Processing of IPv6 "atomic" fragments
draft-gont-6man-ipv6-atomic-fragments-00

Document Type Replaced Internet-Draft (individual)
Last updated 2013-05-10 (latest revision 2011-12-15)
Replaced by draft-ietf-6man-ipv6-atomic-fragments
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html
Stream Stream state (No stream defined)
Document shepherd No shepherd assigned
IESG IESG state Replaced by draft-ietf-6man-ipv6-atomic-fragments
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-gont-6man-ipv6-atomic-fragments-00.txt

Abstract

IPv6 allows packets to contain a Fragment Header, without the packet being actually fragmented into multiple pieces. Such packets typically result from hosts that have received an ICMPv6 "Packet Too Big" error message that advertises a "Next-Hop MTU" smaller than 1280 bytes, and are currently processed by hosts as "fragmented traffic". By forging ICMPv6 "Packet Too Big" error messages an attacker can cause hosts to employ "atomic fragments", and the launch any fragmentation-based attacks against such traffic. This document discusses the generation of the aforementioned "atomic fragments", the corresponding security implications, and formally updates RFC 2460 and RFC 5722 such that the attack vector based on "atomic fragments" is completely eliminated.

Authors

Fernando Gont (fgont@si6networks.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)