Generation of IPv6 Atomic Fragments Considered Harmful
RFC 8021

• Status
• IESG evaluation record
• IESG writeups
• Email expansions
• History

• Versions
• 00
• 01
• 02
• 03
• 04
• 05
• 06
• 07
• 08

Document	Type		RFC - Informational (January 2017; No errata) Was draft-ietf-6man-deprecate-atomfrag-generation (6man WG)
	Last updated		2017-01-06
	Stream		IETF
	Formats		plain text pdf html bibtex
	Reviews		GENART Last Call Review (of -07): Ready SECDIR Last Call Review (of -06): Ready INTDIR Early Review (of -06): Ready INTDIR Early Review (of -06): Ready
Stream	WG state		Submitted to IESG for Publication
	Document shepherd		Robert Hinden
	Shepherd write-up		Show (last changed 2016-09-01)
IESG	IESG state		RFC 8021 (Informational)
	Consensus Boilerplate		Yes
	Telechat date
	Responsible AD		Suresh Krishnan
	Send notices to		"Robert M. Hinden" <bob.hinden@gmail.com>
IANA	IANA review state		Version Changed - Review Needed
	IANA action state		No IC

Internet Engineering Task Force (IETF)                           F. Gont
Request for Comments: 8021                        SI6 Networks / UTN-FRH
Category: Informational                                           W. Liu
ISSN: 2070-1721                                      Huawei Technologies
                                                             T. Anderson
                                                          Redpill Linpro
                                                            January 2017

         Generation of IPv6 Atomic Fragments Considered Harmful

Abstract

   This document discusses the security implications of the generation
   of IPv6 atomic fragments and a number of interoperability issues
   associated with IPv6 atomic fragments.  It concludes that the
   aforementioned functionality is undesirable and thus documents the
   motivation for removing this functionality from an upcoming revision
   of the core IPv6 protocol specification (RFC 2460).

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are a candidate for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc8021.

Gont, et al.                  Informational                     [Page 1]
RFC 8021        IPv6 Atomic Fragments Considered Harmful    January 2017

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1. Introduction ....................................................2
   2. Security Implications of the Generation of IPv6 Atomic
      Fragments .......................................................3
   3. Additional Considerations .......................................5
   4. Conclusions .....................................................8
   5. Security Considerations .........................................8
   6. References ......................................................9
      6.1. Normative References .......................................9
      6.2. Informative References ....................................10
   Acknowledgements ..................................................12
   Authors' Addresses ................................................12

1.  Introduction

   [RFC2460] specifies the IPv6 fragmentation mechanism, which allows
   IPv6 packets to be fragmented into smaller pieces such that they can
   fit in the Path MTU to the intended destination(s).

   A legacy IPv4/IPv6 translator implementing the Stateless IP/ICMP
   Translation Algorithm [RFC6145] may legitimately generate ICMPv6
   "Packet Too Big" (PTB) error messages [RFC4443] advertising an MTU
   smaller than 1280 (the minimum IPv6 MTU).  Section 5 of [RFC2460]
   states that, upon receiving such an ICMPv6 error message, hosts are
   not required to reduce the assumed Path MTU but must simply include a
   Fragment Header in all subsequent packets sent to that destination.
   The resulting packets will thus *not* be actually fragmented into
   several pieces; rather, they will be "atomic" fragments [RFC6946]
   (i.e., they will just include a Fragment Header with both the
   "Fragment Offset" and the "M" flag set to 0).  [RFC6946] requires
   that these atomic fragments be essentially processed by the
   destination host(s) as non-fragmented traffic (since there are not

Gont, et al.                  Informational                     [Page 2]
RFC 8021        IPv6 Atomic Fragments Considered Harmful    January 2017

   really any fragments to be reassembled).  The goal of these atomic
   fragments is simply to convey an appropriate Identification value to

Show full document text