Internet Area WG                                               J. Touch
Internet Draft                                                  USC/ISI
Intended status: <Best Current Practice>                      M. Mathis
Expires: January 2009                                               PSC
                                                           July 7, 2008

                      IPv4 ID Uniqueness Requirements

Status of this Memo

   By submitting this Internet-Draft, each author represents that
   any applicable patent or other IPR claims of which he or she is
   aware have been or will be disclosed, and any of which he or she
   becomes aware will be disclosed, in accordance with Section 6 of
   BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at

   The list of Internet-Draft Shadow Directories can be accessed at

   This Internet-Draft will expire on January 7, 2009.

Copyright Notice

   Copyright (C) The IETF Trust (2008).


   The IPv4 Identification field enables fragmentation and reassembly.
   This document clarifies the meaning of this field in the absence of
   fragmentation, based on ubiquitous current practice.

Touch, Mathis          Expires January 7, 2009                 [Page 1]

Internet-Draft     IPv4 ID Uniqueness Requirements            July 2008

Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in RFC-2119 [1].

Table of Contents

   1. Introduction...................................................2
   2. Current Requirements...........................................2
   3. Uses of the ID Field in IPv4...................................3
   4. IPv4 ID Exhaustion.............................................4
   5. Current Practice...............................................4
   6. Recommended Practice...........................................4
   7. Security Considerations........................................6
   8. IANA Considerations............................................6
   9. Acknowledgments................................................6
      9.1. Normative References......................................6
      9.2. Informative References....................................6
   Author's Addresses................................................7
   Intellectual Property Statement...................................7

1. Introduction

   In IPv4, the IP Identification (ID) field is a 16-bit value that is
   unique for every packet for a given source address, destination
   address, and protocol, such that it does not repeat within the
   Maximum Segment Lifetime (MSL) [2][7]. All packets between a source
   and destination of a given protocol must have unique ID values over a
   period of an MSL, which is typically interpreted as two minutes (120
   seconds). This uniqueness is currently specified as required for all
   packets, regardless of fragmentation settings.

   The uniqueness of the IP ID is a known problem for high speed
   devices, because it limits the speed of a single protocol between two
   endpoints to 6.4 Mbps for typical MTUs of 1500 bytes [4]. This
   strongly indicates that the uniqueness of the IPv4 ID is moot.

   This document describes the current practice of relaxing the IPv4
   uniqueness requirement.

2. Current Requirements

   IP supports packet fragmentation, where large packets are split into
   smaller components to traverse links with limited maximum

Touch, Mathis          Expires January 7, 2009                 [Page 2]

Internet-Draft     IPv4 ID Uniqueness Requirements            July 2008

   transmission units (MTUs). Fragments are indicated in different ways
   in IPv4 and IPv6:

   o  In IPv4, the header contains three fields: Identification (ID),
      Offset, a "Don't Fragment" flag (DF), and a "More Fragments" flag
      (MF) [7]

   o  In IPv6, fragments are indicated in an extension header that
      includes an ID, Offset, and MF flag similar to their counterparts
      in IPv4 [3]

   IPv4 and IPv6 fragmentation differs in a few important ways. IPv6
   fragmentation occurs only at the source, so a DF bit is not needed to
   prevent downstream devices from initiating fragmentation. The IPv6
   fragment header is present only when a packet has been fragmented, so
   the fields - notably the ID field, as will be shown later - are not
   present for non-fragmented packets, and thus are meaningful only for
   fragments. Finally, the ID field is 32 bits, and unique per
   source/destination address pair for IPv6, whereas for IPv4 it is only
   16 bits and unique per source/destination/protocol triple.

   This document focuses on the IPv4 ID field issues, because in IPv6
   the field is larger and present only in fragments.

3. Uses of the ID Field in IPv4

   The IPv4 ID field was originally intended for fragmentation and
   reassembly. Within a given source address, destination address, and
   protocol, fragments of an original packet are matched based on their
   IP ID. This requires that IDs are unique within the address/protocol
   triple when fragmentation is possible (e.g., DF=0).

   The ID field has been discussed as useful in other ways. It can be
   used to detect and discard duplicate packets, e.g., at congested
   routers (see Sec. of [2]).

   The ID field may also be useful in tunnels. ICMP along tunnels may
   return only a portion of the information needed by a tunnel ingress
   to relay information back to the packet source. Encapsulators may
   retain copies of recently sent packets, to enable ICMP relaying [6].

   These latter uses require that the IP ID be unique across all
   packets, not only when fragmentation is enabled.

Touch, Mathis          Expires January 7, 2009                 [Page 3]

Internet-Draft     IPv4 ID Uniqueness Requirements            July 2008

4. IPv4 ID Exhaustion

   With the maximum IPv4 packet size of 64KB, a 16-bit ID field that
   does not repeat within 120 seconds means that the sum of all TCP
   connections of a given protocol between two endpoints is limited to
   roughly 286 Mbps; at a more typical MTU of 1500 bytes, this speed
   drops to 6.4 Mbps [4]. This limit currently applies for all IPv4
   packets, regardless of whether fragmentation is enabled, used, or

   Note that IPv6, even at typical MTUs, is capable of 18.7 Tbps when
   fragments are present, due to the larger 32-bit ID field. When
   fragmentation is not used, IPv6 speeds are not limited by the ID
   field uniqueness.

5. Current Practice

   Wireless Internet devices are frequently connected at speeds over 54
   Mbps, and wired links of 1 Gbps have been the default for several
   years. Although many end-to-end transport paths are congestion
   limited, these devices easily achieve 100+ Mbps application-layer
   throughput over LANs (e.g., disk-to-disk file transfer rates), and
   numerous throughput demonstrations have been performed with COTS
   systems at these speeds for over a decade. This strongly suggests
   that IPv4 ID uniqueness has been moot for a long time.

6. Recommended Practice

   There are two kinds of packets, defined herein, for which recommended
   practice is described:

   o  Atomic packets: packets not yet having been fragmented (MF=0 and
      offset=0) and for which further fragmentation has been inhibited
      (DF=1), i.e.: ((DF==1)&&(MF==0)&&(offset==0))

   o  Non-atomic packets: packets which have either already been
      fragmented (MF=1 or offset>0 or both), or for which fragmentation
      remains possible (DF=0), i.e.: ((DF==0)||(MF==1)||(offset>0)), or
      (equivalently), ~((DF==1)&&(MF==0)&&(offset==0)).

   Although at least one document suggests the ID field has other uses,
   it useful to confirm here that the ID field is defined only for

   o  Gateways and receiving hosts (or tunnel egresses using IP
      encapsulation) MUST ignore the contents of the IPv4 ID field for
      atomic packets.

Touch, Mathis          Expires January 7, 2009                 [Page 4]

Internet-Draft     IPv4 ID Uniqueness Requirements            July 2008

   Fragments that repeat the IP ID risk being reassembled incorrectly,
   especially when fragments are reordered or lost [9]. Although such
   errors may be detected at the transport layer, this results in
   excessive overall packet loss, as well as wasting network bandwidth.
   As a result, this document notes that:

   o  IPv4 ID of non-atomic packets MUST be unique per source IP,
      destination IP, and protocol tuple sufficient to support

   Note that "sufficient to support reassembly" need not require unique
   IDs over a two minute interval. It should be sufficient that:

   o  IPv4 ID of non-atomic packets MUST NOT repeat within a given
      source, destination, and protocol tuple over the period that the
      receiver experiences fragment reordering.

   This suggests that the host employ rate limiting on each
   source/estination/protocol triple. The recommendations above are most
   appropriate at the host (or tunnel ingress), and can be difficult to
   enforce at routers. As a result, we recommend that for IPv4, as for

   o  IPv4 fragmentation SHOULD be limited to the originating source,
      e.g., the host or tunnel ingress. IPv4 fragmentation SHOULD NOT be
      performed where the IPv4 ID field is not under direct control,
      e.g., at routers.

   Note, however, that it may not be possible for applications to know
   whether any of the above three requirements are satisfied at a host
   or on tunnels along a path (esp. those employing outer
   fragmentation). As a result, we recommend that:

   o  Applications that cannot ensure safe IPv4 ID generation and that
      allow DF=0 SHOULD employ integrity checks that would detect mis-
      reassembled fragments, e.g, as in SEAL [10]. E.g., applications
      SHOULD NOT use UDP without checksums [8], and SHOULD be very
      careful in their use of UDP-Lite [5] in such environments, even
      existing UDP and TCP checksums may not be sufficient [4].

   o  Applications SHOULD set DF=1 for all packets exiting a source
      host, regardless of whether those packets are fragmented at the
      source or not.

Touch, Mathis          Expires January 7, 2009                 [Page 5]

Internet-Draft     IPv4 ID Uniqueness Requirements            July 2008

7. Security Considerations

   This document attempts to address the security considerations
   associated with fragmentation in IPv4 [9].

   When the IPv4 ID is ignored on receipt (e.g., for atomic packets),
   its value becomes unconstrained; that field then more easily be used
   as a covert channel.

8. IANA Considerations

   There are no IANA considerations in this document.

   The RFC Editor should remove this section prior to publication

9. Acknowledgments

   This document was inspired by of numerous discussions among the
   authors, Jari Arkko, Lars Eggert, Dino Farinacci, and Fred Templin,
   as well as members participating in the Internet Area Working Group.

   This document was prepared using

9.1. Normative References

   [1]   Bradner, S., "Key words for use in RFCs to Indicate Requirement
         Levels", BCP 14, RFC 2119, March 1997.

9.2. Informative References

   [2]   Braden, R., Ed., "Requirements for Internet Hosts -
         Communication Layers," RFC 1122 / STD 3, October 1989.

   [3]   Deering, S., R. Hinden, "Internet Protocol, Version 6 (IPv6)
         Specification," RFC 2460, December 1998.

   [4]   Heffner, J., M. Mathis, B. Chandler, "IPv4 Reassembly Errors at
         High Data Rates," RFC 4963, July 2007.

   [5]   Larzon, L-A., M. Degermark, S. Pink, L-E. Jonsson, Ed., G.
         Fairhurst, Ed.L., "The Lightweight User Datagram Protocol (UDP-
         Lite)," RFC 3828, July 2004.

   [6]   Perkins, C., "IP Encapsulation within IP," RFC 2003, October

Touch, Mathis          Expires January 7, 2009                 [Page 6]

Internet-Draft     IPv4 ID Uniqueness Requirements            July 2008

   [7]   Postel, J., "Internet Protocol," RFC 791 / STD 5, September

   [8]   Postel, J., "User Datagram Protocol," RFC 793 / STD 6, August

   [9]   Savola, P., "MTU and Fragmentation Issues with In-the-Network
         Tunneling," RFC 4459, April 2006.

   [10]  Templin, F., Ed., "The Subnetwork Encapsulation and Adaptation
         Layer (SEAL)," (work in progress), draft-templin-seal-22, June

Author's Addresses

   Joe Touch
   4676 Admiralty Way
   Marina del Rey, CA 90292-6695

   Phone: +1 (310) 448-9151

   Matt Mathis
   300 South Craig st.
   Pittsburgh PA, 15213

   Phone: +1 (412) 268-3319

Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

Touch, Mathis          Expires January 7, 2009                 [Page 7]

Internet-Draft     IPv4 ID Uniqueness Requirements            July 2008

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at


   This document and the information contained herein are provided on an

Copyright Statement

   Copyright (C) The IETF Trust (2008).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.


   Funding for the RFC Editor function is currently provided by the
   Internet Society.

Touch, Mathis          Expires January 7, 2009                 [Page 8]