Label Edge Router Forwarding of IPv4 Option Packets
RFC 6178
Document | Type |
RFC - Proposed Standard
(March 2011; No errata)
Updates RFC 3031
|
|
---|---|---|---|
Authors | Tom Scholl , John Mullooly , David Smith , William Jaeger | ||
Last updated | 2015-10-14 | ||
Replaces | draft-dasmith-mpls-ip-options | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Reviews | |||
Stream | WG state | WG Document | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 6178 (Proposed Standard) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Adrian Farrel | ||
IESG note | George Swallow (swallow@cisco.com) is the Document Shepherd. | ||
Send notices to | (None) |
Internet Engineering Task Force (IETF) D. Smith Request for Comments: 6178 J. Mullooly Updates: 3031 Cisco Systems Category: Standards Track W. Jaeger ISSN: 2070-1721 AT&T T. Scholl nLayer Communications March 2011 Label Edge Router Forwarding of IPv4 Option Packets Abstract This document specifies how Label Edge Routers (LERs) should behave when determining whether to MPLS encapsulate an IPv4 packet with header options. Lack of a formal standard has resulted in different LER forwarding behaviors for IPv4 packets with header options despite being associated with a prefix-based Forwarding Equivalence Class (FEC). IPv4 option packets that belong to a prefix-based FEC, yet are forwarded into an IPv4/MPLS network without being MPLS- encapsulated, present a security risk against the MPLS infrastructure. Further, LERs that are unable to MPLS encapsulate IPv4 packets with header options cannot operate in certain MPLS environments. While this newly defined LER behavior is mandatory to implement, it is optional to invoke. Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6178. Smith, et al. Standards Track [Page 1] RFC 6178 LER Forwarding of IPv4 Option Packets March 2011 Copyright Notice Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Motivation ......................................................2 2. Introduction ....................................................2 3. Specification of Requirements ...................................4 4. Ingress Label Edge Router Requirement ...........................4 5. Security Considerations .........................................5 5.1. IPv4 Option Packets That Bypass MPLS Encapsulation .........5 5.2. Router Alert Label Imposition ..............................7 6. Acknowledgements ................................................7 7. References ......................................................7 7.1. Normative References .......................................7 7.2. Informative References .....................................8 1. Motivation This document is motivated by the need to formalize MPLS encapsulation processing of IPv4 packets with header options in order to mitigate the existing risks of IPv4 options-based security attacks against MPLS infrastructures. We believe that this document adds details that have not been fully addressed in [RFC3031] and [RFC3032], and that the methods presented in this document update [RFC3031] as well as complement [RFC3270], [RFC3443], and [RFC4950]. 2. Introduction The IPv4 packet header provides for various IPv4 options as originally specified in [RFC791]. IPv4 header options are used to enable control functions within the IPv4 data forwarding plane that are required in some specific situations but not necessary for most common IPv4 communications. Typical IPv4 header options include Smith, et al. Standards Track [Page 2] RFC 6178 LER Forwarding of IPv4 Option Packets March 2011 provisions for timestamps, security, and special routing. Example IPv4 header options and applications include but are not limited to the following: o Strict and Loose Source Route Options: Used to IPv4 route the IPv4 packet based on information supplied by the source.Show full document text