[Docs] [txt|pdf] [Tracker] [WG] [Email] [Nits]

Versions: 00

Network Working Group      Michael Richardson mcr@sandelman.ottawa.on.ca
INTERNET-DRAFT                                  Sandelman Software Works
<draft-ietf-ipsec-icmp-handle-v4-00.txt>            v1.0, September 1998
Expires in six months


             IPv4 ICMP messages and IPsec security gateways

Status of This memo

This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as ``work in progress.''

To learn the current status of any Internet-Draft, please check
the ``1id-abstracts.txt'' listing contained in the Internet-Drafts
Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
munnari.oz.au (Pacific Rim), ftp.ietf.org (US East Coast),
or ftp.isi.edu (US West Coast).

Abstract

This document enumerates the list of ICMP messages that a security gate-
way may receive and provides an analysis of if and how a gateway should
handle them.  Three options types of behaviour are enumerated: discard,
MAY be forwarded, and MUST be forwarded.

























Michael Richardson mcr@sandelman.ottawa.on.ca                   [page 1]


INTERNET-DRAFT                                      v1.0, September 1998

Table of Contents

1.  Introduction to the problem   . . . . . . . . . . . . . . . . . .  4
2.  ICMP Messages HEADER-2  . . . . . . . . . . . . . . . . . . . . .  4
    2.1.1.  All types HEADER-4  . . . . . . . . . . . . . . . . . . .  4
      2.1.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  4
      2.1.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  4
  2.2.  Destination Unreachable   . . . . . . . . . . . . . . . . . .  4
    2.2.1.  Host Unreachable  . . . . . . . . . . . . . . . . . . . .  4
      2.2.1.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  5
      2.2.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  5
      2.2.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  5
    2.2.2.  Comm. w/Dest. Host is Administratively Prohibited   . . .  5
      2.2.2.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  5
      2.2.2.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  5
      2.2.2.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  5
    2.2.3.  Destination Host Unreachable for Type of Service  . . . .  5
      2.2.3.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  5
      2.2.3.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  6
    2.2.4.  Communication Administratively Prohibited   . . . . . . .  6
      2.2.4.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  6
      2.2.4.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  6
      2.2.4.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  6
    2.2.5.  Precedence cutoff in effect   . . . . . . . . . . . . . .  6
      2.2.5.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  6
      2.2.5.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  6
      2.2.5.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  6
  2.3.  RFC792 Source Quench  . . . . . . . . . . . . . . . . . . . .  6
    2.3.1.  All types   . . . . . . . . . . . . . . . . . . . . . . .  6
      2.3.1.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  6
      2.3.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  6
      2.3.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  7
  2.4.  Redirect.   . . . . . . . . . . . . . . . . . . . . . . . . .  7
      2.4.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  7
      2.4.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  7
    2.4.2.  Redirect Datagram for the Type of Service and Host  . . .  7
      2.4.2.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  7
      2.4.2.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  7
  2.5.  Alternate Host Address  . . . . . . . . . . . . . . . . . . .  7
      2.5.1.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  7
      2.5.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  8
      2.5.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  8
  2.6.  Echo Request  . . . . . . . . . . . . . . . . . . . . . . . .  8
      2.6.1.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  8
      2.6.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  8
      2.6.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  8
  2.7.  Time Exceeded   . . . . . . . . . . . . . . . . . . . . . . .  8
      2.7.1.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  8
      2.7.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  8
      2.7.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  8
  2.8.  Parameter Problem   . . . . . . . . . . . . . . . . . . . . .  8
      2.8.1.1.  Red   . . . . . . . . . . . . . . . . . . . . . . . .  8
      2.8.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  9
      2.8.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  9
  2.9.  Timestamp.  . . . . . . . . . . . . . . . . . . . . . . . . .  9
    2.9.1.  All type codes  . . . . . . . . . . . . . . . . . . . . .  9
      2.9.1.2.  Black   . . . . . . . . . . . . . . . . . . . . . . .  9
      2.9.1.3.  Tunnel  . . . . . . . . . . . . . . . . . . . . . . .  9
  2.10.  Timestamp Reply  . . . . . . . . . . . . . . . . . . . . . .  9
    2.10.1.  All type codes   . . . . . . . . . . . . . . . . . . . .  9
      2.10.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . .  9
      2.10.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . .  9
  2.11.  Information Request  . . . . . . . . . . . . . . . . . . . .  9
    2.11.1.  All type codes   . . . . . . . . . . . . . . . . . . . . 10
      2.11.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 10
      2.11.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 10
  2.12.  Information Reply  . . . . . . . . . . . . . . . . . . . . . 10
    2.12.1.  All type codes   . . . . . . . . . . . . . . . . . . . . 10
      2.12.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 10
      2.12.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 10
  2.13.  Address Mask Request   . . . . . . . . . . . . . . . . . . . 10
      2.13.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 10
      2.13.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 10
      2.13.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 10
  2.14.  Traceroute.  . . . . . . . . . . . . . . . . . . . . . . . . 11
      2.14.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 11
      2.14.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 11
      2.14.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 11
  2.15.  Datagram Conversion Error  . . . . . . . . . . . . . . . . . 11
      2.15.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 11
      2.15.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 11
      2.15.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 11
  2.16.  Mobile Host Redirect   . . . . . . . . . . . . . . . . . . . 11
      2.16.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 11
      2.16.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 11
      2.16.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 11
  2.17.  IPv6 Where-Are-You   . . . . . . . . . . . . . . . . . . . . 12
      2.17.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 12
      2.17.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 12
      2.17.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 12
  2.18.  IPv6 I-Am-Here   . . . . . . . . . . . . . . . . . . . . . . 12
      2.18.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 12
      2.18.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 12
      2.18.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 12
  2.19.  Mobile Registration Request  . . . . . . . . . . . . . . . . 12
      2.19.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 12
      2.19.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 12
      2.19.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 12
  2.20.  Mobile Registration Reply  . . . . . . . . . . . . . . . . . 13
      2.20.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 13
      2.20.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 13
      2.20.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 13
  2.21.  Domain Name Request  . . . . . . . . . . . . . . . . . . . . 13
      2.21.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 13
      2.21.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 13
      2.21.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 13
  2.22.  Domain Name Reply  . . . . . . . . . . . . . . . . . . . . . 13
      2.22.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 13
      2.22.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 13
      2.22.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 13
  2.23.  SKIP   . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
      2.23.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 14
      2.23.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 14
      2.23.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 14
  2.24.  Photoris   . . . . . . . . . . . . . . . . . . . . . . . . . 14
    2.24.1.  All type codes   . . . . . . . . . . . . . . . . . . . . 14
      2.24.1.1.  Red  . . . . . . . . . . . . . . . . . . . . . . . . 14
      2.24.1.2.  Black  . . . . . . . . . . . . . . . . . . . . . . . 14
      2.24.1.3.  Tunnel   . . . . . . . . . . . . . . . . . . . . . . 14
3.  Security Considerations:  . . . . . . . . . . . . . . . . . . . . 14
4.  References:   . . . . . . . . . . . . . . . . . . . . . . . . . . 14
  4.1.  Author's Address  . . . . . . . . . . . . . . . . . . . . . . 15
  4.2.  Expiration and File Name  . . . . . . . . . . . . . . . . . . 16
--toc--
--toc--
--toc--
--toc--
--toc--
--toc--
--toc--
--toc--
--toc--
--toc--
--toc--
--toc--



1.  Introduction to the problem

An introduction to the porblem and terminology for this document is
defined in ICMPIPSEC.

This document describes what option should be implemented for each ICMP
message type.

2.  ICMP Messages HEADER-2

2.1.  Echo Reply

Type 0, defined in RFC-0792.

2.1.1.  All types HEADER-4

2.1.1.1.  Red

Discard.

2.1.1.2.  Black

Forward using ICMP SA.

2.1.1.3.  Tunnel

Forward if arrived via ICMP SA.

2.2.  Destination Unreachable

Type 3, defined in RFC-0792.




Michael Richardson mcr@sandelman.ottawa.on.ca                   [page 4]


INTERNET-DRAFT                                      v1.0, September 1998

2.2.1.  Host Unreachable

Code 1.

2.2.1.1.  Red

Discard. Heuristically, it may be useful to accelerate the timeout of
any key management, as these messages may be accurate.

2.2.1.2.  Black

Send via ISAKMP Notify message. No communication is possible to this
node.  This is done via ISAKMP so that the originating gateway G1 can
cache this connectivity information, and avoid expending effort setting
up futile SAs for hosts that are not responding. This cache must
timeout.

2.2.1.3.  Tunnel

Forward if it arrived via implicit ICMP.

2.2.2.  Comm. w/Dest. Host is Administratively Prohibited

Code 10.

2.2.2.1.  Red

Discard. Heuristically, it may be useful to accelerate the timeout of
any key management, as these messages may be accurate.

2.2.2.2.  Black

Discard. It may be necessary to traverse additional firewalls/gateways.
If permitted by local policy, an attempt to set up a linked SA may be
made.

2.2.2.3.  Tunnel

Forward if it arrived via implicit ICMP. It may be required that the end
host (E1) establish an end-to-end SA with E2.

2.2.3.  Destination Host Unreachable for Type of Service

Code 12 HEADER-4

2.2.3.1.  Red

Discard. Heuristically, it be a sign that RSVP or another resource
reservation protocol should have been used to get an appropriate QoS. It
may also be a sign that an attempt to get/use a particular QoS was
inappropriate.  It should be logged.




Michael Richardson mcr@sandelman.ottawa.on.ca                   [page 5]


INTERNET-DRAFT                                      v1.0, September 1998

2.2.3.2.  Black

Forward via implicit ICMP.

2.2.3.3.  Tunnel

Forward if it arrived via implicit ICMP.

2.2.4.  Communication Administratively Prohibited

Code 13. From RFC1812

2.2.4.1.  Red

Discard. ??

2.2.4.2.  Black

Discard. ??

2.2.4.3.  Tunnel

Discard. ??

2.2.5.  Precedence cutoff in effect

Code 15. From RFC1812

2.2.5.1.  Red

Discard. ??

2.2.5.2.  Black

Discard. ??

2.2.5.3.  Tunnel

Discard. ??

2.3.  RFC792 Source Quench

Type 4. From RFC792

2.3.1.  All types

2.3.1.1.  Red

Discard. ??

2.3.1.2.  Black

Discard. ??


Michael Richardson mcr@sandelman.ottawa.on.ca                   [page 6]


INTERNET-DRAFT                                      v1.0, September 1998

2.3.1.3.  Tunnel

Discard. ??

2.4.  Redirect.

Type 5. From RFC792.  HEADER-3

2.4.1.  Redirect Datagram for the Host

Code 1. RFC792 HEADER-4

2.4.1.1.  Red

Discard. This may be an attempt to cause a denial of service attack.

2.4.1.2.  Black

Discard. It may be reasonable to pay attention to this datagram locally.

2.4.1.3.  Tunnel

Forward if it arrived via an implicit ICMP SA. It may be that future
load sharing systems may attempt to have an end host switch its route to
another security gateway.

2.4.2.  Redirect Datagram for the Type of Service and Host

Code 3. RFC792 HEADER-4

2.4.2.1.  Red

Discard. This may be an attempt to cause a denial of service attack.

2.4.2.2.  Black

Do not forward. It may be reasonable to pay attention to this datagram
locally.

2.4.2.3.  Tunnel

Discard. This may be an attempt to cause a denial of service attack.

2.5.  Alternate Host Address

Type 5.  HEADER-3

2.5.1.  All types

2.5.1.1.  Red

Discard.



Michael Richardson mcr@sandelman.ottawa.on.ca                   [page 7]


INTERNET-DRAFT                                      v1.0, September 1998

2.5.1.2.  Black

Discard.

2.5.1.3.  Tunnel

Discard.

2.6.  Echo Request

Type 8.  HEADER-3

2.6.1.  All type codes

2.6.1.1.  Red

Discard.

2.6.1.2.  Black

Forward via explicit ICMP SA.

2.6.1.3.  Tunnel

Forward if arrived via implicit ICMP SA.

2.7.  Time Exceeded

Type 11.  HEADER-3

2.7.1.  All type codes

2.7.1.1.  Red

Discard. Heuristically, this is a sign that one should perform
additional PMTU probes.
2.7.1.2.  Black

Forward via implicit ICMP SA.

2.7.1.3.  Tunnel

Forward if it arrived via implicit ICMP SA. It may be reasonable to
modify the maximum packet size to account for the SA's overhead if the
total is larger than the PMTU from G1 to G2.

2.8.  Parameter Problem

Type 12. RFC792, RFC1108.  HEADER-3

2.8.1.  All type codes




Michael Richardson mcr@sandelman.ottawa.on.ca                   [page 8]


INTERNET-DRAFT                                      v1.0, September 1998

2.8.1.1.  Red

Discard.

2.8.1.2.  Black

Forward via implicit ICMP.

2.8.1.3.  Tunnel

Forward if it arrived via implicit ICMP.

2.9.  Timestamp.

2.9.1.  All type codes

Type 13. RFC792.  HEADER-4

2.9.1.1.  Red

Discard. ??

2.9.1.2.  Black

Discard. ??

2.9.1.3.  Tunnel

Discard. ??

2.10.  Timestamp Reply

2.10.1.  All type codes

Type 14. RFC792 HEADER-4

2.10.1.1.  Red

Discard. ??

2.10.1.2.  Black

Discard. ??

2.10.1.3.  Tunnel

Discard. ??








Michael Richardson mcr@sandelman.ottawa.on.ca                   [page 9]


INTERNET-DRAFT                                      v1.0, September 1998

2.11.  Information Request

2.11.1.  All type codes

Type 15. RFC792 HEADER-4

2.11.1.1.  Red

Discard. ??

2.11.1.2.  Black

Discard. ??

2.11.1.3.  Tunnel

Discard. ??

2.12.  Information Reply

2.12.1.  All type codes

Type 16. RFC792 HEADER-4

2.12.1.1.  Red

Discard. ??

2.12.1.2.  Black

Discard. ??

2.12.1.3.  Tunnel

Discard. ??

2.13.  Address Mask Request

Type 17. See RFC950 HEADER-3

2.13.1.  All type codes

2.13.1.1.  Red

Discard. ??

2.13.1.2.  Black

Discard. ??

2.13.1.3.  Tunnel

Discard. ??


Michael Richardson mcr@sandelman.ottawa.on.ca                  [page 10]


INTERNET-DRAFT                                      v1.0, September 1998

2.14.  Traceroute.

Type 30. See RFC1393 HEADER-3

2.14.1.  All type codes

2.14.1.1.  Red

Discard. ??

2.14.1.2.  Black

Discard. ??

2.14.1.3.  Tunnel

Discard. ??

2.15.  Datagram Conversion Error

Type 31. See RFC1475 HEADER-3

2.15.1.  All type codes

2.15.1.1.  Red

Discard. ??

2.15.1.2.  Black

Discard. ??

2.15.1.3.  Tunnel

Discard. ??

2.16.  Mobile Host Redirect

Type 32. See Johnson HEADER-3

2.16.1.  All type codes

2.16.1.1.  Red

Discard. ??

2.16.1.2.  Black

Discard. ??

2.16.1.3.  Tunnel

Discard. ??


Michael Richardson mcr@sandelman.ottawa.on.ca                  [page 11]


INTERNET-DRAFT                                      v1.0, September 1998

2.17.  IPv6 Where-Are-You

Type 33. Simpson HEADER-3

2.17.1.  All type codes

2.17.1.1.  Red

Discard. ??

2.17.1.2.  Black

Discard. ??

2.17.1.3.  Tunnel

Discard. ??

2.18.  IPv6 I-Am-Here

Type 34. Simpson HEADER-3

2.18.1.  All type codes

2.18.1.1.  Red

Discard. ??

2.18.1.2.  Black

Discard. ??

2.18.1.3.  Tunnel

Discard. ??

2.19.  Mobile Registration Request

Type 35. Simpson HEADER-3

2.19.1.  All type codes

2.19.1.1.  Red

Discard. ??

2.19.1.2.  Black

Discard. ??

2.19.1.3.  Tunnel

Discard. ??


Michael Richardson mcr@sandelman.ottawa.on.ca                  [page 12]


INTERNET-DRAFT                                      v1.0, September 1998

2.20.  Mobile Registration Reply

Type 36. Simpson HEADER-3

2.20.1.  All type codes

2.20.1.1.  Red

Discard. ??

2.20.1.2.  Black

Discard. ??

2.20.1.3.  Tunnel

Discard. ??

2.21.  Domain Name Request

Type 37. Simpson HEADER-3

2.21.1.  All type codes

2.21.1.1.  Red

Discard. ??

2.21.1.2.  Black

Discard. ??

2.21.1.3.  Tunnel

Discard. ??

2.22.  Domain Name Reply

Type 38. Simpson HEADER-3

2.22.1.  All type codes

2.22.1.1.  Red

Discard. ??

2.22.1.2.  Black

Discard. ??

2.22.1.3.  Tunnel

Discard. ??


Michael Richardson mcr@sandelman.ottawa.on.ca                  [page 13]


INTERNET-DRAFT                                      v1.0, September 1998

2.23.  SKIP

Type 39. See Markson HEADER-3

2.23.1.  All type codes

2.23.1.1.  Red

Discard. ??

2.23.1.2.  Black

Discard. ??

2.23.1.3.  Tunnel

Discard. ??

2.24.  Photoris

Type 40. See Simpson

2.24.1.  All type codes

2.24.1.1.  Red

Discard. ??

2.24.1.2.  Black

Discard. ??

2.24.1.3.  Tunnel

Discard. ??

3.  Security Considerations:

This entire document discusses a security protocol.

4.  References:

   RFC1825
      R. Atkinson, "Security Architecture for the Internet Protocol",
      RFC-1825, August 1995.

   ICMPIPSEC
      M. Richardson, "Options for handling ICMP messages that must be
      forwarded" work in progress: draft-ietf-ipsec-icmp-options-00.txt,
      September 1998

   ICMPIPSECV4
      M. Richardson, "IPv4 ICMP messages and IPsec security gateways"


Michael Richardson mcr@sandelman.ottawa.on.ca                  [page 14]


INTERNET-DRAFT                                      v1.0, September 1998

      work in progress: draft-ietf-ipsec-icmp-handle-v4.txt, September
      1998

   ICMPIPSECV6
      M. Richardson, "IPv6 ICMP messages and IPsec security gateways"
      work in progress: draft-ietf-ipsec-icmp-handle-v6-00.txt,
      September 1998

   ARCHSEC
      R. Atkinson, S. Kent, "Security Architecture for the Internet
      Protocol", work in progress: draft-ietf-ipsec-arch-sec-07.txt,
      July 1998

   RFC-1191
      J. Mogul, S. Deering, "Path MTU Discovery", RFC-1191, November
      1990.

   KSM-AH
      New AH draft.

   metrics
      I. M. ISP, "How fast can it go?", draft-ietf-metrics-00.txt, work
      in progress: Jan. 20, 1997

   Gupta97-1
      V. Gupta, S. Glass, "Firewall Traversal for Mobile IP: Goals and
      Requirements", draft-ietf-mobileip-ft-req-00.txt, work in
      progress: Jan. 20, 1997

   Gupta97-2
      V. Gupta, S. Glass, "Firewall Traversal for Mobile IP: Guidelines
      for Firewalls and Mobile IP entities", draft-ietf-mobileip-
      firewall-trav-00.txt, work in progress: March 17, 1997

   RFC1256
      S. Deering, "ICMP Router Discovery Messages." Sep-01-1991.

   RFC1885
      A. Conta, S. Deering, "Internet Control Message Protocol (ICMPv6)
      for the Internet Protocol Version 6 (IPv6)." December 1995.

   RFC791
      J. Postel, "Internet Protocol." Sep-01-1981.

   RFC792
      J. Postel, "Internet Control Message Protocol.", Sep-01-1981.

   RFC950
      J.C. Mogul, J. Postel, "Internet Standard Subnetting Procedure."
      Aug-01-1985.

4.1.  Author's Address



Michael Richardson mcr@sandelman.ottawa.on.ca                  [page 15]


INTERNET-DRAFT                                      v1.0, September 1998

             Michael C. Richardson
             Solidum Systems Corporation
             940 Belfast Road
             Ottawa, ON K1G 4A2
             Canada

             Telephone:   +1 613 244-4804
             EMail:       mcr@sandelman.ottawa.on.ca

4.2.  Expiration and File Name

This draft expires February 1999

Its file name is draft-ipsec-icmp-handle-v4-00.txt








































Michael Richardson mcr@sandelman.ottawa.on.ca                  [page 16]


Html markup produced by rfcmarkup 1.129d, available from https://tools.ietf.org/tools/rfcmarkup/