datatracker.ietf.org
Sign in
Version 5.4.0, 2014-04-22
Report a bug

Label Edge Router Forwarding of IPv4 Option Packets
RFC 6178

Internet Engineering Task Force (IETF)                          D. Smith
Request for Comments: 6178                                   J. Mullooly
Updates: 3031                                              Cisco Systems
Category: Standards Track                                      W. Jaeger
ISSN: 2070-1721                                                     AT&T
                                                               T. Scholl
                                                   nLayer Communications
                                                              March 2011

          Label Edge Router Forwarding of IPv4 Option Packets

Abstract

   This document specifies how Label Edge Routers (LERs) should behave
   when determining whether to MPLS encapsulate an IPv4 packet with
   header options.  Lack of a formal standard has resulted in different
   LER forwarding behaviors for IPv4 packets with header options despite
   being associated with a prefix-based Forwarding Equivalence Class
   (FEC).  IPv4 option packets that belong to a prefix-based FEC, yet
   are forwarded into an IPv4/MPLS network without being MPLS-
   encapsulated, present a security risk against the MPLS
   infrastructure.  Further, LERs that are unable to MPLS encapsulate
   IPv4 packets with header options cannot operate in certain MPLS
   environments.  While this newly defined LER behavior is mandatory to
   implement, it is optional to invoke.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc6178.

Smith, et al.                Standards Track                    [Page 1]
RFC 6178          LER Forwarding of IPv4 Option Packets       March 2011

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1. Motivation ......................................................2
   2. Introduction ....................................................2
   3. Specification of Requirements ...................................4
   4. Ingress Label Edge Router Requirement ...........................4
   5. Security Considerations .........................................5
      5.1. IPv4 Option Packets That Bypass MPLS Encapsulation .........5
      5.2. Router Alert Label Imposition ..............................7
   6. Acknowledgements ................................................7
   7. References ......................................................7
      7.1. Normative References .......................................7
      7.2. Informative References .....................................8

1.  Motivation

   This document is motivated by the need to formalize MPLS
   encapsulation processing of IPv4 packets with header options in order
   to mitigate the existing risks of IPv4 options-based security attacks
   against MPLS infrastructures.  We believe that this document adds
   details that have not been fully addressed in [RFC3031] and
   [RFC3032], and that the methods presented in this document update
   [RFC3031] as well as complement [RFC3270], [RFC3443], and [RFC4950].

2.  Introduction

   The IPv4 packet header provides for various IPv4 options as
   originally specified in [RFC791].  IPv4 header options are used to
   enable control functions within the IPv4 data forwarding plane that
   are required in some specific situations but not necessary for most
   common IPv4 communications.  Typical IPv4 header options include

Smith, et al.                Standards Track                    [Page 2]
RFC 6178          LER Forwarding of IPv4 Option Packets       March 2011

   provisions for timestamps, security, and special routing.  Example

[include full document text]