Generation of IPv6 Atomic Fragments Considered Harmful
RFC 8021
Document | Type | RFC - Informational (January 2017; No errata) | |
---|---|---|---|
Authors | Fernando Gont , Will LIU , Tore Anderson | ||
Last updated | 2017-01-06 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Reviews | |||
Stream | WG state | Submitted to IESG for Publication | |
Document shepherd | Bob Hinden | ||
Shepherd write-up | Show (last changed 2016-09-01) | ||
IESG | IESG state | RFC 8021 (Informational) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Yes | ||
Telechat date | |||
Responsible AD | Suresh Krishnan | ||
Send notices to | "Robert M. Hinden" <bob.hinden@gmail.com> | ||
IANA | IANA review state | Version Changed - Review Needed | |
IANA action state | No IANA Actions |
Internet Engineering Task Force (IETF) F. Gont Request for Comments: 8021 SI6 Networks / UTN-FRH Category: Informational W. Liu ISSN: 2070-1721 Huawei Technologies T. Anderson Redpill Linpro January 2017 Generation of IPv6 Atomic Fragments Considered Harmful Abstract This document discusses the security implications of the generation of IPv6 atomic fragments and a number of interoperability issues associated with IPv6 atomic fragments. It concludes that the aforementioned functionality is undesirable and thus documents the motivation for removing this functionality from an upcoming revision of the core IPv6 protocol specification (RFC 2460). Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc8021. Gont, et al. Informational [Page 1] RFC 8021 IPv6 Atomic Fragments Considered Harmful January 2017 Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction ....................................................2 2. Security Implications of the Generation of IPv6 Atomic Fragments .......................................................3 3. Additional Considerations .......................................5 4. Conclusions .....................................................8 5. Security Considerations .........................................8 6. References ......................................................9 6.1. Normative References .......................................9 6.2. Informative References ....................................10 Acknowledgements ..................................................12 Authors' Addresses ................................................12 1. Introduction [RFC2460] specifies the IPv6 fragmentation mechanism, which allows IPv6 packets to be fragmented into smaller pieces such that they can fit in the Path MTU to the intended destination(s). A legacy IPv4/IPv6 translator implementing the Stateless IP/ICMP Translation Algorithm [RFC6145] may legitimately generate ICMPv6 "Packet Too Big" (PTB) error messages [RFC4443] advertising an MTU smaller than 1280 (the minimum IPv6 MTU). Section 5 of [RFC2460] states that, upon receiving such an ICMPv6 error message, hosts are not required to reduce the assumed Path MTU but must simply include a Fragment Header in all subsequent packets sent to that destination. The resulting packets will thus *not* be actually fragmented into several pieces; rather, they will be "atomic" fragments [RFC6946] (i.e., they will just include a Fragment Header with both the "Fragment Offset" and the "M" flag set to 0). [RFC6946] requires that these atomic fragments be essentially processed by the destination host(s) as non-fragmented traffic (since there are not Gont, et al. Informational [Page 2] RFC 8021 IPv6 Atomic Fragments Considered Harmful January 2017 really any fragments to be reassembled). The goal of these atomic fragments is simply to convey an appropriate Identification value to be employed by IPv6/IPv4 translators for the resulting IPv4 fragments. While atomic fragments might seem rather benign, there are scenarios in which the generation of IPv6 atomic fragments can be leveraged for performing a number of attacks against the corresponding IPv6 flows.Show full document text