idnits 2.17.1 draft-ietf-ipngwg-ipv6-spec-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Cannot find the required boilerplate sections (Copyright, IPR, etc.) in this document. Expected boilerplate is as follows today (2024-04-23) according to https://trustee.ietf.org/license-info : IETF Trust Legal Provisions of 28-dec-2009, Section 6.a: This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 2: Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3: This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 2 instances of too long lines in the document, the longest one being 1 character in excess of 72. -- The draft header indicates that this document obsoletes draft-hinden-ipng-ipv6-spec-00.txt, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 748 has weird spacing: '... one or more ...' -- No information found for rfcdraft-hinden-ipng-ipv6-spec-00.txt - is the name correct? -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '0' on line 526 -- Looks like a reference, but probably isn't: '1' on line 534 -- Possible downref: Non-RFC (?) normative reference: ref. 'IPV6-AUTH' -- Possible downref: Non-RFC (?) normative reference: ref. 'IPV6-ICMP' -- Possible downref: Non-RFC (?) normative reference: ref. 'IPV6-TRAN' -- Possible downref: Non-RFC (?) normative reference: ref. 'IPV6-ADDR' ** Obsolete normative reference: RFC 1700 (Obsoleted by RFC 3232) ** Obsolete normative reference: RFC 1548 (Obsoleted by RFC 1661) Summary: 11 errors (**), 0 flaws (~~), 2 warnings (==), 10 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 INTERNET DRAFT S. Deering, Xerox PARC 2 March 17, 1995 R. Hinden, Ipsilon 3 Obsoletes: draft-hinden-ipng-ipv6-spec-00.txt Editors 5 Internet Protocol, Version 6 (IPv6) 6 Specification 8 10 Abstract 12 This document specifies version 6 of the Internet Protocol, a proposed 13 successor to IP version 4. Changes from the previous draft are listed 14 in Appendix B. 16 Status of this Memo 18 This document is an Internet-Draft. Internet-Drafts are working 19 documents of the Internet Engineering Task Force (IETF), its areas, and 20 its working groups. Note that other groups may also distribute working 21 documents as Internet-Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or obsoleted by other documents at any 25 time. It is inappropriate to use Internet- Drafts as reference material 26 or to cite them other than as ``work in progress.'' 28 To learn the current status of any Internet-Draft, please check the 29 ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow 30 Directories on ds.internic.net (US East Coast), nic.nordu.net (Europe), 31 ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). 33 Distribution of this memo is unlimited. 35 Contents 37 Status of this Memo..............................................1 39 1. Introduction..................................................3 41 2. Terminology...................................................4 43 3. IPv6 Header Format............................................5 45 4. IPv6 Extension Headers........................................6 46 4.1 Extension Header Order...................................8 47 4.2 Options..................................................9 48 4.3 Hop-by-Hop Options Header...............................11 49 4.4 Routing Header..........................................13 50 4.5 Fragment Header.........................................16 51 4.6 Authentication Header...................................18 52 4.7 Destination Options Header..............................19 53 4.8 No Next Header..........................................20 55 5. Packet Size Issues...........................................21 57 6. Flow Labels..................................................23 59 7. Priority.....................................................25 61 8. Upper-Layer Protocol Issues..................................26 62 8.1 Upper-Layer Checksums...................................26 63 8.2 Maximum Packet Lifetime.................................27 64 8.3 Maximum Upper-Layer Payload Size........................27 66 Appendix A. Formatting Guidelines for Options...................28 68 Appendix B. Changes from Previous Draft.........................31 70 Security Considerations.........................................33 72 Acknowledgments.................................................33 74 Document Editors' Addresses.....................................33 76 References......................................................34 78 1. Introduction 80 IP version 6 (IPv6) is a new version of the Internet Protocol, designed 81 as a successor to IP version 4 (IPv4) [RFC-791]. The changes from IPv4 82 to IPv6 fall primarily into the following categories: 84 o Expanded Addressing Capabilities 86 IPv6 increases the IP address size from 32 bits to 128 bits, to 87 support more levels of addressing hierarchy, a much greater number 88 of addressable nodes, and simpler auto-configuration of addresses. 89 The scalability of multicast routing is improved by adding a 90 "scope" field to multicast addresses. And a new type of address 91 called a "region address" is defined, to identify topological 92 regions rather than individual nodes. 94 o Header Format Simplification 96 Some IPv4 header fields have been dropped or made optional, to 97 reduce the common-case processing cost of packet handling and to 98 limit the bandwidth cost of the IPv6 header. 100 o Improved Support for Extensions and Options 102 Changes in the way IP header options are encoded allows for more 103 efficient forwarding, less stringent limits on the length of 104 options, and greater flexibility for introducing new options in 105 the future. 107 o Flow Labeling Capability 109 A new capability is added to enable the labeling of packets 110 belonging to particular traffic "flows" for which the sender 111 requests special handling, such as non-default quality of service 112 or "real-time" service. 114 o Authentication and Privacy Capabilities 116 Extensions to support authentication, data integrity, and 117 (optional) data confidentiality are specified for IPv6. 119 This document specifies the basic IPv6 header and the initially-defined 120 IPv6 extension headers and options. It also discusses packet size 121 issues, the semantics of flow labels and priority, and the effects of 122 IPv6 on upper-layer protocols. Other aspects of IPv6 are specified in 123 separate documents, including the following: 125 o IP Version 6 Addressing Architecture [IPV6-ADDR] 127 o ICMP for the Internet Protocol Version 6 [IPV6-ICMP] 129 o Transition Mechanisms for IPv6 Hosts and Routers[IPV6-TRAN] 131 2. Terminology 133 node - a device that implements IPv6. 135 router - a node that forwards IPv6 packets not explicitly 136 addressed to itself. 138 host - any node that is not a router. 140 upper layer - a protocol layer immediately above IPv6. Examples are 141 transport protocols such as TCP and UDP, control 142 protocols such as ICMP, routing protocols such as OSPF, 143 and internet or lower-layer protocols being "tunneled" 144 over (i.e., encapsulated in) IPv6 such as IPX, 145 AppleTalk, or IPv6 itself. 147 link - a communication facility or medium over which nodes can 148 communicate at the link layer, i.e., the layer 149 immediately below IPv6. Examples are Ethernets (simple 150 or bridged); PPP links; X.25, Frame Relay, or ATM 151 networks; and internet (or higher) layer "tunnels", 152 such as tunnels over IPv4 or IPv6 itself. 154 neighbors - nodes attached to the same link. 156 interface - a node's attachment to a link. 158 address - an IPv6-layer identifier for an interface or a set of 159 interfaces. 161 packet - an IPv6 header plus payload. 163 link MTU - the maximum transmission unit, i.e., maximum packet 164 size in octets, that can be conveyed in one piece over 165 a link. 167 path MTU - the minimum link MTU of all the links in a path between 168 a source node and a destination node. 170 3. IPv6 Header Format 172 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 173 |Version| Prio. | Flow Label | 174 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 175 | Payload Length | Next Header | Hop Limit | 176 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 177 | | 178 + + 179 | | 180 + Source Address + 181 | | 182 + + 183 | | 184 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 185 | | 186 + + 187 | | 188 + Destination Address + 189 | | 190 + + 191 | | 192 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 194 Version 4-bit Internet Protocol version number = 6. 196 Prio. 4-bit priority value. See section 7. 198 Flow Label 24-bit flow label. See section 6. 200 Payload Length 16-bit unsigned integer. Length of payload, 201 i.e., the rest of the packet following the 202 IPv6 header, in octets. If zero, indicates that 203 the payload length is carried in a Jumbo Payload 204 hop-by-hop option. 206 Next Header 8-bit selector. Identifies the type of header 207 immediately following the IPv6 header. Uses 208 the same values as the IPv4 Protocol field 209 [RFC-1700]. 211 Hop Limit 8-bit unsigned integer. Decremented by 1 by 212 each node that forwards the packet. The packet 213 is discarded if Hop Limit is decremented to 214 zero. 216 Source Address 128-bit address of the originator of the 217 packet. See [IPV6-ADDR]. 219 Destination Address 128-bit address of the intended recipient 220 of the packet (possibly not the ultimate 221 recipient, if a Routing header is present). 222 See [IPV6-ADDR] and section 4.4. 224 4. IPv6 Extension Headers 226 In IPv6, optional internet-layer information is encoded in separate 227 headers that may be placed between the IPv6 header and the upper-layer 228 header in a packet. There are a small number of such extension headers, 229 each identified by a distinct Next Header value. As illustrated in 230 these examples, an IPv6 packet may carry zero, one, or more extension 231 headers, each identified by the Next Header field of the preceding 232 header: 234 +---------------+------------------------ 235 | IPv6 header | TCP header + data 236 | | 237 | Next Header = | 238 | TCP | 239 +---------------+------------------------ 241 +---------------+----------------+------------------------ 242 | IPv6 header | Routing header | TCP header + data 243 | | | 244 | Next Header = | Next Header = | 245 | Routing | TCP | 246 +---------------+----------------+------------------------ 248 +---------------+----------------+-----------------+----------------- 249 | IPv6 header | Routing header | Fragment header | fragment of TCP 250 | | | | header + data 251 | Next Header = | Next Header = | Next Header = | 252 | Routing | Fragment | TCP | 253 +---------------+----------------+-----------------+----------------- 255 With one exception, extension headers are not examined or processed by 256 any node along a packet's delivery path, until the packet reaches the 257 node (or each of the set of nodes, in the case of multicast) identified 258 in the Destination Address field of the IPv6 header. There, normal 259 demultiplexing on the Next Header field of the IPv6 header invokes the 260 module to process the first extension header, or the upper-layer header 261 if no extension header is present. The contents and semantics of each 262 header determine whether or not to proceed to the next header. 264 The exception referred to in the preceding paragraph is the Hop-by-Hop 265 Options header, which carries information that must be examined and 266 processed by every node along a packet's delivery path, including the 267 source and destination nodes. The Hop-by-Hop Options header, when 268 present, must immediately follow the IPv6 header. Its presence is 269 indicated by the value zero in the Next Header field of the IPv6 header. 271 If, while processing a header, a node is required to proceed to the next 272 header but the Next Header value in the current header is unrecognized 273 by the node, it should discard the packet and send an ICMP Parameter 274 Problem message to the source of the packet, with an ICMP Code value of 275 2 ("unrecognized Next Header type encountered") and the ICMP Pointer 276 field containing the offset of the unrecognized value within the 277 original packet. The same action should be taken if a node encounters a 278 Next Header value of zero in any header other than an IPv6 header. 280 Each extension header is an integer multiple of 8 octets long, in order 281 to retain 8-octet alignment for subsequent headers. Multi-octet fields 282 within each extension header are aligned on their natural boundaries, 283 i.e., fields of width n octets are placed at an integer multiple of n 284 octets from the start of the header, for n = 1, 2, 4, or 8. 286 4.1 Extension Header Order 288 When more than one extension header is used in the same packet, it is 289 recommended that those headers appear in the following order: 291 IPv6 header 292 Hop-by-Hop Options header 293 Destination Options header (1) 294 Routing header 295 Fragment header 296 Authentication header 297 Destination Options header (2) 298 upper-layer header 300 (1) for options to be processed by the first destination 301 that appears in the IPv6 Destination Address field 302 plus subsequent destinations listed in the Routing header. 303 (2) for options to be processed only by the final 304 destination of the packet. 306 Each extension header should occur at most once, except for the 307 Destination Options header which should occur at most twice (once before 308 a Routing header and once before the upper-layer header). 310 If the upper-layer header is another IPv6 header (in the case of IPv6 311 being tunneled over or encapsulated in IPv6), it may be followed by its 312 own extensions headers, which are separately subject to the same 313 ordering recommendations. 315 If and when other extension headers are defined, their ordering 316 constraints relative to the above listed headers must be specified. 318 IPv6 nodes must accept and attempt to process extension headers in any 319 order and occurring any number of times in the same packet, except for 320 the Hop-by-Hop Options header which is restricted to appear immediately 321 after an IPv6 header only. Nonetheless, it is strongly advised that 322 sources of IPv6 packets adhere to the above recommended order until and 323 unless subsequent specifications revise that recommendation. 325 4.2 Options 327 Two of the currently-defined extension headers -- the Hop-by-Hop Options 328 header and the Destination Options header -- may carry a variable number 329 of Type-Length-Value (TLV) encoded "options", of the following format: 331 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 332 | Option Type | Opt Data Len | Option Data 333 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 335 Option Type 8-bit identifier of the type of option. 337 Opt Data Len 8-bit unsigned integer. Length of the Option 338 Data field of this option, in octets. 340 Option Data Variable-length field. Option-Type-specific 341 data. 343 The Option Type identifiers are internally encoded such that their 344 highest-order two bits specify the action that must be taken if the 345 processing IPv6 node does not recognize the Option Type: 347 00 - skip over this option and continue processing the header. 349 01 - discard the packet. 351 10 - discard the packet and send an ICMP Parameter Problem, Code 2, 352 message to the packet's Source Address, pointing to the 353 unrecognized Option Type. 355 11 - discard the packet and, only if the packet's Destination Address 356 is not a multicast address, send an ICMP Parameter Problem, Code 357 2, message to the packet's Source Address, pointing to the 358 unrecognized Option Type. 360 The third-highest-order bit of the Option Type specifies whether or not 361 the Option Data of that option can change en-route to the packet's final 362 destination. Data that can change en-route must be excluded from the 363 integrity assurance computation performed when the Authentication header 364 is present. 366 0 - Option Data does not change en-route 368 1 - Option Data may change en-route 370 Individual options may have specific alignment requirements, to ensure 371 that multi-octet values within Option Data fields fall on natural 372 boundaries. The alignment requirement of an option is specified using 373 the notation xn+y, meaning the Option Type must appear at an integer 374 multiple of x octets from the start of the header, plus y octets. For 375 example: 377 2n means any 2-octet offset from the start of the header. 378 8n+2 means any 8-octet offset from the start of the header, 379 plus 2 octets. 381 There are two padding options which are used when necessary to align 382 subsequent options and to pad out the containing header to a multiple of 383 8 octets in length. These padding options must be recognized by all 384 IPv6 implementations: 386 Pad1 option (alignment requirement: none) 388 +-+-+-+-+-+-+-+-+ 389 | 0 | 390 +-+-+-+-+-+-+-+-+ 392 NOTE! the format of the Pad1 option is a special case -- it does 393 not have length and value fields. 395 The Pad1 option is used to insert one octet of padding into the 396 Options area of a header. If more than one octet of padding is 397 required, the PadN option, described next, should be used, 398 rather than multiple Pad1 options. 400 PadN option (alignment requirement: none) 402 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 403 | 1 | Opt Data Len | Option Data 404 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- - - - - - - - - 406 The PadN option is used to insert two or more octets of padding 407 into the Options area of a header. For N octets of padding, the 408 Opt Data Len field contains the value N-2, and the Option Data 409 consists of N-2 zero-valued octets. 411 Appendix A contains formatting guidelines for designing new options. 413 4.3 Hop-by-Hop Options Header 415 The Hop-by-Hop Options header is used to carry optional information that 416 must be examined by every node along a packet's delivery path. The 417 Hop-by-Hop Options header is identified by a Next Header value of 0 in 418 the IPv6 header, and has the following format: 420 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 421 | Next Header | Hdr Ext Len | | 422 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 423 | | 424 . . 425 . Options . 426 . . 427 | | 428 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 430 Next Header 8-bit selector. Identifies the type of header 431 immediately following the Hop-by-Hop Options 432 header. Uses the same values as the IPv4 433 Protocol field [RFC-1700]. 435 Hdr Ext Len 8-bit unsigned integer. Length of the 436 Hop-by-Hop Options header in 8-octet units, 437 not including the first 8 octets. 439 Options Variable-length field, of length such that the 440 complete Hop-by-Hop Options header is an integer 441 multiple of 8 octets long. Contains one or 442 more TLV-encoded options, as described in 443 section 4.2. 445 In addition to the Pad1 and PadN options specified in section 4.2, the 446 following hop-by-hop option is defined: 448 Jumbo Payload option (alignment requirement: 4n + 2) 450 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 451 | 194 |Opt Data Len=4 | 452 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 453 | Jumbo Payload Length | 454 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 456 The Jumbo Payload option is used to send IPv6 packets with 457 payloads longer than 65,535 octets. The Jumbo Payload Length is 458 the length of the packet in octets, excluding the IPv6 header. 459 It has a maximum value of 4,294,967,295, that is, 2^32-1. 460 It has a minimum legal value of 8, which is the length of a 461 Hop-by-Hop Options header containing only this option, with no 462 additional headers or data; however, use of this option for 463 packets with payloads less than 65,535 octets is not recommended. 465 The Payload Length field in the IPv6 header must be set to zero 466 in every packet that carries the Jumbo Payload option. If a 467 packet is received with a Jumbo Payload option present and a 468 non-zero IPv6 Payload Length field, an ICMP Parameter Problem 469 message, Code 0, should be sent to the packet's source, pointing 470 to the Option Type field of the Jumbo Payload option. 472 The Jumbo Payload option must not be used in a packet that 473 carries a Fragment header. If a Fragment Header is encountered 474 in a packet that contains a Jumbo Payload option, an ICMP 475 Parameter Problem message, Code 0, should be sent to the packet's 476 source, pointing to the first octet of the Fragment header. 478 4.4 Routing Header 480 The Routing header is used by an IPv6 source to list one or more 481 intermediate nodes (or topological regions) to be "visited" on the way 482 to a packet's destination. This function is very similar to IPv4's 483 Source Route options. The Routing header is identified by a Next Header 484 value of 43 in the immediately preceding header, and has the following 485 format: 487 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 488 | Next Header | Routing Type | | 489 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 490 | | 491 . . 492 . type-specific data . 493 . . 494 | | 495 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 497 Next Header 8-bit selector. Identifies the type of header 498 immediately following the Routing header. 499 Uses the same values as the IPv4 Protocol field 500 [RFC-1700]. 502 Routing Type 8-bit identifier of a particular Routing 503 header variant. 505 type-specific data Variable-length field, of format determined by 506 the Routing Type, and of length such that the 507 complete Routing header is an integer multiple 508 of 8 octets long. 510 If the IPv6 node that is processing a Routing header does not recognize 511 the Routing Type value, it must discard the packet and, only if the 512 packet's Destination Address is not a multicast address, send an ICMP 513 Parameter Problem, Code 0, message to the packet's Source Address, 514 pointing to the unrecognized Routing Type. 516 The Type 0 Routing header has the following format: 518 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 519 | Next Header |Routing Type=0 | Num Addrs | Next Addr | 520 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 521 | Reserved | Strict/Loose Bit Mask | 522 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 523 | | 524 + + 525 | | 526 + Address[0] + 527 | | 528 + + 529 | | 530 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 531 | | 532 + + 533 | | 534 + Address[1] + 535 | | 536 + + 537 | | 538 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 539 . . . 540 . . . 541 . . . 542 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 543 | | 544 + + 545 | | 546 + Address[Num Addrs - 1] + 547 | | 548 + + 549 | | 550 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 552 Next Header 8-bit selector. Identifies the type of header 553 immediately following the Routing header. 554 Uses the same values as the IPv4 Protocol field 555 [RFC-1700]. 557 Routing Type 0. 559 Num Addrs 8-bit unsigned integer. Number of addresses in 560 the Routing header. Maximum legal value = 24. 562 Next Addr 8-bit unsigned integer. Index of next address 563 to be processed; initialized to 0 by the 564 originating node. 566 Reserved 8-bit reserved field. Initialized to zero for 567 transmission; ignored on reception. 569 Strict/Loose Bit Mask 570 24-bit bit-mask, numbered 0 to 23, left-to-right. 571 If bit n is 1, then the packet may be forwarded 572 to Address[n] by the node that places Address[n] 573 in the IPv6 Destination Field only if the 574 interface identified by Address[n] is a neighbor 575 of the forwarding node. If bit n is 0, then 576 Address[n] need not be a neighbor of the 577 forwarding node. 579 A Routing header is not examined or processed until it reaches the node 580 identified in the Destination Address field of the IPv6 header. In that 581 node, dispatching on the Next Header field of the immediately preceding 582 header causes the Routing module to be invoked, which, in the case of 583 Routing Type 0, performs the following algorithm: 585 o If Next Addr < Num Addrs, swap the IPv6 Destination Address and 586 Address[Next Addr]. If Bit Mask[Next Addr] = 0 or if the new 587 destination address is known to be a neighbor of this node, 588 increment Next Addr by one and re-submit the packet to the IPv6 589 module for forwarding to the new destination, else send an ICMP 590 Destination Unreachable, Not a Neighbor message to the Source 591 Address and discard the packet. 593 o If Next Addr = Num Addrs, dispatch to the next header processing 594 module, as identified by the Next Header field in the Routing 595 header. 597 o If Next Addr > Num Addrs, send an ICMP Parameter Problem, Code 0, 598 message to the Source Address, pointing to the Num Addrs field, 599 and discard the packet. 601 Multicast addresses must not appear in a Routing header of Type 0, or in 602 the IPv6 Destination Address field of a packet carrying a Routing header 603 of Type 0. 605 4.5 Fragment Header 607 The Fragment header is used by an IPv6 source to send payloads larger 608 than would fit in the path MTU to their destinations. (Note: unlike 609 IPv4, fragmentation in IPv6 is performed only by source nodes, not by 610 routers along a packet's delivery path -- see section 5.) The Fragment 611 header is identified by a Next Header value of 44 in the immediately 612 preceding header, and has the following format: 614 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 615 | Next Header | Reserved | Fragment Offset |Res|M| 616 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 617 | Identification | 618 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 620 Next Header 8-bit selector. Identifies the type of header 621 immediately following the Fragment header. 622 Uses the same values as the IPv4 Protocol field 623 [RFC-1700]. 625 Reserved 8-bit reserved field. Initialized to zero for 626 transmission; ignored on reception. 628 Fragment Offset 13-bit unsigned integer. The offset, in 8-octet 629 units, of the following payload, relative to the 630 start of the original, unfragmented payload. 632 Res 2-bit reserved field. Initialized to zero for 633 transmission; ignored on reception. 635 M flag 1 = more fragments; 0 = last fragment. 637 Identification 32 bits. See description below. 639 The fragmentation algorithm is as follows: The payload (including any 640 extension headers that need be processed only by the destination 641 node(s)) is divided into fragments, each, except possibly the last, 642 being an integer multiple of 8 octets long. Each fragment is prepended 643 with a Fragment header and sent in a separate IPv6 packet. The M 644 ("more") flag is set to 1 on all fragments of the same payload except 645 the last. The original payload is assigned an Identification value that 646 is different than that of any other fragmented payload sent recently* 647 with the same IPv6 Source Address, IPv6 Destination Address, and 648 Fragment Next Header value. (If a Routing header is present, the IPv6 649 Destination Address is that of the final destination.) The 650 Identification value is carried in the Fragment header of all of the 651 original payload's fragments, and is used by the destination to identify 652 all fragments belonging to the same original payload. 654 * "recently" means within the maximum likely lifetime of a packet, 655 including transit time from source to destination and time spent 656 awaiting reassembly with other fragments of the same payload. 657 However, it is not required that a source node know the maximum 658 packet lifetime. Rather, it is assumed that the requirement can be 659 met by maintaining the Identification value as a simple, 32-bit, 660 "wrap-around" counter, incremented each time a payload must be 661 fragmented. It is an implementation choice whether to maintain a 662 single counter for the node or multiple counters, e.g., one for 663 each of the node's possible source addresses, or one for each 664 active (source address, destination address, next header type) 665 combination. 667 In a packet with a Fragment header, the Payload Length field of the IPv6 668 header contains the length of that packet only (excluding the IPv6 669 header itself), not the length of the original, unfragmented payload. 671 4.6 Authentication Header 673 The Authentication header is used to provide authentication and 674 integrity assurance for IPv6 packets. Non-repudiation may be provided 675 by an authentication algorithm used with the Authentication header, but 676 it is not provided with all authentication algorithms that might be used 677 with this header. The Authentication header is identified by a Next 678 Header value of 51 in the immediately preceding header, and has the 679 following format: 681 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 682 | Payload Type | Auth Data Len | Reserved | 683 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 684 | Security Association ID | 685 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 686 | | 687 . . 688 . Authentication Data . 689 . . 690 | | 691 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 693 Payload Type 8-bit selector. Identifies the type of header 694 immediately following the Authentication header. 695 Uses the same values as the IPv4 Protocol field 696 [RFC-1700]. 698 Auth Data Len 8-bit unsigned integer. Length of the 699 Authentication Data field in 8-octet units. 701 Reserved 8-bit reserved field. Initialized to zero for 702 transmission; ignored on reception. 704 Security Assoc. ID 32 bits. When combined with the IPv6 Destination 705 Address, identifies to the receiver(s) the 706 pre-established security association to which 707 this packet belongs. 709 Authentication Data Variable-length field, an integer multiple of 710 8 octets long. Algorithm-specific information 711 required authenticate the source of the packet 712 and assure its integrity, as specified for the 713 pre-established security association. 715 Use of the Authentication header is specified in [IPV6-AUTH]. All IPv6 716 nodes are required to support the keyed MD5 algorithm used with the 717 Authentication header as described in that document. 719 4.7 Destination Options Header 721 The Destination Options header is used to carry optional information 722 that need be examined only by a packet's destination node(s). The 723 Destination Options header is identified by a Next Header value of TBD 724 in the immediately preceding header, and has the following format: 726 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 727 | Next Header | Hdr Ext Len | | 728 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + 729 | | 730 . . 731 . Options . 732 . . 733 | | 734 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 736 Next Header 8-bit selector. Identifies the type of header 737 immediately following the Destination Options 738 header. Uses the same values as the IPv4 739 Protocol field [RFC-1700]. 741 Hdr Ext Len 8-bit unsigned integer. Length of the 742 Destination Options header in 8-octet units, 743 not including the first 8 octets. 745 Options Variable-length field, of length such that the 746 complete Destination Options header is an 747 integer multiple of 8 octets long. Contains 748 one or more TLV-encoded options, as described 749 in section 4.2. 751 The only destination options defined in this document are the Pad1 and 752 PadN options specified in section 4.2. 754 Note that there are two possible ways to encode optional destination 755 information in an IPv6 packet: either as an option in the Destination 756 Options header, or as a separate extension header. The Fragment header 757 and the Authentication header are examples of the latter approach. 758 Which approach can be used depends on what action is desired of a 759 destination node that does not understand the optional information: 761 o if the desired action is for the destination node to discard the 762 packet and, only if the packet's Destination Address is not a 763 multicast address, send an ICMP Unrecognized Type message to the 764 packet's Source Address, then the information may be encoded 765 either as a separate header or as an option in the Destination 766 Options header whose Option Type has the value 11 in its highest- 767 order two bits. The choice may depend on such factors as which 768 takes fewer octets, or which yields better alignment or more 769 efficient parsing. 771 o if any other action is desired, the information must be encoded as 772 an option in the Destination Options header whose Option Type has 773 the value 00, 01, or 10 in its highest-order two bits, specifying 774 the desired action (see section 4.2). 776 4.8 No Next Header 778 The value 59 in the Next Header field of an IPv6 header or any extension 779 header indicates that there is nothing following that header. If the 780 Payload Length field of the IPv6 header indicates the presence of octets 781 past the end of a header whose Next Header field contains 59, those 782 octets must be ignored, and passed on unchanged if the packet is 783 forwarded. 785 5. Packet Size Issues 787 IPv6 requires that every link in the internet have an MTU of 576 octets 788 or greater. On any link that cannot convey a 576-octet packet in one 789 piece, link-specific fragmentation and reassembly must be provided at a 790 layer below IPv6. 792 Note: this minimum link MTU is NOT the same as the one in IPv4. In 793 IPv4, the minimum link MTU is 68 octets [RFC-791, page 25]; 576 794 octets is the minimum reassembly buffer size required in an IPv4 795 node, which has nothing to do with link MTUs. 797 From each link to which a node is directly attached, the node must be 798 able to accept packets as large as that link's MTU. Links that have a 799 configurable MTU (for example, PPP links [RFC-1548]) must be configured 800 to have an MTU of at least 576 octets; it is recommended that a larger 801 MTU be configured, to accommodate possible encapsulations (i.e., 802 tunneling) without incurring fragmentation. 804 IPv6 nodes are expected to implement Path MTU Discovery [RFC-1191], in 805 order to discover and take advantage of paths with MTU greater than 576 806 octets. However, a minimal IPv6 implementation (e.g., in a boot ROM) 807 may simply restrict itself to sending packets no larger than 576 octets, 808 and omit implementation of Path MTU Discovery. 810 In order to send a packet larger than a path's MTU, a node may use the 811 IPv6 Fragment header to fragment the packet at the source and have it 812 reassembled at the destination(s). However, the use of such 813 fragmentation is discouraged in any application that is able to adapt 814 its packets to fit the measured path MTU (i.e., down to 576 octets). A 815 node must not send a packet larger than the path MTU (i.e., fragments 816 that reassemble to a size larger than the path MTU) unless it has 817 explicit knowledge that the destination(s) can reassemble a packet of 818 that size. 820 In response to an IPv6 packet that is sent to an IPv4 destination (i.e., 821 a packet that undergoes translation from IPv6 to IPv4), the originating 822 IPv6 node may receive an ICMP Packet Too Big message reporting a Next- 823 Hop MTU less than 576. In that case, the IPv6 node is not required to 824 reduce the size of subsequent packets to less than 576, but must include 825 a Fragment header in those packets so that the IPv6-to-IPv4 translating 826 router can obtain a suitable Identification value to use in resulting 827 IPv4 fragments. Note that this means the payload may have to be reduced 828 to 528 octets (576 minus 40 for the IPv6 header and 8 for the Fragment 829 header), and smaller still if additional extension headers are used. 831 Note: Path MTU Discovery must be performed even in cases where a 832 host "thinks" a destination is attached to the same link as itself. 834 Note: Unlike IPv4, it is unnecessary in IPv6 to set a "Don't 835 Fragment" flag in the packet header in order to perform Path MTU 836 Discovery; that is an implicit attribute of every IPv6 packet. 837 Also, those parts of the RFC-1191 procedures that involve use of a 838 table of MTU "plateaus" do not apply to IPv6, because the IPv6 839 version of the "Datagram Too Big" message always identifies the 840 exact MTU to be used. 842 6. Flow Labels 844 The 24-bit Flow Label field in the IPv6 header may be used by a source 845 to label those packets for which it requests special handling by the 846 IPv6 routers, such as non-default quality of service or "real-time" 847 service. This aspect of IPv6 is, at the time of writing, still 848 experimental and subject to change as the requirements for flow support 849 in the Internet become clearer. Hosts or routers that do not support 850 the functions of the Flow Label field are required to set the field to 851 zero when originating a packet, pass the field on unchanged when 852 forwarding a packet, and ignore the field when receiving a packet. 854 A flow is a sequence of packets sent from a particular source to a 855 particular (unicast or multicast) destination for which the source 856 desires special handling by the intervening routers. The nature of that 857 special handling might be conveyed to the routers by a control protocol, 858 such as a resource reservation protocol, or by information within the 859 flow's packets themselves, e.g., in a hop-by-hop option. The details of 860 such control protocols or options are beyond the scope of this document. 862 There may be multiple active flows from a source to a destination, as 863 well as traffic that is not associated with any flow. A flow is 864 uniquely identified by the combination of a source address and a non- 865 zero flow label. Packets that do not belong to a flow carry a flow 866 label of zero. 868 A flow label is assigned to a flow by the flow's source node. New flow 869 labels must be chosen (pseudo-)randomly and uniformly from the range 1 870 to FFFFFF hex. The purpose of the random allocation is to make any set 871 of bits within the Flow Label field suitable for use as a hash key by 872 routers, for looking up the state associated with the flow. 874 All packets belonging to the same flow must be sent with the same source 875 address, same destination address, and same non-zero flow label. If any 876 of those packets includes a Hop-by-Hop Options header, then they all 877 must be originated with the same Hop-by-Hop Options header contents 878 (excluding the Next Header field of the Hop-by-Hop Options header). If 879 any of those packets includes a Routing header, then they all must be 880 originated with the same contents in all extension headers up to and 881 including the Routing header (excluding the Next Header field in the 882 Routing header). The routers or destinations are permitted, but not 883 required, to verify that these conditions are satisfied. If a violation 884 is detected, it should be reported to the source by an ICMP Parameter 885 Problem message, Code 0, pointing to the high-order octet of the Flow 886 Label field (i.e., offset 1 within the IPv6 packet). 888 Routers are free to "opportunistically" set up flow-handling state for 889 any flow, even when no explicit flow establishment information has been 890 provided to them via a control protocol, a hop-by-hop option, or other 891 means. For example, upon receiving a packet from a particular source 892 with an unknown, non-zero flow label, a router may process its IPv6 893 header and any necessary extension headers as if the flow label were 894 zero. That processing would include determining the next-hop interface, 895 and possibly other actions, such as updating a hop-by-hop option, 896 advancing the pointer and addresses in a Routing header, or deciding on 897 how to queue the packet based on its Priority field. The router may 898 then choose to "remember" the results of those processing steps and 899 cache that information, using the source address plus the flow label as 900 the cache key. Subsequent packets with the same source address and flow 901 label may then be handled by referring to the cached information rather 902 than examining all those fields that, according to the requirements of 903 the previous paragraph, can be assumed unchanged from the first packet 904 seen in the flow. 906 Cached flow-handling state that is set up opportunistically, as 907 discussed in the last paragraph, must be discarded no more than 6 908 seconds after it is established, regardless of whether or not packets of 909 the same flow continue to arrive. If another packet with the same 910 source address and flow label arrives after the cached state has been 911 discarded, the packet undergoes full, normal processing (as if its flow 912 label were zero), which may result in the re-creation of cached flow 913 state for that flow. 915 The lifetime of flow-handling state that is set up explicitly, for 916 example by a control protocol or a hop-by-hop option, must be specified 917 as part of the specification of the explicit set-up mechanism; it may 918 exceed 6 seconds. 920 A source must not re-use a flow label for a new flow within the lifetime 921 of any flow-handling state that might have been established for the 922 prior use of that flow label. Since flow-handling state with a lifetime 923 of 6 seconds may be established opportunistically for any flow, the 924 minimum interval between the last packet of one flow and the first 925 packet of a new flow using the same flow label is 6 seconds. Flow 926 labels used for explicitly set-up flows with longer flow-state lifetimes 927 must remain unused for those longer lifetimes before being re-used for 928 new flows. 930 When a node stops and restarts (e.g., as a result of a "crash"), it must 931 be careful not to use a flow label that it might have used for an 932 earlier flow whose lifetime may not have expired yet. This may be 933 accomplished by recording flow label usage on stable storage so that it 934 can be remembered across crashes, or by refraining from using any flow 935 labels until the maximum lifetime of any possible previously established 936 flows has expired (at least 6 seconds; more if explicit flow set-up 937 mechanisms with longer lifetimes might have been used). If the minimum 938 time for rebooting the node is known (often more than 6 seconds), that 939 time can be deducted from the necessary waiting period before starting 940 to allocate flow labels. 942 There is no requirement that all, or even most, packets belong to flows, 943 i.e., carry non-zero flow labels. This observation is placed here to 944 remind protocol designers and implementors not to assume otherwise. For 945 example, it would be unwise to design a router whose performance would 946 be adequate only if most packets belonged to flows, or to design a 947 header compression scheme that only worked on packets that belonged to 948 flows. 950 7. Priority 952 The 4-bit Priority field in the IPv6 header enables a source to identify 953 the desired delivery priority of its packets, relative to other packets 954 from the same source. The Priority values are divided into two ranges: 955 Values 0 through 7 are used to specify the priority of traffic for which 956 the source is providing congestion control, i.e., traffic that "backs 957 off" in response to congestion, such as TCP traffic. Values 8 through 958 15 are used to specify the priority of traffic that does not back off in 959 response to congestion, e.g., "real-time" packets being sent at a 960 constant rate. 962 For congestion-controlled traffic, the following Priority values are 963 recommended for particular application categories: 965 0 - uncharacterized traffic 966 1 - "filler" traffic (e.g., netnews) 967 2 - unattended data transfer (e.g., email) 968 3 - (reserved) 969 4 - attended bulk transfer (e.g., FTP, NFS) 970 5 - (reserved) 971 6 - interactive traffic (e.g., telnet, X) 972 7 - internet control traffic (e.g., routing protocols, SNMP) 974 For non-congestion-controlled traffic, the lowest Priority value (8) 975 should be used for those packets that the sender is most willing to have 976 discarded under conditions of congestion (e.g., high-fidelity video 977 traffic), and the highest value (15) should be used for those packets 978 that the sender is least willing to have discarded (e.g., low-fidelity 979 audio traffic). There is no relative ordering implied between the 980 congestion-controlled priorities and the non-congestion-controlled 981 priorities. 983 8. Upper-Layer Protocol Issues 985 8.1 Upper-Layer Checksums 987 Any transport or other upper-layer protocol that includes the addresses 988 from the IP header in its checksum computation must be modified for use 989 over IPv6, to include the 128-bit IPv6 addresses instead of 32-bit IPv4 990 addresses. In particular, the following illustration shows the TCP and 991 UDP "pseudo-header" for IPv6: 993 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 994 | | 995 + + 996 | | 997 + Source Address + 998 | | 999 + + 1000 | | 1001 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1002 | | 1003 + + 1004 | | 1005 + Destination Address + 1006 | | 1007 + + 1008 | | 1009 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1010 | zero | Next Header | Payload Length | 1011 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1013 o If the packet contains a Routing header, the Destination Address 1014 used in the pseudo-header is that of the final destination. At 1015 the originating system, that address will be in the last element 1016 of the Routing header; at the recipient(s), that address will be 1017 in the Destination Address field of the IPv6 header. 1019 o The Next Header value in the pseudo-header identifies the upper- 1020 layer protocol (e.g., 6 for TCP, or 17 for UDP). It will differ 1021 from the Next Header value in the IPv6 header if there are 1022 extension headers between the IPv6 header and the upper-layer 1023 header. 1025 o The Payload Length used in the pseudo-header is the length of the 1026 upper-layer packet, including the upper-layer header. It will be 1027 less than the Payload Length in the IPv6 header if there are 1028 extension headers between the IPv6 header and the upper-layer 1029 header. 1031 o Unlike IPv4, when UDP packets are originated by an IPv6 node, the 1032 UDP checksum is not optional. That is, whenever originating a UDP 1033 packet, an IPv6 node must compute a UDP checksum over the packet 1034 and the pseudo-header, and, if that computation yields a result of 1035 zero, it must be changed to hex FFFF for placement in the UDP 1036 header. IPv6 receivers must discard UDP packets containing a zero 1037 checksum, and should log the error. 1039 The IPv6 version of ICMP [IPV6-ICMP] includes the above pseudo-header in 1040 its checksum computation; this is a change from the IPv4 version of 1041 ICMP, which does not include a pseudo-header in its checksum. The 1042 reason for the change is to protect ICMP from misdelivery or corruption 1043 of those fields of the IPv6 header on which it depends, which, unlike 1044 IPv4, are not covered by an internet-layer checksum. The Next Header 1045 field in the pseudo-header for ICMP contains the value 58, which 1046 identifies the IPv6 version of ICMP. 1048 8.2 Maximum Packet Lifetime 1050 Unlike IPv4, IPv6 nodes are not required to enforce maximum packet 1051 lifetime. That is the reason the IPv4 "Time to Live" field was renamed 1052 "Hop Limit" in IPv6. In practice, very few, if any, IPv4 1053 implementations conform to the requirement that they limit packet 1054 lifetime, so this is not a change in practice. Any upper-layer protocol 1055 that relies on the internet layer (whether IPv4 or IPv6) to limit packet 1056 lifetime ought to be upgraded to provide its own mechanisms for 1057 detecting and discarding obsolete packets. 1059 8.3 Maximum Upper-Layer Payload Size 1061 When computing the maximum payload size available for upper-layer data, 1062 an upper-layer protocol must take into account the larger size of the 1063 IPv6 header relative to the IPv4 header. For example, in IPv4, TCP's 1064 MSS option is computed as the maximum packet size (a default value or a 1065 value learned through Path MTU Discovery) minus 40 octets (20 octets for 1066 the minimum-length IPv4 header and 20 octets for the minimum-length TCP 1067 header). When using TCP over IPv6, the MSS must be computed as the 1068 maximum packet size minus 60 octets, because the minimum-length IPv6 1069 header (i.e., an IPv6 header with no extension headers) is 20 octets 1070 longer than a minimum-length IPv4 header. 1072 Appendix A. Formatting Guidelines for Options 1074 This appendix gives some advice on how to lay out the fields in options 1075 to be used in the Hop-by-Hop Options header or the Destination Options 1076 header, as described in section 4.2. These guidelines are based on the 1077 following assumptions: 1079 o One desirable feature is that any multi-octet fields within the 1080 Option Data area of an option be aligned on their natural 1081 boundaries, i.e., fields of width n octets should be placed at an 1082 integer multiple of n octets from the start of the Hop-by-Hop or 1083 Destination Options header, for n = 1, 2, 4, or 8. 1085 o Another desirable feature is that the Hop-by-Hop or Destination 1086 Options header take up as little space as possible, subject to the 1087 requirement that the header be an integer multiple of 8 octets 1088 long. 1090 o It may be assumed that, when either of the option-bearing headers 1091 are present, they carry a very small number of options, usually 1092 only one. 1094 These assumptions suggest the following approach to laying out the 1095 fields of an option: order the fields from smallest to largest, with no 1096 interior padding, then derive the alignment requirement for the entire 1097 option based on the alignment requirement of the largest field (up to a 1098 maximum alignment of 8 octets). This approach is illustrated in the 1099 following examples: 1101 Example 1 1103 If an option X required two data fields, one of length 8 octets and one 1104 of length 4 octets, it would be laid out as follows: 1106 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1107 | Option Type=X |Opt Data Len=12| 1108 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1109 | 4-octet field | 1110 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1111 | | 1112 + 8-octet field + 1113 | | 1114 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1116 Its alignment requirement is 8n+2, to ensure that the 8-octet field ends 1117 up on a multiple-of-8 offset from the start of the enclosing header. A 1118 complete Hop-by-Hop or Destination Options header containing this one 1119 option would look as follows: 1121 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1122 | Next Header | Hdr Ext Len=1 | Option Type=X |Opt Data Len=12| 1123 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1124 | 4-octet field | 1125 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1126 | | 1127 + 8-octet field + 1128 | | 1129 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1131 Example 2 1133 If an option Y required three data fields, one of length 4 octets, one 1134 of length 2 octets, and one of length 1 octet, it would be laid out as 1135 follows: 1137 +-+-+-+-+-+-+-+-+ 1138 | Option Type=Y | 1139 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1140 |Opt Data Len=7 | 1-octet field | 2-octet field | 1141 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1142 | 4-octet field | 1143 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1145 Its alignment requirement is 4n+3, to ensure that the 4-octet field ends 1146 up on a multiple-of-4 offset from the start of the enclosing header. A 1147 complete Hop-by-Hop or Destination Options header containing this one 1148 option would look as follows: 1150 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1151 | Next Header | Hdr Ext Len=1 | Pad1 Option=0 | Option Type=Y | 1152 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1153 |Opt Data Len=7 | 1-octet field | 2-octet field | 1154 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1155 | 4-octet field | 1156 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1157 | PadN Option=1 |Opt Data Len=2 | 0 | 0 | 1158 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1160 Example 3 1162 A Hop-by-Hop or Destination Options header containing both options X and 1163 Y from Examples 1 and 2 would have one of the two following formats, 1164 depending on which option appeared first: 1166 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1167 | Next Header | Hdr Ext Len=1 | Option Type=X |Opt Data Len=12| 1168 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1169 | 4-octet field | 1170 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1171 | | 1172 + 8-octet field + 1173 | | 1174 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1175 | PadN Option=1 |Opt Data Len=1 | 0 | Option Type=Y | 1176 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1177 |Opt Data Len=7 | 1-octet field | 2-octet field | 1178 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1179 | 4-octet field | 1180 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1181 | PadN Option=1 |Opt Data Len=2 | 0 | 0 | 1182 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1184 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1185 | Next Header | Hdr Ext Len=1 | Pad1 Option=0 | Option Type=Y | 1186 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1187 |Opt Data Len=7 | 1-octet field | 2-octet field | 1188 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1189 | 4-octet field | 1190 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1191 | PadN Option=1 |Opt Data Len=4 | 0 | 0 | 1192 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1193 | 0 | 0 | Option Type=X |Opt Data Len=12| 1194 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1195 | 4-octet field | 1196 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1197 | | 1198 + 8-octet field + 1199 | | 1200 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1202 Appendix B. Changes from Previous Draft 1204 Changes from draft-hinden-ipng-ipv6-spec-00.txt, October 1994: 1206 o Changed "cluster address" to "region address". 1208 o Added definitions of "upper layer" and "packet" to Terminology 1209 section. 1211 o Changed all references of "transport layer" to "upper layer". 1213 o Changed name of "TClass" field to "Priority", changed name of 1214 "Flow ID" field to "Flow Label", and dropped the use of the name 1215 "Flow Label" to refer to the combination of those two fields. 1217 o Added note that Hop-by-Hop Options must be processed by source and 1218 destination nodes, as well as intermediate nodes along a delivery 1219 path. 1221 o Specified that unknown Next Header values, as well as a Next Value 1222 of zero in any header other than an IPv6 header, should invoke an 1223 ICMP Parameter Problem message. 1225 o Changed name of "End-to-End Options" to "Destination Options", and 1226 specified that the Destination Options header may occur twice in a 1227 packet, once before a Routing Header and once before the upper- 1228 layer header. 1230 o Changed text regarding advisability of violating recommended 1231 ordering for extension headers ("be conservative in what you send; 1232 be liberal in what you receive"). 1234 o Specified that an unrecognized option triggers an ICMP Parameter 1235 Problem, Code 2, message, not an "ICMP Unrecognized Type" message. 1237 o The third-highest-order bit of Option Type codes, which indicates 1238 whether or not an option's data can change en-route, now applies 1239 to Destination Options as well as Hop-by-Hop Options, because 1240 Destination Options can now precede a Routing header and thus may 1241 be modified en-route. 1243 o Added the Jumbo Payload hop-by-hop option. 1245 o Deleted prohibition of en-route insertion of Routing headers 1246 (though I still think it's a bad idea). 1248 o Added Strict/Loose Bit Map to the Type 0 Routing header. 1250 o Deleted IPv6-in-IPv6 Encapsulation section -- moved to a separate 1251 document. 1253 o Added the "no next header" Next Header type. 1255 o Added a recommendation that links with configurable MTU, such as 1256 PPP links, be configured with an MTU larger than the minimum (576) 1257 so as to accommodate encapsulations (tunneling) without incurring 1258 fragmentation. 1260 o Split the Flow Label and Priority discussion into two sections. 1262 o Changed the description of the fields that must not change within 1263 a flow to include all headers up to and including the Routing 1264 header. 1266 o Added discussion of "opportunistic" flow state set-up, and added 1267 requirement that such state must be discarded within 6 seconds of 1268 being established. Also discussed source behavior to avoid 1269 reusing an active flow label after a reboot. 1271 o Added a warning about assuming that most packets will belong to 1272 flows. 1274 o In making the distinction between the two sub-ranges of Priority 1275 values, changed the terminology from "flow-controlled" to 1276 "congestion-controlled". 1278 o Deleted statement about flow set-up mechanisms possibly redefining 1279 the semantics of the Priority (formerly TClass) field. 1281 o Rearranged some text in the Upper-Layer (formerly Transport-Layer) 1282 Checksums section, added requirement that IPv6 hosts discard UDP 1283 packets with zero checksum, and changed the ICMP pseudo-header to 1284 be the same as the TCP/UDP pseudo-header. 1286 o Added a small section about upper-layer maximum payload size. 1288 o Updated references to newer documents. 1290 o Put Deering's name back on as an editor. 1292 Security Considerations 1294 This document specifies the format of an Authentication header, which is 1295 part of the machinery intended to provide end-to-end authentication and 1296 integrity assurance for IPv6 packets. Non-repudiation may be provided 1297 by an authentication algorithm used with the Authentication option, but 1298 it is not provided with all authentication algorithms that might be used 1299 with this option. Usage of the option is specified in [IPV6-AUTH]. 1301 Acknowledgments 1303 The document editors gratefully acknowledge the many helpful suggestions 1304 of the members of the IPng working group, the End-to-End Protocols 1305 research group, and the Internet Community At Large. 1307 Document Editors' Addresses 1309 Stephen E. Deering Robert M. Hinden 1310 Xerox Palo Alto Research Center Ipsilon Networks, Inc. 1311 3333 Coyote Hill Road 2465 Latham Street, Suite 100 1312 Palo Alto, CA 94304 Mt. View, CA 94040 1313 USA USA 1315 phone: +1 415 812 4839 phone: +1 415 528 4604 1316 fax: +1 415 812 4471 fax: +1 415 528 4653 1317 email: deering@parc.xerox.com email: hinden@ipsilon.com 1319 References 1321 [IPV6-AUTH] R. Atkinson, IPv6 Authentication Header, March 1995. 1323 [IPV6-ICMP] A. Conta and S. Deering, ICMP for the Internet Protocol 1324 Version 6 (IPv6), October 1994. 1326 [IPV6-TRAN] R. Gilligan and E. Nordmark, Transition Mechanisms for IPv6 1327 Hosts and Routers, March 1995. 1329 [IPV6-ADDR] R. Hinden, Editor, IP Version 6 Addressing Architecture, 1330 March 1995. 1332 [RFC-1191] J. Mogul and S. Deering, Path MTU Discovery, RFC-1191, 1333 November 1990. 1335 [RFC-791] J. Postel, Internet Protocol, RFC-791, September 1981. 1337 [RFC-1700] J. Reynolds and J. Postel, Assigned Numbers, RFC-1700, 1338 October 1994. 1340 [RFC-1548] W. Simpson, The Point-to-Point Protocol (PPP), RFC-1548, 1341 April 1994.