with the 731 Payload Length of the original IPv6 header changed to contain the 732 length of this fragment packet only (excluding the length of the 733 IPv6 header itself), and the Next Header field of the last header 734 of the Per-Fragment Headers changed to 44. 736 (2) A Fragment header containing: 738 The Next Header value that identifies the first header after 739 the Per-Fragment Headers of the original packet. 741 A Fragment Offset containing the offset of the fragment, in 742 8-octet units, relative to the start of the Fragmentable Part 743 of the original packet. The Fragment Offset of the first 744 ("leftmost") fragment is 0. 746 An M flag value of 1 as this is the first fragment. 748 The Identification value generated for the original packet. 750 (3) Extension Headers, if any, and the Upper-Layer header. These 751 headers must be in the first fragment. Note: This restricts the 752 size of the headers through the Upper-Layer header to the MTU of 753 the path to the packets' destinations(s). 755 (4) The first fragment. 757 The subsequent fragment packets are composed of: 759 (1) The Per-Fragment Headers of the original packet, with the 760 Payload Length of the original IPv6 header changed to contain the 761 length of this fragment packet only (excluding the length of the 762 IPv6 header itself), and the Next Header field of the last header 763 of the Per-Fragment Headers changed to 44. 765 (2) A Fragment header containing: 767 The Next Header value that identifies the first header after 768 the Per-Fragment Headers of the original packet. 770 A Fragment Offset containing the offset of the fragment, in 771 8-octet units, relative to the start of the Fragmentable part 772 of the original packet. 774 An M flag value of 0 if the fragment is the last ("rightmost") 775 one, else an M flag value of 1. 777 The Identification value generated for the original packet. 779 (3) The fragment itself. 781 Fragments must not be created that overlap with any other fragments 782 created from the original packet. 784 At the destination, fragment packets are reassembled into their 785 original, unfragmented form, as illustrated: 787 reassembled original packet: 789 +---------------+-----------------+---------+--------+-//--+--------+ 790 | Per-Fragment |Ext & Upper-Layer| first | second | | last | 791 | Headers | Headers |frag data|fragment|.....|fragment| 792 +---------------+-----------------+---------+--------+-//--+--------+ 794 The following rules govern reassembly: 796 An original packet is reassembled only from fragment packets that 797 have the same Source Address, Destination Address, and Fragment 798 Identification. 800 The Per-Fragment Headers of the reassembled packet consists of all 801 headers up to, but not including, the Fragment header of the first 802 fragment packet (that is, the packet whose Fragment Offset is 803 zero), with the following two changes: 805 The Next Header field of the last header of the Per-Fragment 806 Headers is obtained from the Next Header field of the first 807 fragment's Fragment header. 809 The Payload Length of the reassembled packet is computed from 810 the length of the Per-Fragment Headers and the length and 811 offset of the last fragment. For example, a formula for 812 computing the Payload Length of the reassembled original packet 813 is: 815 PL.orig = PL.first - FL.first - 8 + (8 * FO.last) + FL.last 817 where 818 PL.orig = Payload Length field of reassembled packet. 819 PL.first = Payload Length field of first fragment packet. 820 FL.first = length of fragment following Fragment header of 821 first fragment packet. 822 FO.last = Fragment Offset field of Fragment header of last 823 fragment packet. 824 FL.last = length of fragment following Fragment header of 825 last fragment packet. 827 The Fragmentable Part of the reassembled packet is constructed 828 from the fragments following the Fragment headers in each of 829 the fragment packets. The length of each fragment is computed 830 by subtracting from the packet's Payload Length the length of 831 the headers between the IPv6 header and fragment itself; its 832 relative position in Fragmentable Part is computed from its 833 Fragment Offset value. 835 The Fragment header is not present in the final, reassembled 836 packet. 838 If any of the fragments being reassembled overlaps with any 839 other fragments being reassembled for the same packet, 840 reassembly of that packet must be abandoned and all the 841 fragments that have been received for that packet must be 842 discarded. 844 It should be noted that fragments may be duplicated in the 845 network. These exact duplicate fragments will be treated as 846 overlapping fragments and handled as described in the previous 847 paragraph. An implementation may choose to detect this case 848 and not drop the other fragments of the same packet. 850 If the fragment is a whole datagram (that is, both the Fragment 851 Offset field and the M flag are zero), then it does not need 852 any further reassembly and should be processed as a fully 853 reassembled packet (i.e., updating Next Header, adjust Payload 854 Length, removing the Fragmentation Header, etc.). Any other 855 fragments that match this packet (i.e., the same IPv6 Source 856 Address, IPv6 Destination Address, and Fragment Identification) 857 should be processed independently. 859 The following error conditions may arise when reassembling fragmented 860 packets: 862 If insufficient fragments are received to complete reassembly of a 863 packet within 60 seconds of the reception of the first-arriving 864 fragment of that packet, reassembly of that packet must be 865 abandoned and all the fragments that have been received for that 866 packet must be discarded. If the first fragment (i.e., the one 867 with a Fragment Offset of zero) has been received, an ICMP Time 868 Exceeded -- Fragment Reassembly Time Exceeded message should be 869 sent to the source of that fragment. 871 If the length of a fragment, as derived from the fragment packet's 872 Payload Length field, is not a multiple of 8 octets and the M flag 873 of that fragment is 1, then that fragment must be discarded and an 874 ICMP Parameter Problem, Code 0, message should be sent to the 875 source of the fragment, pointing to the Payload Length field of 876 the fragment packet. 878 If the length and offset of a fragment are such that the Payload 879 Length of the packet reassembled from that fragment would exceed 880 65,535 octets, then that fragment must be discarded and an ICMP 881 Parameter Problem, Code 0, message should be sent to the source of 882 the fragment, pointing to the Fragment Offset field of the 883 fragment packet. 885 If the first fragment does not include all headers through an 886 Upper-Layer header, then that fragment should be discarded and an 887 ICMP Parameter Problem, Code 3, message should be sent to the 888 source of the fragment, with the Pointer field set to zero. 890 The following conditions are not expected to occur, but are not 891 considered errors if they do: 893 The number and content of the headers preceding the Fragment 894 header of different fragments of the same original packet may 895 differ. Whatever headers are present, preceding the Fragment 896 header in each fragment packet, are processed when the packets 897 arrive, prior to queueing the fragments for reassembly. Only 898 those headers in the Offset zero fragment packet are retained in 899 the reassembled packet. 901 The Next Header values in the Fragment headers of different 902 fragments of the same original packet may differ. Only the value 903 from the Offset zero fragment packet is used for reassembly. 905 4.6. Destination Options Header 907 The Destination Options header is used to carry optional information 908 that need be examined only by a packet's destination node(s). The 909 Destination Options header is identified by a Next Header value of 60 910 in the immediately preceding header, and has the following format: 912 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 913 | Next Header | Hdr Ext Len | | 914 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 915 | | 916 . . 917 . Options . 918 . . 919 | | 920 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 922 Next Header 8-bit selector. Identifies the type of header 923 immediately following the Destination Options 924 header. Uses the same values as the IPv4 925 Protocol field [IANA-PN]. 927 Hdr Ext Len 8-bit unsigned integer. Length of the 928 Destination Options header in 8-octet units, 929 not including the first 8 octets. 931 Options Variable-length field, of length such that the 932 complete Destination Options header is an 933 integer multiple of 8 octets long. Contains 934 one or more TLV-encoded options, as described 935 in section 4.2. 937 The only destination options defined in this document are the Pad1 938 and PadN options specified in section 4.2. 940 Note that there are two possible ways to encode optional destination 941 information in an IPv6 packet: either as an option in the Destination 942 Options header, or as a separate extension header. The Fragment 943 header and the Authentication header are examples of the latter 944 approach. Which approach can be used depends on what action is 945 desired of a destination node that does not understand the optional 946 information: 948 o If the desired action is for the destination node to discard 949 the packet and, only if the packet's Destination Address is not 950 a multicast address, send an ICMP Unrecognized Type message to 951 the packet's Source Address, then the information may be 952 encoded either as a separate header or as an option in the 953 Destination Options header whose Option Type has the value 11 954 in its highest-order two bits. The choice may depend on such 955 factors as which takes fewer octets, or which yields better 956 alignment or more efficient parsing. 958 o If any other action is desired, the information must be encoded 959 as an option in the Destination Options header whose Option 960 Type has the value 00, 01, or 10 in its highest-order two bits, 961 specifying the desired action (see section 4.2). 963 4.7. No Next Header 965 The value 59 in the Next Header field of an IPv6 header or any 966 extension header indicates that there is nothing following that 967 header. If the Payload Length field of the IPv6 header indicates the 968 presence of octets past the end of a header whose Next Header field 969 contains 59, those octets must be ignored, and passed on unchanged if 970 the packet is forwarded. 972 4.8. Defining New Extension Headers and Options 974 No new extension headers that require hop-by-hop behavior should be 975 defined because as specified in Section 4 of this document, the only 976 Extension Header that has hop-by-hop behavior is the Hop-by-Hop 977 Options header. 979 New hop-by-hop options are not recommended because, due to 980 performance restrictions, nodes may ignore the Hop-by-Hop Option 981 header, drop packets containing a hop-by-hop header, or assign 982 packets containing a hop-by-hop header to a slow processing path. 983 Designers considering defining new hop-by-hop options need to be 984 aware of this likely behaviour. There has to a very clear 985 justification why any new hop-by-hop option is needed before it is 986 standardized. 988 Instead of defining new Extension Headers, it is recommended that the 989 Destination Options header is used to carry optional information that 990 need be examined only by a packet's destination node(s), because they 991 provide better handling and backward compatibility. Defining new 992 IPv6 extension headers is not recommended. There has to a very clear 993 justification why any new extension header is needed before it is 994 standardized. 996 If new Extension Headers are defined, they need to use the following 997 format: 999 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1000 | Next Header | Hdr Ext Len | | 1001 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 1002 | | 1003 . . 1004 . Header Specific Data . 1005 . . 1006 | | 1007 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1009 Next Header 8-bit selector. Identifies the type of 1010 header immediately following the extension 1011 header. Uses the same values as the IPv4 1012 Protocol field [IANA-PN]. 1014 Hdr Ext Len 8-bit unsigned integer. Length of the 1015 Destination Options header in 8-octet units, 1016 not including the first 8 octets. 1018 Header Specific Data Variable-length field, Fields specific to 1019 the extension header. 1021 5. Packet Size Issues 1023 IPv6 requires that every link in the internet have an MTU of 1280 1024 octets or greater. On any link that cannot convey a 1280-octet 1025 packet in one piece, link-specific fragmentation and reassembly must 1026 be provided at a layer below IPv6. 1028 Links that have a configurable MTU (for example, PPP links [RFC1661]) 1029 must be configured to have an MTU of at least 1280 octets; it is 1030 recommended that they be configured with an MTU of 1500 octets or 1031 greater, to accommodate possible encapsulations (i.e., tunneling) 1032 without incurring IPv6-layer fragmentation. 1034 From each link to which a node is directly attached, the node must be 1035 able to accept packets as large as that link's MTU. 1037 It is strongly recommended that IPv6 nodes implement Path MTU 1038 Discovery [RFC1981], in order to discover and take advantage of path 1039 MTUs greater than 1280 octets. However, a minimal IPv6 1040 implementation (e.g., in a boot ROM) may simply restrict itself to 1041 sending packets no larger than 1280 octets, and omit implementation 1042 of Path MTU Discovery. 1044 In order to send a packet larger than a path's MTU, a node may use 1045 the IPv6 Fragment header to fragment the packet at the source and 1046 have it reassembled at the destination(s). However, the use of such 1047 fragmentation is discouraged in any application that is able to 1048 adjust its packets to fit the measured path MTU (i.e., down to 1280 1049 octets). 1051 A node must be able to accept a fragmented packet that, after 1052 reassembly, is as large as 1500 octets. A node is permitted to 1053 accept fragmented packets that reassemble to more than 1500 octets. 1054 An upper-layer protocol or application that depends on IPv6 1055 fragmentation to send packets larger than the MTU of a path should 1056 not send packets larger than 1500 octets unless it has assurance that 1057 the destination is capable of reassembling packets of that larger 1058 size. 1060 6. Flow Labels 1062 The 20-bit Flow Label field in the IPv6 header is used by a source to 1063 label sequences of packets to be treated in the network as a single 1064 flow. 1066 The current definition of the IPv6 Flow Label can be found in 1067 [RFC6437]. 1069 7. Traffic Classes 1071 The 8-bit Traffic Class field in the IPv6 header is used by the 1072 network for traffic management. The value of the Traffic Class bits 1073 in a received packet might be different from the value sent by the 1074 packet's source. 1076 The current use of the Traffic Class field for Differentiated 1077 Services and Explicit Congestion Notification is specified in 1078 [RFC2474] and [RFC3168]. 1080 8. Upper-Layer Protocol Issues 1082 8.1. Upper-Layer Checksums 1084 Any transport or other upper-layer protocol that includes the 1085 addresses from the IP header in its checksum computation must be 1086 modified for use over IPv6, to include the 128-bit IPv6 addresses 1087 instead of 32-bit IPv4 addresses. In particular, the following 1088 illustration shows the TCP and UDP "pseudo-header" for IPv6: 1090 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1091 | | 1092 + + 1093 | | 1094 + Source Address + 1095 | | 1096 + + 1097 | | 1098 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1099 | | 1100 + + 1101 | | 1102 + Destination Address + 1103 | | 1104 + + 1105 | | 1106 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1107 | Upper-Layer Packet Length | 1108 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1109 | zero | Next Header | 1110 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1112 o If the IPv6 packet contains a Routing header, the Destination 1113 Address used in the pseudo-header is that of the final 1114 destination. At the originating node, that address will be in 1115 the last element of the Routing header; at the recipient(s), 1116 that address will be in the Destination Address field of the 1117 IPv6 header. 1119 o The Next Header value in the pseudo-header identifies the 1120 upper-layer protocol (e.g., 6 for TCP, or 17 for UDP). It will 1121 differ from the Next Header value in the IPv6 header if there 1122 are extension headers between the IPv6 header and the upper- 1123 layer header. 1125 o The Upper-Layer Packet Length in the pseudo-header is the 1126 length of the upper-layer header and data (e.g., TCP header 1127 plus TCP data). Some upper-layer protocols carry their own 1128 length information (e.g., the Length field in the UDP header); 1129 for such protocols, that is the length used in the pseudo- 1130 header. Other protocols (such as TCP) do not carry their own 1131 length information, in which case the length used in the 1132 pseudo-header is the Payload Length from the IPv6 header, minus 1133 the length of any extension headers present between the IPv6 1134 header and the upper-layer header. 1136 o Unlike IPv4, the default behavior when UDP packets are 1137 originated by an IPv6 node, is that the UDP checksum is not 1138 optional. That is, whenever originating a UDP packet, an IPv6 1139 node must compute a UDP checksum over the packet and the 1140 pseudo-header, and, if that computation yields a result of 1141 zero, it must be changed to hex FFFF for placement in the UDP 1142 header. IPv6 receivers must discard UDP packets containing a 1143 zero checksum, and should log the error. 1145 o As an exception to the default behaviour, protocols that use 1146 UDP as a tunnel encapsulation may enable zero-checksum mode for 1147 a specific port (or set of ports) for sending and/or receiving. 1148 Any node implementing zero-checksum mode must follow the 1149 requirements specified in "Applicability Statement for the use 1150 of IPv6 UDP Datagrams with Zero Checksums" [RFC6936]. 1152 The IPv6 version of ICMP [RFC4443] includes the above pseudo-header 1153 in its checksum computation; this is a change from the IPv4 version 1154 of ICMP, which does not include a pseudo-header in its checksum. The 1155 reason for the change is to protect ICMP from misdelivery or 1156 corruption of those fields of the IPv6 header on which it depends, 1157 which, unlike IPv4, are not covered by an internet-layer checksum. 1158 The Next Header field in the pseudo-header for ICMP contains the 1159 value 58, which identifies the IPv6 version of ICMP. 1161 8.2. Maximum Packet Lifetime 1163 Unlike IPv4, IPv6 nodes are not required to enforce maximum packet 1164 lifetime. That is the reason the IPv4 "Time to Live" field was 1165 renamed "Hop Limit" in IPv6. In practice, very few, if any, IPv4 1166 implementations conform to the requirement that they limit packet 1167 lifetime, so this is not a change in practice. Any upper-layer 1168 protocol that relies on the internet layer (whether IPv4 or IPv6) to 1169 limit packet lifetime ought to be upgraded to provide its own 1170 mechanisms for detecting and discarding obsolete packets. 1172 8.3. Maximum Upper-Layer Payload Size 1174 When computing the maximum payload size available for upper-layer 1175 data, an upper-layer protocol must take into account the larger size 1176 of the IPv6 header relative to the IPv4 header. For example, in 1177 IPv4, TCP's MSS option is computed as the maximum packet size (a 1178 default value or a value learned through Path MTU Discovery) minus 40 1179 octets (20 octets for the minimum-length IPv4 header and 20 octets 1180 for the minimum-length TCP header). When using TCP over IPv6, the 1181 MSS must be computed as the maximum packet size minus 60 octets, 1182 because the minimum-length IPv6 header (i.e., an IPv6 header with no 1183 extension headers) is 20 octets longer than a minimum-length IPv4 1184 header. 1186 8.4. Responding to Packets Carrying Routing Headers 1188 When an upper-layer protocol sends one or more packets in response to 1189 a received packet that included a Routing header, the response 1190 packet(s) must not include a Routing header that was automatically 1191 derived by "reversing" the received Routing header UNLESS the 1192 integrity and authenticity of the received Source Address and Routing 1193 header have been verified (e.g., via the use of an Authentication 1194 header in the received packet). In other words, only the following 1195 kinds of packets are permitted in response to a received packet 1196 bearing a Routing header: 1198 o Response packets that do not carry Routing headers. 1200 o Response packets that carry Routing headers that were NOT 1201 derived by reversing the Routing header of the received packet 1202 (for example, a Routing header supplied by local 1203 configuration). 1205 o Response packets that carry Routing headers that were derived 1206 by reversing the Routing header of the received packet IF AND 1207 ONLY IF the integrity and authenticity of the Source Address 1208 and Routing header from the received packet have been verified 1209 by the responder. 1211 9. IANA Considerations 1213 RFC2460 is referenced in a number of IANA registries. These include: 1215 o Internet Protocol Version 6 (IPv6) Parameters [IANA-6P] 1216 o Assigned Internet Protocol Numbers [IANA-PN] 1218 The IANA should update these references to point to this document. 1220 10. Security Considerations 1222 The security features of IPv6 are described in the Security 1223 Architecture for the Internet Protocol [RFC4301]. 1225 11. Acknowledgments 1227 The authors gratefully acknowledge the many helpful suggestions of 1228 the members of the IPng working group, the End-to-End Protocols 1229 research group, and the Internet Community At Large. 1231 The authors would also like to acknowledge the authors of the 1232 updating RFCs that were incorporated in this version of the document 1233 to move the IPv6 specification to Internet Standard. They are Joe 1234 Abley, Shane Amante, Jari Arkko, Manav Bhatia, Ronald P. Bonica, 1235 Scott Bradner, Brian Carpenter, P.F. Chimento, Marshall Eubanks, 1236 Fernando Gont, James Hoagland, Sheng Jiang, Erik Kline, Suresh 1237 Krishnan, Vishwas Manral, George Neville-Neil, Jarno Rajahalme, Pekka 1238 Savola, Magnus Westerlund, and James Woodyatt. 1240 12. References 1242 12.1. Normative References 1244 [I-D.hinden-6man-rfc4291bis] 1245 Hinden, B. and S. Deering, "IP Version 6 Addressing 1246 Architecture", draft-hinden-6man-rfc4291bis-06 (work in 1247 progress), October 2015. 1249 [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, DOI 1250 10.17487/RFC0791, September 1981, 1251 . 1253 [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, 1254 "Definition of the Differentiated Services Field (DS 1255 Field) in the IPv4 and IPv6 Headers", RFC 2474, DOI 1256 10.17487/RFC2474, December 1998, 1257 . 1259 [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition 1260 of Explicit Congestion Notification (ECN) to IP", RFC 1261 3168, DOI 10.17487/RFC3168, September 2001, 1262 . 1264 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1265 Control Message Protocol (ICMPv6) for the Internet 1266 Protocol Version 6 (IPv6) Specification", RFC 4443, DOI 1267 10.17487/RFC4443, March 2006, 1268 . 1270 [RFC6437] Amante, S., Carpenter, B., Jiang, S., and J. Rajahalme, 1271 "IPv6 Flow Label Specification", RFC 6437, DOI 10.17487/ 1272 RFC6437, November 2011, 1273 . 1275 12.2. Informative References 1277 [IANA-6P] "Internet Protocol Version 6 (IPv6) Parameters", 1278 . 1281 [IANA-EH] "IPv6 Extension Header Types", 1282 . 1285 [IANA-PN] "Assigned Internet Protocol Numbers", 1286 . 1289 [IANA-RH] "IANA Routing Types Parameter Registry", 1290 . 1293 [RFC1661] Simpson, W., Ed., "The Point-to-Point Protocol (PPP)", STD 1294 51, RFC 1661, DOI 10.17487/RFC1661, July 1994, 1295 . 1297 [RFC1981] McCann, J., Deering, S., and J. Mogul, "Path MTU Discovery 1298 for IP version 6", RFC 1981, DOI 10.17487/RFC1981, August 1299 1996, . 1301 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1302 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1303 December 1998, . 1305 [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in 1306 IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473, 1307 December 1998, . 1309 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1310 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 1311 December 2005, . 1313 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, DOI 1314 10.17487/RFC4302, December 2005, 1315 . 1317 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 1318 4303, DOI 10.17487/RFC4303, December 2005, 1319 . 1321 [RFC5871] Arkko, J. and S. Bradner, "IANA Allocation Guidelines for 1322 the IPv6 Routing Header", RFC 5871, DOI 10.17487/RFC5871, 1323 May 2010, . 1325 [RFC6936] Fairhurst, G. and M. Westerlund, "Applicability Statement 1326 for the Use of IPv6 UDP Datagrams with Zero Checksums", 1327 RFC 6936, DOI 10.17487/RFC6936, April 2013, 1328 . 1330 [RFC7045] Carpenter, B. and S. Jiang, "Transmission and Processing 1331 of IPv6 Extension Headers", RFC 7045, DOI 10.17487/ 1332 RFC7045, December 2013, 1333 . 1335 [RFC7739] Gont, F., "Security Implications of Predictable Fragment 1336 Identification Values", RFC 7739, DOI 10.17487/RFC7739, 1337 February 2016, . 1339 Appendix A. Formatting Guidelines for Options 1341 This appendix gives some advice on how to lay out the fields when 1342 designing new options to be used in the Hop-by-Hop Options header or 1343 the Destination Options header, as described in section 4.2. These 1344 guidelines are based on the following assumptions: 1346 o One desirable feature is that any multi-octet fields within the 1347 Option Data area of an option be aligned on their natural 1348 boundaries, i.e., fields of width n octets should be placed at 1349 an integer multiple of n octets from the start of the Hop-by- 1350 Hop or Destination Options header, for n = 1, 2, 4, or 8. 1352 o Another desirable feature is that the Hop-by-Hop or Destination 1353 Options header take up as little space as possible, subject to 1354 the requirement that the header be an integer multiple of 8 1355 octets long. 1357 o It may be assumed that, when either of the option-bearing 1358 headers are present, they carry a very small number of options, 1359 usually only one. 1361 These assumptions suggest the following approach to laying out the 1362 fields of an option: order the fields from smallest to largest, with 1363 no interior padding, then derive the alignment requirement for the 1364 entire option based on the alignment requirement of the largest field 1365 (up to a maximum alignment of 8 octets). This approach is 1366 illustrated in the following examples: 1368 Example 1 1370 If an option X required two data fields, one of length 8 octets and 1371 one of length 4 octets, it would be laid out as follows: 1373 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1374 | Option Type=X |Opt Data Len=12| 1375 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1376 | 4-octet field | 1377 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1378 | | 1379 + 8-octet field + 1380 | | 1381 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1383 Its alignment requirement is 8n+2, to ensure that the 8-octet field 1384 starts at a multiple-of-8 offset from the start of the enclosing 1385 header. A complete Hop-by-Hop or Destination Options header 1386 containing this one option would look as follows: 1388 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1389 | Next Header | Hdr Ext Len=1 | Option Type=X |Opt Data Len=12| 1390 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1391 | 4-octet field | 1392 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1393 | | 1394 + 8-octet field + 1395 | | 1396 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1398 Example 2 1400 If an option Y required three data fields, one of length 4 octets, 1401 one of length 2 octets, and one of length 1 octet, it would be laid 1402 out as follows: 1404 +-+-+-+-+-+-+-+-+ 1405 | Option Type=Y | 1406 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1407 |Opt Data Len=7 | 1-octet field | 2-octet field | 1408 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1409 | 4-octet field | 1410 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1412 Its alignment requirement is 4n+3, to ensure that the 4-octet field 1413 starts at a multiple-of-4 offset from the start of the enclosing 1414 header. A complete Hop-by-Hop or Destination Options header 1415 containing this one option would look as follows: 1417 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1418 | Next Header | Hdr Ext Len=1 | Pad1 Option=0 | Option Type=Y | 1419 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1420 |Opt Data Len=7 | 1-octet field | 2-octet field | 1421 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1422 | 4-octet field | 1423 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1424 | PadN Option=1 |Opt Data Len=2 | 0 | 0 | 1425 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1427 Example 3 1429 A Hop-by-Hop or Destination Options header containing both options X 1430 and Y from Examples 1 and 2 would have one of the two following 1431 formats, depending on which option appeared first: 1433 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1434 | Next Header | Hdr Ext Len=3 | Option Type=X |Opt Data Len=12| 1435 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1436 | 4-octet field | 1437 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1438 | | 1439 + 8-octet field + 1440 | | 1441 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1442 | PadN Option=1 |Opt Data Len=1 | 0 | Option Type=Y | 1443 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1444 |Opt Data Len=7 | 1-octet field | 2-octet field | 1445 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1446 | 4-octet field | 1447 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1448 | PadN Option=1 |Opt Data Len=2 | 0 | 0 | 1449 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1451 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1452 | Next Header | Hdr Ext Len=3 | Pad1 Option=0 | Option Type=Y | 1453 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1454 |Opt Data Len=7 | 1-octet field | 2-octet field | 1455 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1456 | 4-octet field | 1457 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1458 | PadN Option=1 |Opt Data Len=4 | 0 | 0 | 1459 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1460 | 0 | 0 | Option Type=X |Opt Data Len=12| 1461 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1462 | 4-octet field | 1463 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1464 | | 1465 + 8-octet field + 1466 | | 1467 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1469 Appendix B. CHANGES SINCE RFC2460 1471 This memo has the following changes from RFC2460. Numbers identify 1472 the Internet-Draft version in which the change was made. 1474 Working Group Internet Drafts 1476 04) Changed text discussing Fragment ID selection to refer to 1477 RFC7739 for example algorithms. 1479 04) Editorial changes. 1481 03) Clarified the text about decrementing the hop limit. 1483 03) Removed IP Next Generation from the Abstract. 1485 03) Add reference to the end of Section 4 to IPv6 Extension 1486 Header IANA registry. 1488 03) Editorial changes. 1490 02) Added text to Section 4.8 "Defining New Extension Headers and 1491 Options" clarifying why no new hop by hop extension headers 1492 should be defined. 1494 02) Added text to Fragment Header process on handling exact 1495 duplicate fragments. 1497 02) Editorial changes. 1499 01) Added text that Extension headers must never be inserted by 1500 any node other than the source of the packet. 1502 01) Change "must" to "should" in Section 4.3 on the Hop-by-Hop 1503 header. 1505 01) Added text that the Data Transmission Order is the same as 1506 IPv4 as defined in RFC791. 1508 01) Updated the Fragmentation header text to correct the 1509 inclusion of AH and note no next header case. 1511 01) Change terminology in Fragment header section from 1512 "Unfragmentable Headers" to "Per-Fragment Headers". 1514 01) Removed paragraph in Section 5 that required including a 1515 fragment header to outgoing packets if a ICMP Packet Too Big 1516 message reporting a Next-Hop MTU less than 1280. This is 1517 based on the update in draft-ietf-6man-deprecate-atomfrag- 1518 generation-03. 1520 01) Changed to Fragmentation Header section to clarify MTU 1521 restriction and 8-byte restrictions, and noting the 1522 restriction on headers in first fragment. 1524 01) Editorial changes. 1526 00) Add instruction to the IANA to change references to RFC2460 1527 to this document 1529 00) Add a paragraph to the acknowledgement section acknowledging 1530 the authors of the updating documents 1532 00) Remove old paragraph in Section 4 that should have been 1533 removed when incorporating the update from RFC7045. 1535 00) Editorial changes. 1537 Individual Internet Drafts 1539 07) Update references to current versions and assign references 1540 to normative and informative. 1542 07) Editorial changes. 1544 06) The purpose of this draft is to incorporate the updates 1545 dealing with Extension headers as defined in RFC6564, 1546 RFC7045, and RFC7112. The changes include: 1548 RFC6564: Added new Section 4.8 that describe 1549 recommendations for defining new Extension headers and 1550 options 1552 RFC7045: The changes were to add a reference to RFC7045, 1553 change the requirement for processing the hop-by-hop 1554 option to a should, and added a note that due to 1555 performance restrictions some nodes won't process the Hop- 1556 by-Hop Option header. 1558 RFC7112: The changes were to revise the Fragmentation 1559 Section to require that all headers through the first 1560 Upper-Layer Header are in the first fragment. This 1561 changed the text describing how packets are fragmented and 1562 reassembled and added a new error case. 1564 06) Editorial changes. 1566 05) The purpose of this draft is to incorporate the updates 1567 dealing with fragmentation as defined in RFC5722 and RFC6946. 1568 Note: The issue relating to the handling of exact duplicate 1569 fragments identified on the mailing list is left open. 1571 05) Fix text in the end of Section 4.0 to correct the number of 1572 extension headers defined in this document. 1574 05) Editorial changes. 1576 04) The purpose of this draft is to update the document to 1577 incorporate the update made by RFC6935 "UDP Checksums for 1578 Tunneled Packets". 1580 04) Remove Routing (Type 0) header from the list of required 1581 extension headers. 1583 04) Editorial changes. 1585 03) The purpose of this draft is to update the document for the 1586 deprecation of the RH0 Routing Header as specified in RFC5095 1587 and the allocations guidelines for routing headers as 1588 specified in RFC5871. Both of these RFCs updated RFC2460. 1590 02) The purpose of this version of the draft is to update the 1591 document to resolve the open Errata on RFC2460. 1593 Errata ID: 2541: This errata notes that RFC2460 didn't 1594 update RFC2205 when the length of the Flow Label was 1595 changed from 24 to 20 bits from RFC1883. This issue was 1596 resolved in RFC6437 where the Flow Label is defined. This 1597 draft now references RFC6437. No change is required. 1599 Errata ID: 4279: This errata noted that the specification 1600 doesn't handle the case of a forwarding node receiving a 1601 packet with a zero Hop Limit. This is fixed in 1602 Section 3.0 of this draft. Note: No change was made 1603 regarding host behaviour. 1605 Errata ID: 2843: This errata is marked rejected. No 1606 change is required. 1608 02) Editorial changes to the Flow Label and Traffic Class text. 1610 01) The purpose of this version of the draft is to update the 1611 document to point to the current specifications of the IPv6 1612 Flow Label field as defined in [RFC6437] and the Traffic 1613 Class as defined in [RFC2474] and [RFC3168]. 1615 00) The purpose of this version is to establish a baseline from 1616 RFC2460. The only intended changes are formatting (XML is 1617 slightly different from .nroff), differences between an RFC 1618 and Internet Draft, fixing a few ID Nits, and updates to the 1619 authors information. There should not be any content changes 1620 to the specification. 1622 Authors' Addresses 1624 Stephen E. Deering 1625 Retired 1626 Vancouver, British Columbia 1627 Canada 1629 Robert M. Hinden 1630 Check Point Software 1631 959 Skyway Road 1632 San Carlos, CA 94070 1633 USA 1635 Email: bob.hinden@gmail.com