[Docs] [txt|pdf] [Tracker] [Email] [Nits]

Versions: 00 01

Network Working Group                                          V. Manral
Internet-Draft                                                  M. Dutta
Expires: December 01, 2007                                   IP Infusion

                                                           June 01, 2007



               Detecting loops in the IPv6 Routing Header Type 0
                   draft-manral-ipv6-detecting-loops-rh-00

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on December 01, 2007.

Copyright Notice

   Copyright (C) The IETF Trust (2007).

Abstract

   [RFC2460] defines an IPv6 extension header called "Routing Header",
   identified by a Next Header value of 43 in the immediately preceding
   header.  A particular Routing Header subtype denoted as "Type 0" is




Manral, et al.         Expires December 01, 2007                    [Page 1]

Internet-Draft     Routing Header Type0 Protection                 June 2007

   also defined.  Type 0 Routing Headers are referred to as "RH0" in
   this document.

   Use of RH0 has been shown to have unpleasant security implications.
   Many of these attacks are caused by loops in the routing header. This
   document lists checks which need to be done in the intermediate routers
   in order to prevent such routing loops in the Routing Header

Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

Table of Contents

   1.   Problem Statement  . . . . . . . . . . . . . . . . . . . . .   3

   2.   Forwarding loop in IPV6 packet . . . . . . . . . . . . . . .   3

   3.   Preventing Forwarding loops  . . . . . . . . . . . . . . .     3
          3.1. Cases that get solved by the check . . . . . . . . . .  4
          3.2. Cases which still remain even after the check  . . . .  4

   4.   Additional checks required . . . . . . . . . . . . . . . . . . 4

   5.   IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 5

   6.   Security Considerations  . . . . . . . . . . . . . . . . . . . 6

   7.   Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7

   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   8
     8.1   Normative References  . . . . . . . . . . . . . . . . . .   8
     8.2   Informative References  . . . . . . . . . . . . . . . . .   8

        Authors' Addresses . . . . . . . . . . . . . . . . . . . . .   9

        Intellectual Property and Copyright Statements . . . . . . .  10

















Manral, et al.         Expires December 01, 2007                    [Page 2]

Internet-Draft     Routing Header Type0 Protection                  June 2007


1.  Problem Statement

    Potential problems with Routing Headers were identified in 2001
   [I-D.savola-ipv6-rh-ha-security].  In 2002 a proposal was made to
   restrict Routing Header processing in hosts
   [I-D.savola-ipv6-rh-hosts]. In January 2006, further attacks to the
   routing header were identified, which were later included in the
   [I-D.ietf-v6ops-security-overview].

   Many of the problems listed are caused by routing loops that can be
   caused by sending doctored packets. This document describes the checks
   that need to be added to the intermediate router, to prvent such checks
   and in turn prevent such attacks from happenning.


2. Forwarding loop in IPV6 packet

   This document defines a forwarding loop to have occured for an IPv6
   packet, when a packet during any part of its journey from the source to
   ultimate destination travels through the same router twice.

3. Preventing Forwarding loops

   A simple check that needs to be done in order to prevent a forwarding loop
   is to see that a packet traverses the same router twice. IPV6 however does
   not have the concept of a router identifier for the dataplane. Besides
   there is no provision to add a router identifier to the existing routing
   header.

   A similar but more tedious way to get to the same solution is to check for
   the outgoing IP address whenforwarding a packet. If the one of the routers
   interface address is there in the routing header, in the segments to be
   traversed by the IPV6 packet, this will signal a loop is being caused by
   the routing header. If such a apcket is found, it is silently discarded,
   without any ICMP packet being sent.

   This check works perfectly for a strict source routed, routing header.
   However there are a few cases that can still escape when check and still
   can cause forwarding loops.

Manral, et al.         Expires December 01, 2007                    [Page 3]

Internet-Draft     Routing Header Type0 Protection                  June 2007


3.1. Cases that get solved by the check

   For all cases where there is a strict source route listed in the routing
   header, the check effectively checks routing loops and prevents such loops
   by dropping erroring packets.

   For loose source routes, for cases where a link address of the router where
   the loop occurs is listed in the routing header,  the check suffices in
   catching all such loops.

3.2. Cases which still remain even after the check

   For loose source routes, for cases where a link address of the router where
   the loop occurs is not listed in the routing header, the check does not
   suffice in detecting all such loop packets.

4.  Additional checks required

    Link local address should not exist in the routing header. The scope of the
    link local address is the link itself.






























Manral, et al.         Expires December 01, 2007                    [Page 4]

Internet-Draft     Routing Header Type0 Protection                  June 2007




5.  IANA Considerations

   This document makes no request of IANA.

   Note to RFC Editor: this section may be removed on publication as an
   RFC.












































Manral, et al.         Expires December 01, 2007                    [Page 5]

Internet-Draft     Routing Header Type0 Protection                  June 2007


6.  Security Considerations

   This draft outlines security issues arising from the use of routing header
   and checks to mitigate such attacks. No change other than a check in the
   routing header are proposed in this draft, and no new security
   requirements result from such proposals.













































Manral, et al.         Expires December 01, 2007                    [Page 6]

Internet-Draft     Routing Header Type0 Protection                 June 2007


7.  Acknowledgements


   A large part of the text in the draft is included from the draft,
   by Joe Abley.

   Potential problems with Routing Headers were identified in 2001
   [I-D.savola-ipv6-rh-ha-security].  In 2002 a proposal was made to
   restrict Routing Header processing in hosts
   [I-D.savola-ipv6-rh-hosts].  These efforts did not gain sufficient
   momentum to change the IPv6 specification, but resulted in the
   modification of the Mobile IPv6 specification to use the type 2
   Routing Header instead of RH0 [RFC3775].  Routing Header issues were
   later documented in [I-D.ietf-v6ops-security-overview].

   An eloquent and useful description of the operational security
   implications of RH0 was presented by Philippe Biondi and Arnaud
   Ebalard at the CanSecWest conference in Vancouver, 2007
   [CanSecWest07].  This presentation resulted in widespread publicity
   for the risks associated with RH0.





























Manral, et al.         Expires December 01, 2007                    [Page 7]

Internet-Draft     Routing Header Type0 Protection                  June 2007


8.  References

8.1  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2460]  Deering, S. and R. Hinden, "Internet Protocol, Version 6
              (IPv6) Specification", RFC 2460, December 1998.


8.2  Informative References

   [CanSecWest07]
              BIONDI, P. and A. EBALARD, "IPv6 Routing Header Security",
              April 2007.

              http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf

   [I-D.ietf-v6ops-security-overview]
              Davies, E., "IPv6 Transition/Co-existence Security
              Considerations", draft-ietf-v6ops-security-overview-06
              (work in progress), October 2006.

   [I-D.savola-ipv6-rh-ha-security]
              Savola, P., "Security of IPv6 Routing Header and Home
              Address Options", draft-savola-ipv6-rh-ha-security-02
              (work in progress), March 2002.

   [I-D.savola-ipv6-rh-hosts]
              Savola, P., "Note about Routing Header Processing on IPv6
              Hosts", draft-savola-ipv6-rh-hosts-00 (work in progress),
              February 2002.

   [RFC3775]  Johnson, D., Perkins, C., and J. Arkko, "Mobility Support
              in IPv6", RFC 3775, June 2004.














Manral, et al.         Expires December 01, 2007                   [Page 8]

Internet-Draft     Routing Header Type0 Protection                 June 2007


Contributors Address




Authors' Addresses

   Vishwas Manral
   IP Infusion
   Almora, Uttarakhand
   India

   Phone:
   Fax:
   Email: vishwas@ipinfusion.com

   Manoj Dutta
   IPInfusion
   San Jose, CA
   USA

   Phone:
   Fax:
   Email: manoj@ipinfusion.com
   URI:





























Manral, et al.         Expires December 01, 2007                   [Page 9]

Internet-Draft     Routing Header Type0 Protection                 June 2007



Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.


Disclaimer of Validity

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


















Manral, et al.         Expires December 01, 2007                   [Page 10]

Internet-Draft     Routing Header Type0 Protection                 June 2007

Full Copyright Statement

   Copyright (C) The IETF Trust (2007).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed
   to pertain to the implementation or use of the technology described
   in this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use
   of such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository
   at http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at ietf-
   ipr@ietf.org.





Manral, et al.         Expires December 01, 2007                    [Page 10]


Html markup produced by rfcmarkup 1.107, available from http://tools.ietf.org/tools/rfcmarkup/