Generation of IPv6 Atomic Fragments Considered Harmful
RFC 8021
Document Type RFC - Informational (January 2017; No errata)
Authors Fernando Gont  , Will LIU  , Tore Anderson 
Last updated 2017-01-06
Stream IETF
Formats plain text html pdf htmlized bibtex
Reviews
GENART Last Call Review (of -07): Ready
SECDIR Last Call Review (of -06): Ready
INTDIR Early Review (of -06): Ready
INTDIR Early Review (of -06): Ready
Stream WG state Submitted to IESG for Publication
Document shepherd Bob Hinden
Shepherd write-up Show (last changed 2016-09-01)
IESG IESG state RFC 8021 (Informational)
Consensus Boilerplate Yes
Telechat date
Responsible AD Suresh Krishnan
Send notices to "Robert M. Hinden" <bob.hinden@gmail.com>
IANA IANA review state Version Changed - Review Needed
IANA action state No IANA Actions
Email authors Email WG IPR References Referenced by Nits 
Internet Engineering Task Force (IETF)                           F. Gont
Request for Comments: 8021                        SI6 Networks / UTN-FRH
Category: Informational                                           W. Liu
ISSN: 2070-1721                                      Huawei Technologies
                                                             T. Anderson
                                                          Redpill Linpro
                                                            January 2017

         Generation of IPv6 Atomic Fragments Considered Harmful

Abstract

   This document discusses the security implications of the generation
   of IPv6 atomic fragments and a number of interoperability issues
   associated with IPv6 atomic fragments.  It concludes that the
   aforementioned functionality is undesirable and thus documents the
   motivation for removing this functionality from an upcoming revision
   of the core IPv6 protocol specification (RFC 2460).

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are a candidate for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc8021.

Gont, et al.                  Informational                     [Page 1]
RFC 8021        IPv6 Atomic Fragments Considered Harmful    January 2017

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1. Introduction ....................................................2
   2. Security Implications of the Generation of IPv6 Atomic
      Fragments .......................................................3
   3. Additional Considerations .......................................5
   4. Conclusions .....................................................8
   5. Security Considerations .........................................8
   6. References ......................................................9
      6.1. Normative References .......................................9
      6.2. Informative References ....................................10
   Acknowledgements ..................................................12
   Authors' Addresses ................................................12

1.  Introduction

   [RFC2460] specifies the IPv6 fragmentation mechanism, which allows
   IPv6 packets to be fragmented into smaller pieces such that they can
   fit in the Path MTU to the intended destination(s).

   A legacy IPv4/IPv6 translator implementing the Stateless IP/ICMP
   Translation Algorithm [RFC6145] may legitimately generate ICMPv6
   "Packet Too Big" (PTB) error messages [RFC4443] advertising an MTU
   smaller than 1280 (the minimum IPv6 MTU).  Section 5 of [RFC2460]
   states that, upon receiving such an ICMPv6 error message, hosts are
   not required to reduce the assumed Path MTU but must simply include a
   Fragment Header in all subsequent packets sent to that destination.
   The resulting packets will thus *not* be actually fragmented into
   several pieces; rather, they will be "atomic" fragments [RFC6946]
   (i.e., they will just include a Fragment Header with both the
   "Fragment Offset" and the "M" flag set to 0).  [RFC6946] requires
   that these atomic fragments be essentially processed by the
   destination host(s) as non-fragmented traffic (since there are not

Gont, et al.                  Informational                     [Page 2]
RFC 8021        IPv6 Atomic Fragments Considered Harmful    January 2017

   really any fragments to be reassembled).  The goal of these atomic
   fragments is simply to convey an appropriate Identification value to
   be employed by IPv6/IPv4 translators for the resulting IPv4
   fragments.

   While atomic fragments might seem rather benign, there are scenarios
   in which the generation of IPv6 atomic fragments can be leveraged for
   performing a number of attacks against the corresponding IPv6 flows.
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools