idnits 2.17.1 draft-ietf-6man-rfc2460bis-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 158 has weird spacing: '...r layer a pro...' == Line 172 has weird spacing: '...ighbors nod...' == Line 174 has weird spacing: '...terface a n...' == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (November 15, 2016) is 2712 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-09) exists of draft-ietf-6man-rfc4291bis-06 -- Possible downref: Normative reference to a draft: ref. 'I-D.ietf-6man-rfc4291bis' -- Obsolete informational reference (is this intentional?): RFC 1981 (Obsoleted by RFC 8201) -- Obsolete informational reference (is this intentional?): RFC 2460 (Obsoleted by RFC 8200) Summary: 0 errors (**), 0 flaws (~~), 6 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. Deering 3 Internet-Draft Retired 4 Obsoletes: 2460 (if approved) R. Hinden 5 Intended status: Standards Track Check Point Software 6 Expires: May 19, 2017 November 15, 2016 8 Internet Protocol, Version 6 (IPv6) Specification 9 draft-ietf-6man-rfc2460bis-08 11 Abstract 13 This document specifies version 6 of the Internet Protocol (IPv6). 14 It obsoletes RFC2460 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on May 19, 2017. 33 Copyright Notice 35 Copyright (c) 2016 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 This document may contain material from IETF Documents or IETF 49 Contributions published or made publicly available before November 50 10, 2008. The person(s) controlling the copyright in some of this 51 material may not have granted the IETF Trust the right to allow 52 modifications of such material outside the IETF Standards Process. 53 Without obtaining an adequate license from the person(s) controlling 54 the copyright in such materials, this document may not be modified 55 outside the IETF Standards Process, and derivative works of it may 56 not be created outside the IETF Standards Process, except to format 57 it for publication as an RFC or to translate it into languages other 58 than English. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 63 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 64 3. IPv6 Header Format . . . . . . . . . . . . . . . . . . . . . 5 65 4. IPv6 Extension Headers . . . . . . . . . . . . . . . . . . . 6 66 4.1. Extension Header Order . . . . . . . . . . . . . . . . . 9 67 4.2. Options . . . . . . . . . . . . . . . . . . . . . . . . . 10 68 4.3. Hop-by-Hop Options Header . . . . . . . . . . . . . . . . 12 69 4.4. Routing Header . . . . . . . . . . . . . . . . . . . . . 13 70 4.5. Fragment Header . . . . . . . . . . . . . . . . . . . . . 14 71 4.6. Destination Options Header . . . . . . . . . . . . . . . 21 72 4.7. No Next Header . . . . . . . . . . . . . . . . . . . . . 22 73 4.8. Defining New Extension Headers and Options . . . . . . . 22 74 5. Packet Size Issues . . . . . . . . . . . . . . . . . . . . . 23 75 6. Flow Labels . . . . . . . . . . . . . . . . . . . . . . . . . 24 76 7. Traffic Classes . . . . . . . . . . . . . . . . . . . . . . . 24 77 8. Upper-Layer Protocol Issues . . . . . . . . . . . . . . . . . 25 78 8.1. Upper-Layer Checksums . . . . . . . . . . . . . . . . . . 25 79 8.2. Maximum Packet Lifetime . . . . . . . . . . . . . . . . . 26 80 8.3. Maximum Upper-Layer Payload Size . . . . . . . . . . . . 27 81 8.4. Responding to Packets Carrying Routing Headers . . . . . 27 82 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 28 83 10. Security Considerations . . . . . . . . . . . . . . . . . . . 28 84 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 28 85 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 29 86 12.1. Normative References . . . . . . . . . . . . . . . . . . 29 87 12.2. Informative References . . . . . . . . . . . . . . . . . 29 88 Appendix A. Formatting Guidelines for Options . . . . . . . . . 31 89 Appendix B. CHANGES SINCE RFC2460 . . . . . . . . . . . . . . . 34 90 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 39 92 1. Introduction 94 IP version 6 (IPv6) is a new version of the Internet Protocol, 95 designed as the successor to IP version 4 (IPv4) [RFC0791]. The 96 changes from IPv4 to IPv6 fall primarily into the following 97 categories: 99 o Expanded Addressing Capabilities 101 IPv6 increases the IP address size from 32 bits to 128 bits, to 102 support more levels of addressing hierarchy, a much greater 103 number of addressable nodes, and simpler auto-configuration of 104 addresses. The scalability of multicast routing is improved by 105 adding a "scope" field to multicast addresses. And a new type 106 of address called an "anycast address" is defined, used to send 107 a packet to any one of a group of nodes. 109 o Header Format Simplification 111 Some IPv4 header fields have been dropped or made optional, to 112 reduce the common-case processing cost of packet handling and 113 to limit the bandwidth cost of the IPv6 header. 115 o Improved Support for Extensions and Options 117 Changes in the way IP header options are encoded allows for 118 more efficient forwarding, less stringent limits on the length 119 of options, and greater flexibility for introducing new options 120 in the future. 122 o Flow Labeling Capability 124 A new capability is added to enable the labeling of sequences 125 of packets that the sender requests to be treated in the 126 network as a single flow. 128 o Authentication and Privacy Capabilities 130 Extensions to support authentication, data integrity, and 131 (optional) data confidentiality are specified for IPv6. 133 This document specifies the basic IPv6 header and the initially- 134 defined IPv6 extension headers and options. It also discusses packet 135 size issues, the semantics of flow labels and traffic classes, and 136 the effects of IPv6 on upper-layer protocols. The format and 137 semantics of IPv6 addresses are specified separately in 139 [I-D.ietf-6man-rfc4291bis]. The IPv6 version of ICMP, which all IPv6 140 implementations are required to include, is specified in [RFC4443] 142 The data transmission order for IPv6 is the same as for IPv4 as 143 defined in Appendix B of [RFC0791]. 145 Note: As this document obsoletes [RFC2460], any document referenced 146 in this document that includes pointers to RFC2460, should be 147 interpreted as referencing this document. 149 2. Terminology 151 node a device that implements IPv6. 153 router a node that forwards IPv6 packets not explicitly 154 addressed to itself. [See Note below]. 156 host any node that is not a router. [See Note below]. 158 upper layer a protocol layer immediately above IPv6. Examples are 159 transport protocols such as TCP and UDP, control 160 protocols such as ICMP, routing protocols such as OSPF, 161 and internet or lower-layer protocols being "tunneled" 162 over (i.e., encapsulated in) IPv6 such as IPX, 163 AppleTalk, or IPv6 itself. 165 link a communication facility or medium over which nodes can 166 communicate at the link layer, i.e., the layer 167 immediately below IPv6. Examples are Ethernets (simple 168 or bridged); PPP links; X.25, Frame Relay, or ATM 169 networks; and internet (or higher) layer "tunnels", such 170 as tunnels over IPv4 or IPv6 itself. 172 neighbors nodes attached to the same link. 174 interface a node's attachment to a link. 176 address an IPv6-layer identifier for an interface or a set of 177 interfaces. 179 packet an IPv6 header plus payload. 181 link MTU the maximum transmission unit, i.e., maximum packet size 182 in octets, that can be conveyed over a link. 184 path MTU the minimum link MTU of all the links in a path between 185 a source node and a destination node. 187 Note: it is possible, though unusual, for a device with multiple 188 interfaces to be configured to forward non-self-destined packets 189 arriving from some set (fewer than all) of its interfaces, and to 190 discard non-self-destined packets arriving from its other interfaces. 191 Such a device must obey the protocol requirements for routers when 192 receiving packets from, and interacting with neighbors over, the 193 former (forwarding) interfaces. It must obey the protocol 194 requirements for hosts when receiving packets from, and interacting 195 with neighbors over, the latter (non-forwarding) interfaces. 197 3. IPv6 Header Format 199 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 200 |Version| Traffic Class | Flow Label | 201 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 202 | Payload Length | Next Header | Hop Limit | 203 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 204 | | 205 + + 206 | | 207 + Source Address + 208 | | 209 + + 210 | | 211 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 212 | | 213 + + 214 | | 215 + Destination Address + 216 | | 217 + + 218 | | 219 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 221 Version 4-bit Internet Protocol version number = 6. 223 Traffic Class 8-bit traffic class field. See section 7. 225 Flow Label 20-bit flow label. See section 6. 227 Payload Length 16-bit unsigned integer. Length of the IPv6 228 payload, i.e., the rest of the packet 229 following this IPv6 header, in octets. (Note 230 that any extension headers [section 4] present 231 are considered part of the payload, i.e., 232 included in the length count.) 234 Next Header 8-bit selector. Identifies the type of header 235 immediately following the IPv6 header. Uses 236 the same values as the IPv4 Protocol field 237 [IANA-PN]. 239 Hop Limit 8-bit unsigned integer. Decremented by 1 by 240 each node that forwards the packet. When 241 forwarding, the packet is discarded if Hop 242 Limit was zero when received or is decremented 243 to zero. A node that is the destination of a 244 packet should not discard a packet with hop 245 limit equal to zero, it should process the 246 packet normally. 248 Source Address 128-bit address of the originator of the 249 packet. See [I-D.ietf-6man-rfc4291bis]. 251 Destination Address 128-bit address of the intended recipient of 252 the packet (possibly not the ultimate 253 recipient, if a Routing header is present). 254 See [I-D.ietf-6man-rfc4291bis] and section 255 4.4. 257 4. IPv6 Extension Headers 259 In IPv6, optional internet-layer information is encoded in separate 260 headers that may be placed between the IPv6 header and the upper- 261 layer header in a packet. There is a small number of such extension 262 headers, each one identified by a distinct Next Header value. 264 Extension Headers are numbered from IANA IP Protocol Numbers 265 [IANA-PN], the same values used for IPv4 and IPv6. When processing a 266 sequence of Next Header values in a packet, the first one that is not 267 an Extension Header [IANA-EH] indicates that the next item in the 268 packet is the corresponding upper-layer header. A special "No Next 269 Header" value is used if there is no upper-layer header. 271 As illustrated in these examples, an IPv6 packet may carry zero, one, 272 or more extension headers, each identified by the Next Header field 273 of the preceding header: 275 +---------------+------------------------ 276 | IPv6 header | TCP header + data 277 | | 278 | Next Header = | 279 | TCP | 280 +---------------+------------------------ 282 +---------------+----------------+------------------------ 283 | IPv6 header | Routing header | TCP header + data 284 | | | 285 | Next Header = | Next Header = | 286 | Routing | TCP | 287 +---------------+----------------+------------------------ 289 +---------------+----------------+-----------------+----------------- 290 | IPv6 header | Routing header | Fragment header | fragment of TCP 291 | | | | header + data 292 | Next Header = | Next Header = | Next Header = | 293 | Routing | Fragment | TCP | 294 +---------------+----------------+-----------------+----------------- 296 The insertion of Extension Headers by any node other than the source 297 of the packet causes serious problems. Two examples include breaking 298 the integrity checks provided by the Authentication Header Integrity 299 [RFC4302], and breaking Path MTU Discovery which can result in ICMP 300 error messages being sent to the source of the packet that did not 301 insert the header, rather than the node that inserted the header. 303 One approach to avoid these problems is to encapsulate the packet 304 using another IPv6 header and including the additional extension 305 header after the first IPv6 header, for example, as defined in 306 [RFC2473] 308 With one exception, extension headers are not processed by any node 309 along a packet's delivery path, until the packet reaches the node (or 310 each of the set of nodes, in the case of multicast) identified in the 311 Destination Address field of the IPv6 header. Note: If an 312 intermediate forwarding node examines an extension header for any 313 reason, it must do so in accordance with the provisions of [RFC7045]. 314 At the Destination node, normal demultiplexing on the Next Header 315 field of the IPv6 header invokes the module to process the first 316 extension header, or the upper-layer header if no extension header is 317 present. The contents and semantics of each extension header 318 determine whether or not to proceed to the next header. Therefore, 319 extension headers must be processed strictly in the order they appear 320 in the packet; a receiver must not, for example, scan through a 321 packet looking for a particular kind of extension header and process 322 that header prior to processing all preceding ones. 324 The exception referred to in the preceding paragraph is the Hop-by- 325 Hop Options header, which carries information that may be examined 326 and processed by every node along a packet's delivery path, including 327 the source and destination nodes. The Hop-by-Hop Options header, 328 when present, must immediately follow the IPv6 header. Its presence 329 is indicated by the value zero in the Next Header field of the IPv6 330 header. 332 NOTE: While [RFC2460] required that all nodes must examine and 333 process the Hop-by-Hop Options header, it is now expected that nodes 334 along a packet's delivery path only examine and process the Hop-by- 335 Hop Options header if explicitly configured to do so. 337 If, as a result of processing a header, the destination node is 338 required to proceed to the next header but the Next Header value in 339 the current header is unrecognized by the node, it should discard the 340 packet and send an ICMP Parameter Problem message to the source of 341 the packet, with an ICMP Code value of 1 ("unrecognized Next Header 342 type encountered") and the ICMP Pointer field containing the offset 343 of the unrecognized value within the original packet. The same 344 action should be taken if a node encounters a Next Header value of 345 zero in any header other than an IPv6 header. 347 Each extension header is an integer multiple of 8 octets long, in 348 order to retain 8-octet alignment for subsequent headers. Multi- 349 octet fields within each extension header are aligned on their 350 natural boundaries, i.e., fields of width n octets are placed at an 351 integer multiple of n octets from the start of the header, for n = 1, 352 2, 4, or 8. 354 A full implementation of IPv6 includes implementation of the 355 following extension headers: 357 Hop-by-Hop Options 358 Fragment 359 Destination Options 360 Routing 361 Authentication 362 Encapsulating Security Payload 364 The first four are specified in this document; the last two are 365 specified in [RFC4302] and [RFC4303], respectively. The current list 366 of IPv6 extension headers can be found at [IANA-EH]. 368 4.1. Extension Header Order 370 When more than one extension header is used in the same packet, it is 371 recommended that those headers appear in the following order: 373 IPv6 header 374 Hop-by-Hop Options header 375 Destination Options header (note 1) 376 Routing header 377 Fragment header 378 Authentication header (note 2) 379 Encapsulating Security Payload header (note 2) 380 Destination Options header (note 3) 381 upper-layer header 383 note 1: for options to be processed by the first destination that 384 appears in the IPv6 Destination Address field plus 385 subsequent destinations listed in the Routing header. 387 note 2: additional recommendations regarding the relative order of 388 the Authentication and Encapsulating Security Payload 389 headers are given in [RFC4303]. 391 note 3: for options to be processed only by the final destination 392 of the packet. 394 Each extension header should occur at most once, except for the 395 Destination Options header which should occur at most twice (once 396 before a Routing header and once before the upper-layer header). 398 If the upper-layer header is another IPv6 header (in the case of IPv6 399 being tunneled over or encapsulated in IPv6), it may be followed by 400 its own extension headers, which are separately subject to the same 401 ordering recommendations. 403 If and when other extension headers are defined, their ordering 404 constraints relative to the above listed headers must be specified. 406 IPv6 nodes must accept and attempt to process extension headers in 407 any order and occurring any number of times in the same packet, 408 except for the Hop-by-Hop Options header which is restricted to 409 appear immediately after an IPv6 header only. Nonetheless, it is 410 strongly advised that sources of IPv6 packets adhere to the above 411 recommended order until and unless subsequent specifications revise 412 that recommendation. 414 4.2. Options 416 Two of the currently-defined extension headers defined in this 417 document -- the Hop-by-Hop Options header and the Destination Options 418 header -- carry a variable number of type-length-value (TLV) encoded 419 "options", of the following format: 421 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 422 | Option Type | Opt Data Len | Option Data 423 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 425 Option Type 8-bit identifier of the type of option. 427 Opt Data Len 8-bit unsigned integer. Length of the Option 428 Data field of this option, in octets. 430 Option Data Variable-length field. Option-Type-specific 431 data. 433 The sequence of options within a header must be processed strictly in 434 the order they appear in the header; a receiver must not, for 435 example, scan through the header looking for a particular kind of 436 option and process that option prior to processing all preceding 437 ones. 439 The Option Type identifiers are internally encoded such that their 440 highest-order two bits specify the action that must be taken if the 441 processing IPv6 node does not recognize the Option Type: 443 00 - skip over this option and continue processing the header. 445 01 - discard the packet. 447 10 - discard the packet and, regardless of whether or not the 448 packet's Destination Address was a multicast address, send an 449 ICMP Parameter Problem, Code 2, message to the packet's 450 Source Address, pointing to the unrecognized Option Type. 452 11 - discard the packet and, only if the packet's Destination 453 Address was not a multicast address, send an ICMP Parameter 454 Problem, Code 2, message to the packet's Source Address, 455 pointing to the unrecognized Option Type. 457 The third-highest-order bit of the Option Type specifies whether or 458 not the Option Data of that option can change en-route to the 459 packet's final destination. When an Authentication header is present 460 in the packet, for any option whose data may change en-route, its 461 entire Option Data field must be treated as zero-valued octets when 462 computing or verifying the packet's authenticating value. 464 0 - Option Data does not change en-route 466 1 - Option Data may change en-route 468 The three high-order bits described above are to be treated as part 469 of the Option Type, not independent of the Option Type. That is, a 470 particular option is identified by a full 8-bit Option Type, not just 471 the low-order 5 bits of an Option Type. 473 The same Option Type numbering space is used for both the Hop-by-Hop 474 Options header and the Destination Options header. However, the 475 specification of a particular option may restrict its use to only one 476 of those two headers. 478 Individual options may have specific alignment requirements, to 479 ensure that multi-octet values within Option Data fields fall on 480 natural boundaries. The alignment requirement of an option is 481 specified using the notation xn+y, meaning the Option Type must 482 appear at an integer multiple of x octets from the start of the 483 header, plus y octets. For example: 485 2n means any 2-octet offset from the start of the header. 486 8n+2 means any 8-octet offset from the start of the header, plus 2 487 octets. 489 There are two padding options which are used when necessary to align 490 subsequent options and to pad out the containing header to a multiple 491 of 8 octets in length. These padding options must be recognized by 492 all IPv6 implementations: 494 Pad1 option (alignment requirement: none) 496 +-+-+-+-+-+-+-+-+ 497 | 0 | 498 +-+-+-+-+-+-+-+-+ 499 NOTE! the format of the Pad1 option is a special case -- it does 500 not have length and value fields. 502 The Pad1 option is used to insert one octet of padding into the 503 Options area of a header. If more than one octet of padding is 504 required, the PadN option, described next, should be used, rather 505 than multiple Pad1 options. 507 PadN option (alignment requirement: none) 509 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 510 | 1 | Opt Data Len | Option Data 511 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 513 The PadN option is used to insert two or more octets of padding 514 into the Options area of a header. For N octets of padding, the 515 Opt Data Len field contains the value N-2, and the Option Data 516 consists of N-2 zero-valued octets. 518 Appendix A contains formatting guidelines for designing new options. 520 4.3. Hop-by-Hop Options Header 522 The Hop-by-Hop Options header is used to carry optional information 523 that may be examined and processed by every node along a packet's 524 delivery path. The Hop-by-Hop Options header is identified by a Next 525 Header value of 0 in the IPv6 header, and has the following format: 527 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 528 | Next Header | Hdr Ext Len | | 529 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 530 | | 531 . . 532 . Options . 533 . . 534 | | 535 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 537 Next Header 8-bit selector. Identifies the type of header 538 immediately following the Hop-by-Hop Options 539 header. Uses the same values as the IPv4 540 Protocol field [IANA-PN]. 542 Hdr Ext Len 8-bit unsigned integer. Length of the Hop-by- 543 Hop Options header in 8-octet units, not 544 including the first 8 octets. 546 Options Variable-length field, of length such that the 547 complete Hop-by-Hop Options header is an 548 integer multiple of 8 octets long. Contains 549 one or more TLV-encoded options, as described 550 in section 4.2. 552 The only hop-by-hop options defined in this document are the Pad1 and 553 PadN options specified in section 4.2. 555 4.4. Routing Header 557 The Routing header is used by an IPv6 source to list one or more 558 intermediate nodes to be "visited" on the way to a packet's 559 destination. This function is very similar to IPv4's Loose Source 560 and Record Route option. The Routing header is identified by a Next 561 Header value of 43 in the immediately preceding header, and has the 562 following format: 564 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 565 | Next Header | Hdr Ext Len | Routing Type | Segments Left | 566 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 567 | | 568 . . 569 . type-specific data . 570 . . 571 | | 572 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 574 Next Header 8-bit selector. Identifies the type of header 575 immediately following the Routing header. 576 Uses the same values as the IPv4 Protocol 577 field [IANA-PN]. 579 Hdr Ext Len 8-bit unsigned integer. Length of the Routing 580 header in 8-octet units, not including the 581 first 8 octets. 583 Routing Type 8-bit identifier of a particular Routing 584 header variant. 586 Segments Left 8-bit unsigned integer. Number of route 587 segments remaining, i.e., number of explicitly 588 listed intermediate nodes still to be visited 589 before reaching the final destination. 591 type-specific data Variable-length field, of format determined by 592 the Routing Type, and of length such that the 593 complete Routing header is an integer multiple 594 of 8 octets long. 596 If, while processing a received packet, a node encounters a Routing 597 header with an unrecognized Routing Type value, the required behavior 598 of the node depends on the value of the Segments Left field, as 599 follows: 601 If Segments Left is zero, the node must ignore the Routing header 602 and proceed to process the next header in the packet, whose type 603 is identified by the Next Header field in the Routing header. 605 If Segments Left is non-zero, the node must discard the packet and 606 send an ICMP Parameter Problem, Code 0, message to the packet's 607 Source Address, pointing to the unrecognized Routing Type. 609 If, after processing a Routing header of a received packet, an 610 intermediate node determines that the packet is to be forwarded onto 611 a link whose link MTU is less than the size of the packet, the node 612 must discard the packet and send an ICMP Packet Too Big message to 613 the packet's Source Address. 615 The currently defined IPv6 Routing Headers and their status can be 616 found at [IANA-RH]. Allocation guidelines for IPv6 Routing Headers 617 can be found in [RFC5871]. 619 4.5. Fragment Header 621 The Fragment header is used by an IPv6 source to send a packet larger 622 than would fit in the path MTU to its destination. (Note: unlike 623 IPv4, fragmentation in IPv6 is performed only by source nodes, not by 624 routers along a packet's delivery path -- see section 5.) The 625 Fragment header is identified by a Next Header value of 44 in the 626 immediately preceding header, and has the following format: 628 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 629 | Next Header | Reserved | Fragment Offset |Res|M| 630 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 631 | Identification | 632 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 633 Next Header 8-bit selector. Identifies the initial header 634 type of the Fragmentable Part of the original 635 packet (defined below). Uses the same values 636 as the IPv4 Protocol field [IANA-PN]. 638 Reserved 8-bit reserved field. Initialized to zero for 639 transmission; ignored on reception. 641 Fragment Offset 13-bit unsigned integer. The offset, in 642 8-octet units, of the data following this 643 header, relative to the start of the 644 Fragmentable Part of the original packet. 646 Res 2-bit reserved field. Initialized to zero for 647 transmission; ignored on reception. 649 M flag 1 = more fragments; 0 = last fragment. 651 Identification 32 bits. See description below. 653 In order to send a packet that is too large to fit in the MTU of the 654 path to its destination, a source node may divide the packet into 655 fragments and send each fragment as a separate packet, to be 656 reassembled at the receiver. 658 For every packet that is to be fragmented, the source node generates 659 an Identification value. The Identification must be different than 660 that of any other fragmented packet sent recently* with the same 661 Source Address and Destination Address. If a Routing header is 662 present, the Destination Address of concern is that of the final 663 destination. 665 * "recently" means within the maximum likely lifetime of a 666 packet, including transit time from source to destination and 667 time spent awaiting reassembly with other fragments of the same 668 packet. However, it is not required that a source node know 669 the maximum packet lifetime. Rather, it is assumed that the 670 requirement can be met by implementing an algorithm that 671 results in a low identification reuse frequency. Examples of 672 algorithms that can meet this requirement are described in 673 [RFC7739]. 675 The initial, large, unfragmented packet is referred to as the 676 "original packet", and it is considered to consist of three parts, as 677 illustrated: 679 original packet: 681 +------------------+-------------------------+---//----------------+ 682 | Per-Fragment | Extension & Upper-Layer | Fragmentable | 683 | Headers | Headers | Part | 684 +------------------+-------------------------+---//----------------+ 686 The Per-Fragment Headers consists of the IPv6 header plus any 687 extension headers that must be processed by nodes en route to the 688 destination, that is, all headers up to and including the Routing 689 header if present, else the Hop-by-Hop Options header if present, 690 else no extension headers. 692 The Extension Headers are all other extension headers that are not 693 included in the Per-Fragment headers part of the packet. For this 694 purpose, the Encapsulating Security Payload (ESP) is not 695 considered an extension header. The Upper-Layer Header is the 696 first upper-layer header that is not an IPv6 extension header. 697 Examples of upper-layer headers include TCP, UDP, IPv4, IPv6, 698 ICMPv6, and as noted ESP. 700 The Fragmentable Part consists of the rest of the packet after the 701 upper-layer header or after any header (i.e., initial IPv6 header 702 or extension header) that contains a Next Header value of No Next 703 Header. 705 The Fragmentable Part of the original packet is divided into 706 fragments. The lengths of the fragments must be chosen such that the 707 resulting fragment packets fit within the MTU of the path to the 708 packets' destination(s). Each complete fragment, except possibly the 709 last ("rightmost") one, being an integer multiple of 8 octets long. 711 The fragments are transmitted in separate "fragment packets" as 712 illustrated: 714 original packet: 716 +-----------------+-----------------+--------+--------+-//-+--------+ 717 | Per-Fragment |Ext & Upper-Layer| first | second | | last | 718 | Headers | Headers |fragment|fragment|....|fragment| 719 +-----------------+-----------------+--------+--------+-//-+--------+ 721 fragment packets: 723 +------------------+---------+-------------------+----------+ 724 | Per-Fragment |Fragment | Ext & Upper-Layer | first | 725 | Headers | Header | Headers | fragment | 726 +------------------+---------+-------------------+----------+ 728 +------------------+--------+-------------------------------+ 729 | Per-Fragment |Fragment| second | 730 | Headers | Header | fragment | 731 +------------------+--------+-------------------------------+ 732 o 733 o 734 o 735 +------------------+--------+----------+ 736 | Per-Fragment |Fragment| last | 737 | Headers | Header | fragment | 738 +------------------+--------+----------+ 740 The first fragment packet is composed of: 742 (1) The Per-Fragment Headers of the original packet, with the 743 Payload Length of the original IPv6 header changed to contain the 744 length of this fragment packet only (excluding the length of the 745 IPv6 header itself), and the Next Header field of the last header 746 of the Per-Fragment Headers changed to 44. 748 (2) A Fragment header containing: 750 The Next Header value that identifies the first header after 751 the Per-Fragment Headers of the original packet. 753 A Fragment Offset containing the offset of the fragment, in 754 8-octet units, relative to the start of the Fragmentable Part 755 of the original packet. The Fragment Offset of the first 756 ("leftmost") fragment is 0. 758 An M flag value of 1 as this is the first fragment. 760 The Identification value generated for the original packet. 762 (3) Extension Headers, if any, and the Upper-Layer header. These 763 headers must be in the first fragment. Note: This restricts the 764 size of the headers through the Upper-Layer header to the MTU of 765 the path to the packets' destinations(s). 767 (4) The first fragment. 769 The subsequent fragment packets are composed of: 771 (1) The Per-Fragment Headers of the original packet, with the 772 Payload Length of the original IPv6 header changed to contain the 773 length of this fragment packet only (excluding the length of the 774 IPv6 header itself), and the Next Header field of the last header 775 of the Per-Fragment Headers changed to 44. 777 (2) A Fragment header containing: 779 The Next Header value that identifies the first header after 780 the Per-Fragment Headers of the original packet. 782 A Fragment Offset containing the offset of the fragment, in 783 8-octet units, relative to the start of the Fragmentable part 784 of the original packet. 786 An M flag value of 0 if the fragment is the last ("rightmost") 787 one, else an M flag value of 1. 789 The Identification value generated for the original packet. 791 (3) The fragment itself. 793 Fragments must not be created that overlap with any other fragments 794 created from the original packet. 796 At the destination, fragment packets are reassembled into their 797 original, unfragmented form, as illustrated: 799 reassembled original packet: 801 +---------------+-----------------+---------+--------+-//--+--------+ 802 | Per-Fragment |Ext & Upper-Layer| first | second | | last | 803 | Headers | Headers |frag data|fragment|.....|fragment| 804 +---------------+-----------------+---------+--------+-//--+--------+ 806 The following rules govern reassembly: 808 An original packet is reassembled only from fragment packets that 809 have the same Source Address, Destination Address, and Fragment 810 Identification. 812 The Per-Fragment Headers of the reassembled packet consists of all 813 headers up to, but not including, the Fragment header of the first 814 fragment packet (that is, the packet whose Fragment Offset is 815 zero), with the following two changes: 817 The Next Header field of the last header of the Per-Fragment 818 Headers is obtained from the Next Header field of the first 819 fragment's Fragment header. 821 The Payload Length of the reassembled packet is computed from 822 the length of the Per-Fragment Headers and the length and 823 offset of the last fragment. For example, a formula for 824 computing the Payload Length of the reassembled original packet 825 is: 827 PL.orig = PL.first - FL.first - 8 + (8 * FO.last) + FL.last 829 where 830 PL.orig = Payload Length field of reassembled packet. 831 PL.first = Payload Length field of first fragment packet. 832 FL.first = length of fragment following Fragment header of 833 first fragment packet. 834 FO.last = Fragment Offset field of Fragment header of last 835 fragment packet. 836 FL.last = length of fragment following Fragment header of 837 last fragment packet. 839 The Fragmentable Part of the reassembled packet is constructed 840 from the fragments following the Fragment headers in each of 841 the fragment packets. The length of each fragment is computed 842 by subtracting from the packet's Payload Length the length of 843 the headers between the IPv6 header and fragment itself; its 844 relative position in Fragmentable Part is computed from its 845 Fragment Offset value. 847 The Fragment header is not present in the final, reassembled 848 packet. 850 If the fragment is a whole datagram (that is, both the Fragment 851 Offset field and the M flag are zero), then it does not need 852 any further reassembly and should be processed as a fully 853 reassembled packet (i.e., updating Next Header, adjust Payload 854 Length, removing the Fragmentation Header, etc.). Any other 855 fragments that match this packet (i.e., the same IPv6 Source 856 Address, IPv6 Destination Address, and Fragment Identification) 857 should be processed independently. 859 The following error conditions may arise when reassembling fragmented 860 packets: 862 o If insufficient fragments are received to complete reassembly 863 of a packet within 60 seconds of the reception of the first- 864 arriving fragment of that packet, reassembly of that packet 865 must be abandoned and all the fragments that have been received 866 for that packet must be discarded. If the first fragment 867 (i.e., the one with a Fragment Offset of zero) has been 868 received, an ICMP Time Exceeded -- Fragment Reassembly Time 869 Exceeded message should be sent to the source of that fragment. 871 o If the length of a fragment, as derived from the fragment 872 packet's Payload Length field, is not a multiple of 8 octets 873 and the M flag of that fragment is 1, then that fragment must 874 be discarded and an ICMP Parameter Problem, Code 0, message 875 should be sent to the source of the fragment, pointing to the 876 Payload Length field of the fragment packet. 878 o If the length and offset of a fragment are such that the 879 Payload Length of the packet reassembled from that fragment 880 would exceed 65,535 octets, then that fragment must be 881 discarded and an ICMP Parameter Problem, Code 0, message should 882 be sent to the source of the fragment, pointing to the Fragment 883 Offset field of the fragment packet. 885 o If the first fragment does not include all headers through an 886 Upper-Layer header, then that fragment should be discarded and 887 an ICMP Parameter Problem, Code 3, message should be sent to 888 the source of the fragment, with the Pointer field set to zero. 890 o If any of the fragments being reassembled overlaps with any 891 other fragments being reassembled for the same packet, 892 reassembly of that packet must be abandoned and all the 893 fragments that have been received for that packet must be 894 discarded and no ICMP error messages should be sent. 896 It should be noted that fragments may be duplicated in the 897 network. Instead of treating these exact duplicate fragments 898 as an overlapping fragments, an implementation may choose to 899 detect this case and drop exact duplicate fragments while 900 keeping the other fragments belonging to the same packet. 902 The following conditions are not expected to occur, but are not 903 considered errors if they do: 905 The number and content of the headers preceding the Fragment 906 header of different fragments of the same original packet may 907 differ. Whatever headers are present, preceding the Fragment 908 header in each fragment packet, are processed when the packets 909 arrive, prior to queueing the fragments for reassembly. Only 910 those headers in the Offset zero fragment packet are retained in 911 the reassembled packet. 913 The Next Header values in the Fragment headers of different 914 fragments of the same original packet may differ. Only the value 915 from the Offset zero fragment packet is used for reassembly. 917 4.6. Destination Options Header 919 The Destination Options header is used to carry optional information 920 that need be examined only by a packet's destination node(s). The 921 Destination Options header is identified by a Next Header value of 60 922 in the immediately preceding header, and has the following format: 924 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 925 | Next Header | Hdr Ext Len | | 926 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 927 | | 928 . . 929 . Options . 930 . . 931 | | 932 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 934 Next Header 8-bit selector. Identifies the type of header 935 immediately following the Destination Options 936 header. Uses the same values as the IPv4 937 Protocol field [IANA-PN]. 939 Hdr Ext Len 8-bit unsigned integer. Length of the 940 Destination Options header in 8-octet units, 941 not including the first 8 octets. 943 Options Variable-length field, of length such that the 944 complete Destination Options header is an 945 integer multiple of 8 octets long. Contains 946 one or more TLV-encoded options, as described 947 in section 4.2. 949 The only destination options defined in this document are the Pad1 950 and PadN options specified in section 4.2. 952 Note that there are two possible ways to encode optional destination 953 information in an IPv6 packet: either as an option in the Destination 954 Options header, or as a separate extension header. The Fragment 955 header and the Authentication header are examples of the latter 956 approach. Which approach can be used depends on what action is 957 desired of a destination node that does not understand the optional 958 information: 960 o If the desired action is for the destination node to discard 961 the packet and, only if the packet's Destination Address is not 962 a multicast address, send an ICMP Unrecognized Type message to 963 the packet's Source Address, then the information may be 964 encoded either as a separate header or as an option in the 965 Destination Options header whose Option Type has the value 11 966 in its highest-order two bits. The choice may depend on such 967 factors as which takes fewer octets, or which yields better 968 alignment or more efficient parsing. 970 o If any other action is desired, the information must be encoded 971 as an option in the Destination Options header whose Option 972 Type has the value 00, 01, or 10 in its highest-order two bits, 973 specifying the desired action (see section 4.2). 975 4.7. No Next Header 977 The value 59 in the Next Header field of an IPv6 header or any 978 extension header indicates that there is nothing following that 979 header. If the Payload Length field of the IPv6 header indicates the 980 presence of octets past the end of a header whose Next Header field 981 contains 59, those octets must be ignored, and passed on unchanged if 982 the packet is forwarded. 984 4.8. Defining New Extension Headers and Options 986 New extension headers that require hop-by-hop behavior must not be 987 defined because as specified in Section 4 of this document, the only 988 Extension Header that has hop-by-hop behavior is the Hop-by-Hop 989 Options header. 991 New hop-by-hop options are not recommended because nodes may be 992 configured to ignore the Hop-by-Hop Option header, drop packets 993 containing a hop-by-hop header, or assign packets containing a hop- 994 by-hop header to a slow processing path. Designers considering 995 defining new hop-by-hop options need to be aware of this likely 996 behaviour. There has to a very clear justification why any new hop- 997 by-hop option is needed before it is standardized. 999 Defining new IPv6 extension headers is not recommended. There has to 1000 a very clear justification why any new extension header is needed 1001 before it is standardized. Instead of defining new Extension 1002 Headers, it is recommended that the Destination Options header is 1003 used to carry optional information that need be examined only by a 1004 packet's destination node(s), because they provide better handling 1005 and backward compatibility. 1007 If new Extension Headers are defined, they need to use the following 1008 format: 1010 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1011 | Next Header | Hdr Ext Len | | 1012 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 1013 | | 1014 . . 1015 . Header Specific Data . 1016 . . 1017 | | 1018 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1020 Next Header 8-bit selector. Identifies the type of 1021 header immediately following the extension 1022 header. Uses the same values as the IPv4 1023 Protocol field [IANA-PN]. 1025 Hdr Ext Len 8-bit unsigned integer. Length of the 1026 Destination Options header in 8-octet units, 1027 not including the first 8 octets. 1029 Header Specific Data Variable-length field, Fields specific to 1030 the extension header. 1032 5. Packet Size Issues 1034 IPv6 requires that every link in the internet have an MTU of 1280 1035 octets or greater. On any link that cannot convey a 1280-octet 1036 packet in one piece, link-specific fragmentation and reassembly must 1037 be provided at a layer below IPv6. 1039 Links that have a configurable MTU (for example, PPP links [RFC1661]) 1040 must be configured to have an MTU of at least 1280 octets; it is 1041 recommended that they be configured with an MTU of 1500 octets or 1042 greater, to accommodate possible encapsulations (i.e., tunneling) 1043 without incurring IPv6-layer fragmentation. 1045 From each link to which a node is directly attached, the node must be 1046 able to accept packets as large as that link's MTU. 1048 It is strongly recommended that IPv6 nodes implement Path MTU 1049 Discovery [RFC1981], in order to discover and take advantage of path 1050 MTUs greater than 1280 octets. However, a minimal IPv6 1051 implementation (e.g., in a boot ROM) may simply restrict itself to 1052 sending packets no larger than 1280 octets, and omit implementation 1053 of Path MTU Discovery. 1055 In order to send a packet larger than a path's MTU, a node may use 1056 the IPv6 Fragment header to fragment the packet at the source and 1057 have it reassembled at the destination(s). However, the use of such 1058 fragmentation is discouraged in any application that is able to 1059 adjust its packets to fit the measured path MTU (i.e., down to 1280 1060 octets). 1062 A node must be able to accept a fragmented packet that, after 1063 reassembly, is as large as 1500 octets. A node is permitted to 1064 accept fragmented packets that reassemble to more than 1500 octets. 1065 An upper-layer protocol or application that depends on IPv6 1066 fragmentation to send packets larger than the MTU of a path should 1067 not send packets larger than 1500 octets unless it has assurance that 1068 the destination is capable of reassembling packets of that larger 1069 size. 1071 6. Flow Labels 1073 The 20-bit Flow Label field in the IPv6 header is used by a source to 1074 label sequences of packets to be treated in the network as a single 1075 flow. 1077 The current definition of the IPv6 Flow Label can be found in 1078 [RFC6437]. 1080 7. Traffic Classes 1082 The 8-bit Traffic Class field in the IPv6 header is used by the 1083 network for traffic management. The value of the Traffic Class bits 1084 in a received packet might be different from the value sent by the 1085 packet's source. 1087 The current use of the Traffic Class field for Differentiated 1088 Services and Explicit Congestion Notification is specified in 1089 [RFC2474] and [RFC3168]. 1091 8. Upper-Layer Protocol Issues 1093 8.1. Upper-Layer Checksums 1095 Any transport or other upper-layer protocol that includes the 1096 addresses from the IP header in its checksum computation must be 1097 modified for use over IPv6, to include the 128-bit IPv6 addresses 1098 instead of 32-bit IPv4 addresses. In particular, the following 1099 illustration shows the TCP and UDP "pseudo-header" for IPv6: 1101 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1102 | | 1103 + + 1104 | | 1105 + Source Address + 1106 | | 1107 + + 1108 | | 1109 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1110 | | 1111 + + 1112 | | 1113 + Destination Address + 1114 | | 1115 + + 1116 | | 1117 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1118 | Upper-Layer Packet Length | 1119 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1120 | zero | Next Header | 1121 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1123 o If the IPv6 packet contains a Routing header, the Destination 1124 Address used in the pseudo-header is that of the final 1125 destination. At the originating node, that address will be in 1126 the last element of the Routing header; at the recipient(s), 1127 that address will be in the Destination Address field of the 1128 IPv6 header. 1130 o The Next Header value in the pseudo-header identifies the 1131 upper-layer protocol (e.g., 6 for TCP, or 17 for UDP). It will 1132 differ from the Next Header value in the IPv6 header if there 1133 are extension headers between the IPv6 header and the upper- 1134 layer header. 1136 o The Upper-Layer Packet Length in the pseudo-header is the 1137 length of the upper-layer header and data (e.g., TCP header 1138 plus TCP data). Some upper-layer protocols carry their own 1139 length information (e.g., the Length field in the UDP header); 1140 for such protocols, that is the length used in the pseudo- 1141 header. Other protocols (such as TCP) do not carry their own 1142 length information, in which case the length used in the 1143 pseudo-header is the Payload Length from the IPv6 header, minus 1144 the length of any extension headers present between the IPv6 1145 header and the upper-layer header. 1147 o Unlike IPv4, the default behavior when UDP packets are 1148 originated by an IPv6 node, is that the UDP checksum is not 1149 optional. That is, whenever originating a UDP packet, an IPv6 1150 node must compute a UDP checksum over the packet and the 1151 pseudo-header, and, if that computation yields a result of 1152 zero, it must be changed to hex FFFF for placement in the UDP 1153 header. IPv6 receivers must discard UDP packets containing a 1154 zero checksum, and should log the error. 1156 o As an exception to the default behaviour, protocols that use 1157 UDP as a tunnel encapsulation may enable zero-checksum mode for 1158 a specific port (or set of ports) for sending and/or receiving. 1159 Any node implementing zero-checksum mode must follow the 1160 requirements specified in "Applicability Statement for the use 1161 of IPv6 UDP Datagrams with Zero Checksums" [RFC6936]. 1163 The IPv6 version of ICMP [RFC4443] includes the above pseudo-header 1164 in its checksum computation; this is a change from the IPv4 version 1165 of ICMP, which does not include a pseudo-header in its checksum. The 1166 reason for the change is to protect ICMP from misdelivery or 1167 corruption of those fields of the IPv6 header on which it depends, 1168 which, unlike IPv4, are not covered by an internet-layer checksum. 1169 The Next Header field in the pseudo-header for ICMP contains the 1170 value 58, which identifies the IPv6 version of ICMP. 1172 8.2. Maximum Packet Lifetime 1174 Unlike IPv4, IPv6 nodes are not required to enforce maximum packet 1175 lifetime. That is the reason the IPv4 "Time to Live" field was 1176 renamed "Hop Limit" in IPv6. In practice, very few, if any, IPv4 1177 implementations conform to the requirement that they limit packet 1178 lifetime, so this is not a change in practice. Any upper-layer 1179 protocol that relies on the internet layer (whether IPv4 or IPv6) to 1180 limit packet lifetime ought to be upgraded to provide its own 1181 mechanisms for detecting and discarding obsolete packets. 1183 8.3. Maximum Upper-Layer Payload Size 1185 When computing the maximum payload size available for upper-layer 1186 data, an upper-layer protocol must take into account the larger size 1187 of the IPv6 header relative to the IPv4 header. For example, in 1188 IPv4, TCP's MSS option is computed as the maximum packet size (a 1189 default value or a value learned through Path MTU Discovery) minus 40 1190 octets (20 octets for the minimum-length IPv4 header and 20 octets 1191 for the minimum-length TCP header). When using TCP over IPv6, the 1192 MSS must be computed as the maximum packet size minus 60 octets, 1193 because the minimum-length IPv6 header (i.e., an IPv6 header with no 1194 extension headers) is 20 octets longer than a minimum-length IPv4 1195 header. 1197 8.4. Responding to Packets Carrying Routing Headers 1199 When an upper-layer protocol sends one or more packets in response to 1200 a received packet that included a Routing header, the response 1201 packet(s) must not include a Routing header that was automatically 1202 derived by "reversing" the received Routing header UNLESS the 1203 integrity and authenticity of the received Source Address and Routing 1204 header have been verified (e.g., via the use of an Authentication 1205 header in the received packet). In other words, only the following 1206 kinds of packets are permitted in response to a received packet 1207 bearing a Routing header: 1209 o Response packets that do not carry Routing headers. 1211 o Response packets that carry Routing headers that were NOT 1212 derived by reversing the Routing header of the received packet 1213 (for example, a Routing header supplied by local 1214 configuration). 1216 o Response packets that carry Routing headers that were derived 1217 by reversing the Routing header of the received packet IF AND 1218 ONLY IF the integrity and authenticity of the Source Address 1219 and Routing header from the received packet have been verified 1220 by the responder. 1222 9. IANA Considerations 1224 RFC2460 is referenced in a number of IANA registries. These include: 1226 o Internet Protocol Version 6 (IPv6) Parameters [IANA-6P] 1228 o Assigned Internet Protocol Numbers [IANA-PN] 1230 o ONC RPC Network Identifiers (netids) [IANA-NI] 1232 o Technical requirements for authoritative name servers [IANA-NS] 1234 o Network Layer Protocol Identifiers (NLPIDs) of Interest 1235 [IANA-NL] 1237 o Protocol Registries [IANA-PR] 1239 o Structure of Management Information (SMI) Numbers (MIB Module 1240 Registrations) [IANA-MI] 1242 The IANA should update these references to point to this document. 1244 10. Security Considerations 1246 IPv6, from the viewpoint of the basic format and transmission of 1247 packets, has security properties similar to IPv4. Risks of 1248 corruption, forgery, and interception of packets, resulting in the 1249 exposure of private information, may be mitigated by use of the 1250 Security Architecture for the Internet Protocol [RFC4301] or 1251 encryption at higher layers of the protocol stack. 1253 11. Acknowledgments 1255 The authors gratefully acknowledge the many helpful suggestions of 1256 the members of the IPng working group, the End-to-End Protocols 1257 research group, and the Internet Community At Large. 1259 The authors would also like to acknowledge the authors of the 1260 updating RFCs that were incorporated in this version of the document 1261 to move the IPv6 specification to Internet Standard. They are Joe 1262 Abley, Shane Amante, Jari Arkko, Manav Bhatia, Ronald P. Bonica, 1263 Scott Bradner, Brian Carpenter, P.F. Chimento, Marshall Eubanks, 1264 Fernando Gont, James Hoagland, Sheng Jiang, Erik Kline, Suresh 1265 Krishnan, Vishwas Manral, George Neville-Neil, Jarno Rajahalme, Pekka 1266 Savola, Magnus Westerlund, and James Woodyatt. 1268 12. References 1270 12.1. Normative References 1272 [I-D.ietf-6man-rfc4291bis] 1273 Hinden, R. and S. <>, "IP Version 6 Addressing 1274 Architecture", draft-ietf-6man-rfc4291bis-06 (work in 1275 progress), November 2016. 1277 [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, DOI 1278 10.17487/RFC0791, September 1981, 1279 . 1281 [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, 1282 "Definition of the Differentiated Services Field (DS 1283 Field) in the IPv4 and IPv6 Headers", RFC 2474, DOI 1284 10.17487/RFC2474, December 1998, 1285 . 1287 [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition 1288 of Explicit Congestion Notification (ECN) to IP", RFC 1289 3168, DOI 10.17487/RFC3168, September 2001, 1290 . 1292 [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet 1293 Control Message Protocol (ICMPv6) for the Internet 1294 Protocol Version 6 (IPv6) Specification", RFC 4443, DOI 1295 10.17487/RFC4443, March 2006, 1296 . 1298 [RFC6437] Amante, S., Carpenter, B., Jiang, S., and J. Rajahalme, 1299 "IPv6 Flow Label Specification", RFC 6437, DOI 10.17487/ 1300 RFC6437, November 2011, 1301 . 1303 12.2. Informative References 1305 [IANA-6P] "Internet Protocol Version 6 (IPv6) Parameters", 1306 . 1309 [IANA-EH] "IPv6 Extension Header Types", 1310 . 1313 [IANA-MI] "Structure of Management Information (SMI) Numbers (MIB 1314 Module Registrations)", < http://www.iana.org/assignments/ 1315 smi-numbers/smi-numbers.xhtml>. 1317 [IANA-NI] "ONC RPC Network Identifiers (netids)", 1318 . 1321 [IANA-NL] "Network Layer Protocol Identifiers (NLPIDs) of Interest", 1322 . 1324 [IANA-NS] "Technical requirements for authoritative name servers", 1325 . 1327 [IANA-PN] "Assigned Internet Protocol Numbers", 1328 . 1331 [IANA-PR] "Protocol Registries", . 1333 [IANA-RH] "IANA Routing Types Parameter Registry", 1334 . 1337 [RFC1661] Simpson, W., Ed., "The Point-to-Point Protocol (PPP)", STD 1338 51, RFC 1661, DOI 10.17487/RFC1661, July 1994, 1339 . 1341 [RFC1981] McCann, J., Deering, S., and J. Mogul, "Path MTU Discovery 1342 for IP version 6", RFC 1981, DOI 10.17487/RFC1981, August 1343 1996, . 1345 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1346 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 1347 December 1998, . 1349 [RFC2473] Conta, A. and S. Deering, "Generic Packet Tunneling in 1350 IPv6 Specification", RFC 2473, DOI 10.17487/RFC2473, 1351 December 1998, . 1353 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 1354 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 1355 December 2005, . 1357 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, DOI 1358 10.17487/RFC4302, December 2005, 1359 . 1361 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 1362 4303, DOI 10.17487/RFC4303, December 2005, 1363 . 1365 [RFC5871] Arkko, J. and S. Bradner, "IANA Allocation Guidelines for 1366 the IPv6 Routing Header", RFC 5871, DOI 10.17487/RFC5871, 1367 May 2010, . 1369 [RFC6936] Fairhurst, G. and M. Westerlund, "Applicability Statement 1370 for the Use of IPv6 UDP Datagrams with Zero Checksums", 1371 RFC 6936, DOI 10.17487/RFC6936, April 2013, 1372 . 1374 [RFC7045] Carpenter, B. and S. Jiang, "Transmission and Processing 1375 of IPv6 Extension Headers", RFC 7045, DOI 10.17487/ 1376 RFC7045, December 2013, 1377 . 1379 [RFC7739] Gont, F., "Security Implications of Predictable Fragment 1380 Identification Values", RFC 7739, DOI 10.17487/RFC7739, 1381 February 2016, . 1383 Appendix A. Formatting Guidelines for Options 1385 This appendix gives some advice on how to lay out the fields when 1386 designing new options to be used in the Hop-by-Hop Options header or 1387 the Destination Options header, as described in section 4.2. These 1388 guidelines are based on the following assumptions: 1390 o One desirable feature is that any multi-octet fields within the 1391 Option Data area of an option be aligned on their natural 1392 boundaries, i.e., fields of width n octets should be placed at 1393 an integer multiple of n octets from the start of the Hop-by- 1394 Hop or Destination Options header, for n = 1, 2, 4, or 8. 1396 o Another desirable feature is that the Hop-by-Hop or Destination 1397 Options header take up as little space as possible, subject to 1398 the requirement that the header be an integer multiple of 8 1399 octets long. 1401 o It may be assumed that, when either of the option-bearing 1402 headers are present, they carry a very small number of options, 1403 usually only one. 1405 These assumptions suggest the following approach to laying out the 1406 fields of an option: order the fields from smallest to largest, with 1407 no interior padding, then derive the alignment requirement for the 1408 entire option based on the alignment requirement of the largest field 1409 (up to a maximum alignment of 8 octets). This approach is 1410 illustrated in the following examples: 1412 Example 1 1414 If an option X required two data fields, one of length 8 octets and 1415 one of length 4 octets, it would be laid out as follows: 1417 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1418 | Option Type=X |Opt Data Len=12| 1419 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1420 | 4-octet field | 1421 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1422 | | 1423 + 8-octet field + 1424 | | 1425 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1427 Its alignment requirement is 8n+2, to ensure that the 8-octet field 1428 starts at a multiple-of-8 offset from the start of the enclosing 1429 header. A complete Hop-by-Hop or Destination Options header 1430 containing this one option would look as follows: 1432 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1433 | Next Header | Hdr Ext Len=1 | Option Type=X |Opt Data Len=12| 1434 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1435 | 4-octet field | 1436 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1437 | | 1438 + 8-octet field + 1439 | | 1440 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1442 Example 2 1444 If an option Y required three data fields, one of length 4 octets, 1445 one of length 2 octets, and one of length 1 octet, it would be laid 1446 out as follows: 1448 +-+-+-+-+-+-+-+-+ 1449 | Option Type=Y | 1450 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1451 |Opt Data Len=7 | 1-octet field | 2-octet field | 1452 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1453 | 4-octet field | 1454 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1456 Its alignment requirement is 4n+3, to ensure that the 4-octet field 1457 starts at a multiple-of-4 offset from the start of the enclosing 1458 header. A complete Hop-by-Hop or Destination Options header 1459 containing this one option would look as follows: 1461 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1462 | Next Header | Hdr Ext Len=1 | Pad1 Option=0 | Option Type=Y | 1463 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1464 |Opt Data Len=7 | 1-octet field | 2-octet field | 1465 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1466 | 4-octet field | 1467 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1468 | PadN Option=1 |Opt Data Len=2 | 0 | 0 | 1469 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1471 Example 3 1473 A Hop-by-Hop or Destination Options header containing both options X 1474 and Y from Examples 1 and 2 would have one of the two following 1475 formats, depending on which option appeared first: 1477 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1478 | Next Header | Hdr Ext Len=3 | Option Type=X |Opt Data Len=12| 1479 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1480 | 4-octet field | 1481 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1482 | | 1483 + 8-octet field + 1484 | | 1485 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1486 | PadN Option=1 |Opt Data Len=1 | 0 | Option Type=Y | 1487 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1488 |Opt Data Len=7 | 1-octet field | 2-octet field | 1489 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1490 | 4-octet field | 1491 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1492 | PadN Option=1 |Opt Data Len=2 | 0 | 0 | 1493 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1495 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1496 | Next Header | Hdr Ext Len=3 | Pad1 Option=0 | Option Type=Y | 1497 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1498 |Opt Data Len=7 | 1-octet field | 2-octet field | 1499 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1500 | 4-octet field | 1501 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1502 | PadN Option=1 |Opt Data Len=4 | 0 | 0 | 1503 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1504 | 0 | 0 | Option Type=X |Opt Data Len=12| 1505 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1506 | 4-octet field | 1507 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1508 | | 1509 + 8-octet field + 1510 | | 1511 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1513 Appendix B. CHANGES SINCE RFC2460 1515 This memo has the following changes from RFC2460. Numbers identify 1516 the Internet-Draft version in which the change was made. 1518 Working Group Internet Drafts 1520 08) Revised header insertion text in Section 4 based on the 1521 results of w.g. survey that concluded to describe the 1522 problems with header insertion. 1524 08) Editorial changes. 1526 07) Expanded Security Considerations section to include both 1527 IPSEC and encryption at higher levels in the protocol stack 1528 as ways to mitigate IP level security issues. 1530 07) Added paragraph to Section 4 to clarify how Extension Headers 1531 are numbered and which are upper-layer headers. 1533 07) Moved the text regarding network duplicated fragments to the 1534 received fragment error section. 1536 07) Added clarification that no ICMP error message should be sent 1537 if overlapping fragments are received. 1539 07) Revised the text in Section 4.8 regarding new hop-by-hop 1540 options and new Extension headers to be closer to the -05 1541 version. 1543 07) Added additional registries to the IANA Considerations 1544 section that IANA needs to update. 1546 07) Editorial changes. 1548 06) Added the Routing Header to the list required extension 1549 headers that a full implementation includes. 1551 06) Moved the text in Section 4.5 regarding the handling of 1552 received overlapping fragments to the list of error 1553 conditions 1555 06) Rewrote the text in Section 4.8 "Defining New Extension 1556 Headers and Options" to be clearer and remove redundant text. 1558 06) Editorial changes. 1560 05) Changed requirement for HBH header from a should to a may, 1561 and added a note to indicate what is expected. 1563 05) Corrected reference to point to draft-ietf-6man-rfc4291bis 1564 instead of draft-hinden-6man-rfc4291bis. 1566 05) Change to text regarding not inserting extension headers to 1567 cite using encapsulation as an example. 1569 04) Changed text discussing Fragment ID selection to refer to 1570 RFC7739 for example algorithms. 1572 04) Editorial changes. 1574 03) Clarified the text about decrementing the hop limit. 1576 03) Removed IP Next Generation from the Abstract. 1578 03) Add reference to the end of Section 4 to IPv6 Extension 1579 Header IANA registry. 1581 03) Editorial changes. 1583 02) Added text to Section 4.8 "Defining New Extension Headers and 1584 Options" clarifying why no new hop by hop extension headers 1585 should be defined. 1587 02) Added text to Fragment Header process on handling exact 1588 duplicate fragments. 1590 02) Editorial changes. 1592 01) Added text that Extension headers must never be inserted by 1593 any node other than the source of the packet. 1595 01) Change "must" to "should" in Section 4.3 on the Hop-by-Hop 1596 header. 1598 01) Added text that the Data Transmission Order is the same as 1599 IPv4 as defined in RFC791. 1601 01) Updated the Fragmentation header text to correct the 1602 inclusion of AH and note no next header case. 1604 01) Change terminology in Fragment header section from 1605 "Unfragmentable Headers" to "Per-Fragment Headers". 1607 01) Removed paragraph in Section 5 that required including a 1608 fragment header to outgoing packets if a ICMP Packet Too Big 1609 message reporting a Next-Hop MTU less than 1280. This is 1610 based on the update in draft-ietf-6man-deprecate-atomfrag- 1611 generation. 1613 01) Changed to Fragmentation Header section to clarify MTU 1614 restriction and 8-byte restrictions, and noting the 1615 restriction on headers in first fragment. 1617 01) Editorial changes. 1619 00) Add instruction to the IANA to change references to RFC2460 1620 to this document 1622 00) Add a paragraph to the acknowledgement section acknowledging 1623 the authors of the updating documents 1625 00) Remove old paragraph in Section 4 that should have been 1626 removed when incorporating the update from RFC7045. 1628 00) Editorial changes. 1630 Individual Internet Drafts 1632 07) Update references to current versions and assign references 1633 to normative and informative. 1635 07) Editorial changes. 1637 06) The purpose of this draft is to incorporate the updates 1638 dealing with Extension headers as defined in RFC6564, 1639 RFC7045, and RFC7112. The changes include: 1641 RFC6564: Added new Section 4.8 that describe 1642 recommendations for defining new Extension headers and 1643 options 1645 RFC7045: The changes were to add a reference to RFC7045, 1646 change the requirement for processing the hop-by-hop 1647 option to a should, and added a note that due to 1648 performance restrictions some nodes won't process the Hop- 1649 by-Hop Option header. 1651 RFC7112: The changes were to revise the Fragmentation 1652 Section (Section 4.5) to require that all headers through 1653 the first Upper-Layer Header are in the first fragment. 1654 This changed the text describing how packets are 1655 fragmented and reassembled and added a new error case. 1657 06) Editorial changes. 1659 05) The purpose of this draft is to incorporate the updates 1660 dealing with fragmentation as defined in RFC5722 and RFC6946. 1661 Note: The issue relating to the handling of exact duplicate 1662 fragments identified on the mailing list is left open. 1664 05) Fix text in the end of Section 4 to correct the number of 1665 extension headers defined in this document. 1667 05) Editorial changes. 1669 04) The purpose of this draft is to update the document to 1670 incorporate the update made by RFC6935 "UDP Checksums for 1671 Tunneled Packets". 1673 04) Remove Routing (Type 0) header from the list of required 1674 extension headers. 1676 04) Editorial changes. 1678 03) The purpose of this draft is to update the document for the 1679 deprecation of the RH0 Routing Header as specified in RFC5095 1680 and the allocations guidelines for routing headers as 1681 specified in RFC5871. Both of these RFCs updated RFC2460. 1683 02) The purpose of this version of the draft is to update the 1684 document to resolve the open Errata on RFC2460. 1686 Errata ID: 2541: This errata notes that RFC2460 didn't 1687 update RFC2205 when the length of the Flow Label was 1688 changed from 24 to 20 bits from RFC1883. This issue was 1689 resolved in RFC6437 where the Flow Label is defined. This 1690 draft now references RFC6437. No change is required. 1692 Errata ID: 4279: This errata noted that the specification 1693 doesn't handle the case of a forwarding node receiving a 1694 packet with a zero Hop Limit. This is fixed in Section 3 1695 of this draft. Note: No change was made regarding host 1696 behaviour. 1698 Errata ID: 2843: This errata is marked rejected. No 1699 change is required. 1701 02) Editorial changes to the Flow Label and Traffic Class text. 1703 01) The purpose of this version of the draft is to update the 1704 document to point to the current specifications of the IPv6 1705 Flow Label field as defined in [RFC6437] and the Traffic 1706 Class as defined in [RFC2474] and [RFC3168]. 1708 00) The purpose of this version is to establish a baseline from 1709 RFC2460. The only intended changes are formatting (XML is 1710 slightly different from .nroff), differences between an RFC 1711 and Internet Draft, fixing a few ID Nits, and updates to the 1712 authors information. There should not be any content changes 1713 to the specification. 1715 Authors' Addresses 1717 Stephen E. Deering 1718 Retired 1719 Vancouver, British Columbia 1720 Canada 1722 Robert M. Hinden 1723 Check Point Software 1724 959 Skyway Road 1725 San Carlos, CA 94070 1726 USA 1728 Email: bob.hinden@gmail.com