idnits 2.17.1 draft-ietf-tram-stun-pmtud-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 17, 2018) is 2047 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'ITU.V42.2002' ** Obsolete normative reference: RFC 5389 (Obsoleted by RFC 8489) ** Downref: Normative reference to an Experimental RFC: RFC 5780 Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 TRAM M. Petit-Huguenin 3 Internet-Draft Impedance Mismatch 4 Intended status: Standards Track G. Salgueiro 5 Expires: March 21, 2019 Cisco 6 September 17, 2018 8 Path MTU Discovery Using Session Traversal Utilities for NAT (STUN) 9 draft-ietf-tram-stun-pmtud-10 11 Abstract 13 This document describes a Session Traversal Utilities for NAT (STUN) 14 Usage for Path MTU Discovery (PMTUD) between a client and a server. 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at https://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on March 21, 2019. 33 Copyright Notice 35 Copyright (c) 2018 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (https://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 51 2. Overview of Operations . . . . . . . . . . . . . . . . . . . 3 52 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 53 4. Probing Mechanisms . . . . . . . . . . . . . . . . . . . . . 5 54 4.1. Simple Probing Mechanism . . . . . . . . . . . . . . . . 6 55 4.1.1. Sending a Probe Request . . . . . . . . . . . . . . . 6 56 4.1.2. Receiving a Probe Request . . . . . . . . . . . . . . 6 57 4.1.3. Receiving a Probe Response . . . . . . . . . . . . . 7 58 4.2. Complete Probing Mechanism . . . . . . . . . . . . . . . 7 59 4.2.1. Sending the Probe Indications and Report Request . . 7 60 4.2.2. Receiving an ICMP Packet . . . . . . . . . . . . . . 8 61 4.2.3. Receiving a Probe Indication and Report Request . . . 8 62 4.2.4. Receiving a Report Response . . . . . . . . . . . . . 9 63 4.2.5. Using Checksums as Packet Identifiers . . . . . . . . 9 64 4.2.6. Using Sequence Numbers as Packet Identifiers . . . . 10 65 5. Probe Support Signaling Mechanisms . . . . . . . . . . . . . 10 66 5.1. Explicit Probe Support Signaling Mechanism . . . . . . . 11 67 5.2. Implicit Probe Support Signaling Mechanism . . . . . . . 11 68 6. STUN Attributes . . . . . . . . . . . . . . . . . . . . . . . 11 69 6.1. IDENTIFIERS . . . . . . . . . . . . . . . . . . . . . . . 11 70 6.2. PMTUD-SUPPORTED . . . . . . . . . . . . . . . . . . . . . 12 71 7. Security Considerations . . . . . . . . . . . . . . . . . . . 12 72 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 12 73 8.1. New STUN Methods . . . . . . . . . . . . . . . . . . . . 12 74 8.2. New STUN Attributes . . . . . . . . . . . . . . . . . . . 13 75 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 76 9.1. Normative References . . . . . . . . . . . . . . . . . . 13 77 9.2. Informative References . . . . . . . . . . . . . . . . . 14 78 Appendix A. Release Notes . . . . . . . . . . . . . . . . . . . 14 79 A.1. Modifications between draft-ietf-tram-stun-pmtud-10 and 80 draft-ietf-tram-stun-pmtud-09 . . . . . . . . . . . . . . 14 81 A.2. Modifications between draft-ietf-tram-stun-pmtud-09 and 82 draft-ietf-tram-stun-pmtud-08 . . . . . . . . . . . . . . 14 83 A.3. Modifications between draft-ietf-tram-stun-pmtud-08 and 84 draft-ietf-tram-stun-pmtud-07 . . . . . . . . . . . . . . 14 85 A.4. Modifications between draft-ietf-tram-stun-pmtud-07 and 86 draft-ietf-tram-stun-pmtud-06 . . . . . . . . . . . . . . 14 87 A.5. Modifications between draft-ietf-tram-stun-pmtud-06 and 88 draft-ietf-tram-stun-pmtud-05 . . . . . . . . . . . . . . 14 89 A.6. Modifications between draft-ietf-tram-stun-pmtud-05 and 90 draft-ietf-tram-stun-pmtud-04 . . . . . . . . . . . . . . 15 91 A.7. Modifications between draft-ietf-tram-stun-pmtud-04 and 92 draft-ietf-tram-stun-pmtud-03 . . . . . . . . . . . . . . 15 93 A.8. Modifications between draft-ietf-tram-stun-pmtud-03 and 94 draft-ietf-tram-stun-pmtud-02 . . . . . . . . . . . . . . 15 95 A.9. Modifications between draft-ietf-tram-stun-pmtud-02 and 96 draft-ietf-tram-stun-pmtud-01 . . . . . . . . . . . . . . 16 97 A.10. Modifications between draft-ietf-tram-stun-pmtud-01 and 98 draft-ietf-tram-stun-pmtud-00 . . . . . . . . . . . . . . 16 99 A.11. Modifications between draft-ietf-tram-stun-pmtud-00 and 100 draft-petithuguenin-tram-stun-pmtud-01 . . . . . . . . . 16 101 A.12. Modifications between draft-petithuguenin-tram-stun- 102 pmtud-01 and draft-petithuguenin-tram-stun-pmtud-00 . . . 16 103 A.13. Modifications between draft-petithuguenin-tram-stun- 104 pmtud-00 and draft-petithuguenin-behave-stun-pmtud-03 . . 16 105 A.14. Modifications between draft-petithuguenin-behave-stun- 106 pmtud-03 and draft-petithuguenin-behave-stun-pmtud-02 . . 16 107 A.15. Modifications between draft-petithuguenin-behave-stun- 108 pmtud-02 and draft-petithuguenin-behave-stun-pmtud-01 . . 17 109 A.16. Modifications between draft-petithuguenin-behave-stun- 110 pmtud-01 and draft-petithuguenin-behave-stun-pmtud-00 . . 17 111 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 17 112 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17 114 1. Introduction 116 The Packetization Layer Path MTU Discovery (PMTUD) specification 117 [RFC4821] describes a method to discover the Path MTU but does not 118 describe a practical protocol to do so with UDP. 120 Many UDP-based protocols do not implement the Path MTU discovery 121 mechanism described in [RFC4821]. These protocols can make use of 122 the probing mechanisms described in this document instead of 123 designing their own adhoc extension. These probing mechanisms are 124 implemented with Session Traversal Utilities for NAT (STUN), but 125 their usage is not limited to STUN-based protocols. 127 The STUN usage defined in this document for Path MTU Discovery 128 (PMTUD) between a client and a server permits proper operations of 129 UDP-based applications in the network. It also simplifies 130 troubleshooting and has multiple other applications across a wide 131 variety of technologies. 133 Complementary techniques can be used to discover additional network 134 characteristics, such as the network path (using the STUN Traceroute 135 mechanism described in [I-D.martinsen-tram-stuntrace]) and bandwidth 136 availability (using the mechanism described in 137 [I-D.martinsen-tram-turnbandwidthprobe]). 139 2. Overview of Operations 141 This section is meant to be informative only. It is not intended as 142 a replacement for [RFC4821]. 144 A UDP endpoint that uses this specification to discover the Path MTU 145 over UDP and knows that the endpoint it is communicating with also 146 supports this specification can choose to use either the Simple 147 Probing mechanism (as described in Section 4.1) or the Complete 148 Probing mechanism (as described in Section 4.2). The selection of 149 which Probing Mechanism to use is dependent on performance and 150 security and complexity trade-offs. 152 If the Simple Probing mechanism is chosen, then the Client initiates 153 Probe transactions, as shown in Figure 1, which increase in size 154 until transactions timeout, indicating that the Path MTU has been 155 exceeded. It then uses that information to update the Path MTU. 157 Client Server 158 | | 159 | Probe Request | 160 |---------------->| 161 | | 162 | Probe Response | 163 |<----------------| 164 | | 166 Figure 1: Simple Probing Example 168 If the Complete Probing mechanism (as described in Section 4.2) is 169 chosen, then the Client sends Probe Indications of various sizes (as 170 specified in [RFC4821]) interleaved with UDP packets sent by the UDP 171 protocol. The Client then sends a Report Request for the ordered 172 list of identifiers for the UDP packets and Probe Indications 173 received by the Server. The Client then compares the list returned 174 in the Report Response with its own list of identifiers for the UDP 175 packets and Probe Indications it sent. The Client then uses that 176 comparison to find which Probe Indications were dropped by the 177 network as a result of their size. It then uses that information to 178 update the Path MTU. 180 Because of the possibility of amplification attack, the Complete 181 Probing mechanism must be authenticated. Particular care must be 182 taken to prevent amplification when an external mechanism is used to 183 trigger the Complete Probing mechanism. 185 Client Server 186 | UDP Packet | 187 |------------------>| 188 | | 189 | UDP Packet | 190 |------------------>| 191 | | 192 | Probe Indication | 193 |------------------>| 194 | | 195 | UDP Packet | 196 |------------------>| 197 | | 198 | Probe Indication | 199 |------------------>| 200 | | 201 | Report Request | 202 |------------------>| 203 | Report Response | 204 |<------------------| 205 | | 207 Figure 2: Complete Probing Example 209 3. Terminology 211 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 212 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 213 "OPTIONAL" in this document are to be interpreted as described in BCP 214 14 [RFC2119][RFC8174] when, and only when, they appear in all 215 capitals, as shown here. 217 4. Probing Mechanisms 219 The Probing mechanism is used to discover the Path MTU in one 220 direction only, from the client to the server. 222 Two Probing mechanisms are described, a Simple Probing mechanism and 223 a more complete mechanism that can converge quicker and find an 224 appropriate PMTU in the presence of congestion. Additionally, the 225 Simple Probing mechanism does not require authentication except where 226 used as an implicit signaling mechanism, whereas the complete 227 mechanism does. 229 Implementations supporting this specification MUST implement the 230 server side of both the Simple Probing mechanism (Section 4.1) and 231 the Complete Probing mechanism (Section 4.2). 233 Implementations supporting this specification MUST implement the 234 client side of the Complete Probing mechanism. They MAY implement 235 the client side of the Simple Probing mechanism. 237 4.1. Simple Probing Mechanism 239 The Simple Probing mechanism is implemented by sending a Probe 240 Request with a PADDING [RFC5780] attribute over UDP with the DF bit 241 set in the IP header. A router on the path to the server can reject 242 this request with an ICMP message or drop it. 244 4.1.1. Sending a Probe Request 246 A client forms a Probe Request by using the Probe Method and 247 following the rules in Section 7.1 of [RFC5389]. 249 The Probe transaction MUST be authenticated if the Simple Probing 250 mechanism is used in conjunction with the Implicit Probing Support 251 mechanism described in Section 5.2. If not, the Probe transaction 252 MAY be authenticated. 254 The client adds a PADDING [RFC5780] attribute with a length that, 255 when added to the IP and UDP headers and the other STUN components, 256 is equal to the Selected Probe Size, as defined in [RFC4821] 257 Section 7.3. The client MUST add the FINGERPRINT attribute so the 258 STUN messages are disambiguated from the other protocol packets. 260 Then the client sends the Probe Request to the server over UDP with 261 the DF bit set. For the purpose of this transaction, the Rc 262 parameter specified in Section 7.2.1 of [RFC5389] is set to 3. The 263 initial value for RTO stays at 500 ms. 265 A client MUST NOT send a probe if it does not have knowledge that the 266 server supports this specification. This is done either by external 267 signalling or by a mechanism specific to the UDP protocol to which 268 PMTUD capabilities are added or by one of the mechanisms specified in 269 Section 5. 271 4.1.2. Receiving a Probe Request 273 A server receiving a Probe Request MUST process it as specified in 274 [RFC5389]. 276 The server then creates a Probe Response. The server MUST add the 277 FINGERPRINT attribute so the STUN messages are disambiguated from the 278 other protocol packets. The server then sends the response to the 279 client. 281 4.1.3. Receiving a Probe Response 283 A client receiving a Probe Response MUST process it as specified in 284 [RFC5389]. If a response is received this is interpreted as a Probe 285 Success, as defined in [RFC4821] Section 7.6.1. If an ICMP packet 286 "Fragmentation needed" is received then this is interpreted as a 287 Probe Failure, as defined in [RFC4821] Section 7.6.2. If the Probe 288 transaction times out, then this is interpreted as a Probe 289 Inconclusive, as defined in [RFC4821] Section 7.6.4. 291 4.2. Complete Probing Mechanism 293 The Complete Probing mechanism is implemented by sending one or more 294 Probe Indications with a PADDING attribute over UDP with the DF bit 295 set in the IP header followed by a Report Request to the same server. 296 A router on the path to the server can reject this Indication with an 297 ICMP message or drop it. The server keeps a chronologically ordered 298 list of identifiers for all packets received (including retransmitted 299 packets) and sends this list back to the client in the Report 300 Response. The client analyzes this list to find which packets were 301 not received. Because UDP packets do not contain an identifier, the 302 Complete Probing mechanism needs a way to identify each packet 303 received. 305 Some application layer protocols may already have a way of 306 identifying each individual UDP packet, in which case these 307 identifiers SHOULD be used in the IDENTIFIERS attribute of the Report 308 Response. While there are other possible packet identification 309 schemes, this document describes two different ways to identify a 310 specific packet when no application layer protocol-specific 311 identification mechanism is available. 313 In the first packet identification mechanism, the server computes a 314 checksum over each packet received and sends back to the sender the 315 list of checksums ordered chronologically. The client compares this 316 list to its own list of checksums. 318 In the second packet identification mechanism, the client prepends 319 the UDP data with a header that provides a sequence number. The 320 server sends back the chronologically ordered list of sequence 321 numbers received that the client then compares with its own list. 323 4.2.1. Sending the Probe Indications and Report Request 325 A client forms a Probe Indication by using the Probe Method and 326 following the rules in [RFC5389] Section 7.1. The client adds to the 327 Probe Indication a PADDING attribute with a size that, when added to 328 the IP and UDP headers and the other STUN components, is equal to the 329 Selected Probe Size, as defined in [RFC4821] Section 7.3. If the 330 authentication mechanism permits it, then the Indication MUST be 331 authenticated. The client MUST add the FINGERPRINT attribute so the 332 STUN messages are disambiguated from the other protocol packets. 334 Then the client sends the Probe Indication to the server over UDP 335 with the DF bit set. 337 Then the client forms a Report Request by following the rules in 338 [RFC5389] Section 7.1. The Report transaction MUST be authenticated 339 to prevent amplification attacks. The client MUST add the 340 FINGERPRINT attribute so the STUN messages are disambiguated from the 341 other protocol packets. 343 Then the client waits half the RTO after sending the last Probe 344 Indication and then sends the Report Request to the server over UDP. 346 4.2.2. Receiving an ICMP Packet 348 If an ICMP packet "Fragmentation needed" is received then this is 349 interpreted as a Probe Failure, as defined in [RFC4821] Section 7.5. 351 4.2.3. Receiving a Probe Indication and Report Request 353 A server supporting this specification will keep the identifiers of 354 all packets received in a chronologically ordered list. The packets 355 that are to be associated to a list are selected according to 356 Section 5.2 of [RFC4821]. The same identifier can appear multiple 357 times in the list because of retransmissions. The maximum size of 358 this list is calculated such that when the list is added to the 359 Report Response, the total size of the packet does not exceed the 360 unknown Path MTU, as defined in [RFC5389] Section 7.1. Older 361 identifiers are removed when new identifiers are added to a list that 362 is already full. 364 A server receiving a Report Request MUST process it as specified in 365 [RFC5389]. 367 The server creates a Report Response and adds an IDENTIFIERS 368 attribute that contains the chronologically ordered list of all 369 identifiers received so far. The server MUST add the FINGERPRINT 370 attribute. The server then sends the response to the client. 372 The exact content of the IDENTIFIERS attribute depends on what type 373 of identifiers have been chosen for the protocol. Each protocol 374 adding PMTUD capabilities as specified by this specification MUST 375 describe the format of the contents of the IDENTIFIERS attribute, 376 unless it is using one of the formats described in this 377 specification. See Section 6.1 for details about the IDENTIFIERS 378 attribute. 380 4.2.4. Receiving a Report Response 382 A client receiving a Report Response processes it as specified in 383 [RFC5389]. If the response IDENTIFIERS attribute contains the 384 identifier of the Probe Indication, then this is interpreted as a 385 Probe Success for this probe, as defined in [RFC4821] Section 7.5. 386 If the Probe Indication identifier cannot be found in the Report 387 Response, this is interpreted as a Probe Failure, as defined in 388 [RFC4821] Section 7.5. If the Probe Indication identifier cannot be 389 found in the Report Response but identifiers for other packets sent 390 before or after the Probe Indication can all be found, this is 391 interpreted as a Probe Failure as defined in [RFC4821] Section 7.5. 392 If the Report Transaction times out, this is interpreted as a Full- 393 Stop Timeout, as defined in [RFC4821] Section 3. 395 4.2.5. Using Checksums as Packet Identifiers 397 When using a checksum as a packet identifier, the client calculates 398 the checksum for each packet sent over UDP that is not a STUN Probe 399 Indication or Request and keeps this checksum in a chronologically 400 ordered list. The client also keeps the checksum of the STUN Probe 401 Indication or Request sent in that same chronologically ordered list. 402 The algorithm used to calculate the checksum is similar to the 403 algorithm used for the FINGERPRINT attribute (i.e., the CRC-32 of the 404 payload XOR'ed with the 32-bit value 0x5354554e [ITU.V42.2002]). 406 For each STUN Probe Indication or Request, the server retrieves the 407 STUN FINGERPRINT value. For all other packets, the server calculates 408 the checksum as described above. It puts these FINGERPRINT and 409 checksum values in a chronologically ordered list that is sent back 410 in the Report Response. 412 The contents of the IDENTIFIERS attribute is a list of 4 byte 413 numbers, each using the same encoding that is used for the contents 414 of the FINGERPRINT attribute. 416 It could have been possible to use the checksum generated in the UDP 417 checksum for this, but this value is generally not accessible to 418 applications. Also, sometimes the checksum is not calculated or is 419 off-loaded to network hardware. 421 4.2.6. Using Sequence Numbers as Packet Identifiers 423 When using sequence numbers, a small header similar to the TURN 424 ChannelData header is added in front of all packets that are not a 425 STUN Probe Indication or Request. The sequence number is 426 monotonically incremented by one for each packet sent. The most 427 significant bit of the sequence number is always 0. The server 428 collects the sequence number of the packets sent, or the 4 first 429 bytes of the transaction ID if a STUN Probe Indication or Request is 430 sent. In that case, the most significant bit of the 4 first bytes is 431 set to 1. 433 0 1 2 3 434 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 435 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 436 | Channel Number | Length | 437 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 438 |0| Sequence number | 439 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 440 | | 441 / Application Data / 442 / / 443 | | 444 | +-------------------------------+ 445 | | 446 +-------------------------------+ 448 The Channel Number is always 0xFFFF. The header values are encoded 449 using network order. 451 The contents of the IDENTIFIERS attribute is a chronologically 452 ordered list of 4 byte numbers, each containing either a sequence 453 number, if the packet was not a STUN Probe Indication or Request, or 454 the 4 first bytes of the transaction ID, with the most significant 455 bit forced to 1, if the packet is a STUN Probe Indication or Request. 457 5. Probe Support Signaling Mechanisms 459 The PMTUD mechanism described in this document is intended to be used 460 by any UDP-based protocols that do not have built-in PMTUD 461 capabilities, irrespective of whether those UDP-based protocols are 462 STUN-based or not. So the manner in which a specific protocol 463 discovers that it is safe to send PMTUD probes is largely dependent 464 on the details of that specific protocol, with the exception of the 465 Implicit Mechanism described below, which applies to any protocol. 467 5.1. Explicit Probe Support Signaling Mechanism 469 Some of these mechanisms can use a separate signalling mechanism (for 470 instance, an SDP attribute in an Offer/Answer exchange [RFC3264]), or 471 an optional flag that can be set in the protocol that is augmented 472 with PMTUD capabilities. STUN Usages that can benefit from PMTUD 473 capabilities can signal in-band that they support probing by 474 inserting a PMTUD-SUPPORTED attribute in some STUN methods. The 475 decision of which methods support this attribute is left to each 476 specific STUN Usage. 478 UDP-based protocols that want to use any of these mechanisms, 479 including the PMTUD-SUPPORTED attribute, to signal PMTUD capabilities 480 MUST ensure that it cannot be used to launch an amplification attack. 482 An amplification attack can be prevented using techniques such as: 484 o Authentication, where the source of the packet and the destination 485 share a secret. 487 o 3 way handshake with some form of unpredictable cookie. 489 o Make sure that the total size of the traffic potentially generated 490 is lower than the size of the request that generated it. 492 5.2. Implicit Probe Support Signaling Mechanism 494 As a result of the fact that all endpoints implementing this 495 specification are both clients and servers, a Probe Request or 496 Indication received by an endpoint acting as a server implicitly 497 signals that this server can now act as a client and MAY send a Probe 498 Request or Indication to probe the Path MTU in the reverse direction 499 toward the former client, that will now be acting as a server. 501 The Probe Request or Indication that are used to implicitly signal 502 probing support in the reverse direction MUST be authenticated to 503 prevent amplification attacks. 505 6. STUN Attributes 507 6.1. IDENTIFIERS 509 The IDENTIFIERS attribute carries a chronologically ordered list of 510 UDP packet identifiers. 512 While Section 4.2.5 and Section 4.2.6 describe two possible methods 513 for acquiring and formatting the identifiers used for this purpose, 514 ultimately each protocol has to define how these identifiers are 515 acquired and formatted. Therefore, the contents of the IDENTIFIERS 516 attribute is opaque. 518 6.2. PMTUD-SUPPORTED 520 The PMTUD-SUPPORTED attribute indicates that its sender supports this 521 specification. This attribute has no value part and thus the 522 attribute length field is 0. 524 7. Security Considerations 526 The PMTUD mechanism described in this document, when used without the 527 signalling mechanism described in Section 5.1, does not introduce any 528 specific security considerations beyond those described in [RFC4821]. 530 The attacks described in Section 11 of [RFC4821] apply equally to the 531 mechanism described in this document. 533 The amplification attacks introduced by the signalling mechanism 534 described in Section 5.1 can be prevented by using one of the 535 techniques described in that section. 537 The Simple Probing mechanism may be used without authentication 538 because this usage by itself cannot trigger an amplification attack 539 as the Probe Response is smaller than the Probe Request. An 540 unauthenticated Simple Probing mechanism cannot be used in 541 conjunction with the Implicit Probing Support Signaling mechanism in 542 order to prevent amplification attacks. 544 8. IANA Considerations 546 This specification defines two new STUN methods and two new STUN 547 attributes. 549 8.1. New STUN Methods 551 IANA is requested to add the following methods to the STUN Method 552 Registry: 554 0xXXX : Probe 556 0xXXX : Report 558 See Sections Section 4.1 and Section 4.2 for the semantics of these 559 new methods. 561 8.2. New STUN Attributes 563 IANA is requested to add the following attributes to the STUN Method 564 Registry: 566 Comprehension-required range (0x0000-0x7FFF): 567 0xXXXX: IDENTIFIERS 569 Comprehension-optional range (0x8000-0xFFFF) 570 0xXXXX: PMTUD-SUPPORTED 572 This IDENTIFIERS STUN attribute is defined in Section 6.1, the PMTUD- 573 SUPPORTED STUN attribute is defined in Section 6.2. 575 9. References 577 9.1. Normative References 579 [ITU.V42.2002] 580 International Telecommunications Union, "Error-correcting 581 Procedures for DCEs Using Asynchronous-to-Synchronous 582 Conversion", ITU-T Recommendation V.42, 2002. 584 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 585 Requirement Levels", BCP 14, RFC 2119, 586 DOI 10.17487/RFC2119, March 1997, 587 . 589 [RFC4821] Mathis, M. and J. Heffner, "Packetization Layer Path MTU 590 Discovery", RFC 4821, DOI 10.17487/RFC4821, March 2007, 591 . 593 [RFC5389] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, 594 "Session Traversal Utilities for NAT (STUN)", RFC 5389, 595 DOI 10.17487/RFC5389, October 2008, 596 . 598 [RFC5780] MacDonald, D. and B. Lowekamp, "NAT Behavior Discovery 599 Using Session Traversal Utilities for NAT (STUN)", 600 RFC 5780, DOI 10.17487/RFC5780, May 2010, 601 . 603 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 604 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 605 May 2017, . 607 9.2. Informative References 609 [I-D.martinsen-tram-stuntrace] 610 Martinsen, P. and D. Wing, "STUN Traceroute", draft- 611 martinsen-tram-stuntrace-01 (work in progress), June 2015. 613 [I-D.martinsen-tram-turnbandwidthprobe] 614 Martinsen, P., Andersen, T., Salgueiro, G., and M. Petit- 615 Huguenin, "Traversal Using Relays around NAT (TURN) 616 Bandwidth Probe", draft-martinsen-tram- 617 turnbandwidthprobe-00 (work in progress), May 2015. 619 [RFC3264] Rosenberg, J. and H. Schulzrinne, "An Offer/Answer Model 620 with Session Description Protocol (SDP)", RFC 3264, 621 DOI 10.17487/RFC3264, June 2002, 622 . 624 Appendix A. Release Notes 626 This section must be removed before publication as an RFC. 628 A.1. Modifications between draft-ietf-tram-stun-pmtud-10 and draft- 629 ietf-tram-stun-pmtud-09 631 o Modifications following reviews for gen-art (Roni Even) and secdir 632 (Carl Wallace). 634 A.2. Modifications between draft-ietf-tram-stun-pmtud-09 and draft- 635 ietf-tram-stun-pmtud-08 637 o Add 3 ways of preventing amplification attacks. 639 A.3. Modifications between draft-ietf-tram-stun-pmtud-08 and draft- 640 ietf-tram-stun-pmtud-07 642 o Updates following Spencer's review. 644 A.4. Modifications between draft-ietf-tram-stun-pmtud-07 and draft- 645 ietf-tram-stun-pmtud-06 647 o Updates following Shepherd review. 649 A.5. Modifications between draft-ietf-tram-stun-pmtud-06 and draft- 650 ietf-tram-stun-pmtud-05 652 o Nits. 654 o Restore missing changelog for previous version. 656 A.6. Modifications between draft-ietf-tram-stun-pmtud-05 and draft- 657 ietf-tram-stun-pmtud-04 659 o Modifications following Brandon Williams review. 661 A.7. Modifications between draft-ietf-tram-stun-pmtud-04 and draft- 662 ietf-tram-stun-pmtud-03 664 o Modifications following Simon Perreault and Brandon Williams 665 reviews. 667 A.8. Modifications between draft-ietf-tram-stun-pmtud-03 and draft- 668 ietf-tram-stun-pmtud-02 670 o Add new Overview of Operations section with ladder diagrams. 672 o Authentication is mandatory for the Complete Probing mechanism, 673 optional for the Simple Probing mechanism. 675 o All the ICE specific text moves to a separate draft to be 676 discussed in the ICE WG. 678 o The TURN usage is removed because probing between a TURN server 679 and TURN client is not useful. 681 o Any usage of PMTUD-SUPPORTED or other signaling mechanisms 682 (formerly knows as discovery mechanisms) must now be 683 authenticated. 685 o Both probing mechanisms are MTI in the server, the complete 686 probing mechanism is MTI in the client. 688 o Make clear that stopping after 3 retransmission is done by 689 changing the STUN parameter. 691 o Define the format of the attributes. 693 o Make clear that the specification is for any UDP protocol that 694 does not already have PMTUD capabilities, not just STUN based 695 protocols. 697 o Change the default delay to send the Report Request to 250 ms 698 after the last Indication if the RTO is unknown. 700 o Each usage of this specification must the format of the 701 IDENTIFIERS attribute contents. 703 o Better define the implicit signaling mechanism. 705 o Extend the Security Consideration section. 707 o Tons of nits. 709 A.9. Modifications between draft-ietf-tram-stun-pmtud-02 and draft- 710 ietf-tram-stun-pmtud-01 712 o Cleaned up references. 714 A.10. Modifications between draft-ietf-tram-stun-pmtud-01 and draft- 715 ietf-tram-stun-pmtud-00 717 o Added Security Considerations Section. 719 o Added IANA Considerations Section. 721 A.11. Modifications between draft-ietf-tram-stun-pmtud-00 and draft- 722 petithuguenin-tram-stun-pmtud-01 724 o Adopted by WG - Text unchanged. 726 A.12. Modifications between draft-petithuguenin-tram-stun-pmtud-01 and 727 draft-petithuguenin-tram-stun-pmtud-00 729 o Moved some Introduction text to the Probing Mechanism section. 731 o Added cross-reference to the other two STUN troubleshooting 732 mechanism drafts. 734 o Updated references. 736 o Added Gonzalo Salgueiro as co-author. 738 A.13. Modifications between draft-petithuguenin-tram-stun-pmtud-00 and 739 draft-petithuguenin-behave-stun-pmtud-03 741 o General refresh for republication. 743 A.14. Modifications between draft-petithuguenin-behave-stun-pmtud-03 744 and draft-petithuguenin-behave-stun-pmtud-02 746 o Changed author address. 748 o Changed the IPR to trust200902. 750 A.15. Modifications between draft-petithuguenin-behave-stun-pmtud-02 751 and draft-petithuguenin-behave-stun-pmtud-01 753 o Defined checksum and sequential numbers as possible packet 754 identifiers. 756 o Updated the reference to RFC 5389 758 o The FINGERPRINT attribute is now mandatory. 760 o Changed the delay between Probe indication and Report request to 761 be RTO/2 or 50 milliseconds. 763 o Added ICMP packet processing. 765 o Added Full-Stop Timeout detection. 767 o Stated that Binding request with PMTUD-SUPPORTED does not start 768 the PMTUD process if already started. 770 A.16. Modifications between draft-petithuguenin-behave-stun-pmtud-01 771 and draft-petithuguenin-behave-stun-pmtud-00 773 o Removed the use of modified STUN transaction but shorten the 774 retransmission for the simple probing mechanism. 776 o Added a complete probing mechanism. 778 o Removed the PADDING-RECEIVED attribute. 780 o Added release notes. 782 Acknowledgements 784 Thanks to Eilon Yardeni, Geir Sandbakken, Paal-Erik Martinsen, 785 Tirumaleswar Reddy, Ram Mohan R, Simon Perreault, Brandon Williams, 786 Tolga Asveren, Spencer Dawkins, Carl Wallace, and Roni Even for their 787 review comments, suggestions and questions that helped to improve 788 this document. 790 Special thanks to Dan Wing, who supported this document since its 791 first publication back in 2008. 793 Authors' Addresses 794 Marc Petit-Huguenin 795 Impedance Mismatch 797 Email: marc@petit-huguenin.org 799 Gonzalo Salgueiro 800 Cisco Systems, Inc. 801 7200-12 Kit Creek Road 802 Research Triangle Park, NC 27709 803 United States 805 Email: gsalguei@cisco.com