Generation of IPv6 Atomic Fragments Considered Harmful
RFC 8021
Internet Engineering Task Force (IETF) F. Gont
Request for Comments: 8021 SI6 Networks / UTN-FRH
Category: Informational W. Liu
ISSN: 2070-1721 Huawei Technologies
T. Anderson
Redpill Linpro
January 2017
Generation of IPv6 Atomic Fragments Considered Harmful
Abstract
This document discusses the security implications of the generation
of IPv6 atomic fragments and a number of interoperability issues
associated with IPv6 atomic fragments. It concludes that the
aforementioned functionality is undesirable and thus documents the
motivation for removing this functionality from an upcoming revision
of the core IPv6 protocol specification (RFC 2460).
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are a candidate for any level of Internet
Standard; see Section 2 of RFC 7841.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc8021.
Gont, et al. Informational [Page 1]
RFC 8021 IPv6 Atomic Fragments Considered Harmful January 2017
Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction ....................................................2
2. Security Implications of the Generation of IPv6 Atomic
Fragments .......................................................3
3. Additional Considerations .......................................5
4. Conclusions .....................................................8
5. Security Considerations .........................................8
6. References ......................................................9
6.1. Normative References .......................................9
6.2. Informative References ....................................10
Acknowledgements ..................................................12
Authors' Addresses ................................................12
1. Introduction
[RFC2460] specifies the IPv6 fragmentation mechanism, which allows
IPv6 packets to be fragmented into smaller pieces such that they can
fit in the Path MTU to the intended destination(s).
A legacy IPv4/IPv6 translator implementing the Stateless IP/ICMP
Translation Algorithm [RFC6145] may legitimately generate ICMPv6
"Packet Too Big" (PTB) error messages [RFC4443] advertising an MTU
smaller than 1280 (the minimum IPv6 MTU). Section 5 of [RFC2460]
states that, upon receiving such an ICMPv6 error message, hosts are
not required to reduce the assumed Path MTU but must simply include a
Fragment Header in all subsequent packets sent to that destination.
The resulting packets will thus *not* be actually fragmented into
several pieces; rather, they will be "atomic" fragments [RFC6946]
(i.e., they will just include a Fragment Header with both the
"Fragment Offset" and the "M" flag set to 0). [RFC6946] requires
that these atomic fragments be essentially processed by the
destination host(s) as non-fragmented traffic (since there are not
Gont, et al. Informational [Page 2]
RFC 8021 IPv6 Atomic Fragments Considered Harmful January 2017
really any fragments to be reassembled). The goal of these atomic
fragments is simply to convey an appropriate Identification value to
be employed by IPv6/IPv4 translators for the resulting IPv4
fragments.
While atomic fragments might seem rather benign, there are scenarios
in which the generation of IPv6 atomic fragments can be leveraged for
performing a number of attacks against the corresponding IPv6 flows.
Show full document text