draft-ietf-6man-icmp-limits-05.txt   draft-ietf-6man-icmp-limits-06.txt 
INTERNET-DRAFT T. Herbert INTERNET-DRAFT T. Herbert
Intended Status: Standard Intel Intended Status: Standard Intel
Expires: March 2020 Expires: March 2020
September 10, 2019 September 24, 2019
ICMPv6 errors for discarding packets due to processing limits ICMPv6 errors for discarding packets due to processing limits
draft-ietf-6man-icmp-limits-05 draft-ietf-6man-icmp-limits-06
Abstract Abstract
Network nodes may discard packets if they are unable to process Network nodes may discard packets if they are unable to process
protocol headers of packets due to processing constraints or limits. protocol headers of packets due to processing constraints or limits.
When such packets are dropped, the sender receives no indication so When such packets are dropped, the sender receives no indication so
it cannot take action to address the cause of discarded packets. This it cannot take action to address the cause of discarded packets. This
specification defines several new ICMPv6 errors that can be sent by a specification defines several new ICMPv6 errors that can be sent by a
node that discards packets because it is unable to process the node that discards packets because it is unable to process the
protocol headers. A node that receives such an ICMPv6 error may be protocol headers. A node that receives such an ICMPv6 error may be
skipping to change at page 2, line 33 skipping to change at page 2, line 33
2.2 Unrecognized Next Header type encountered (code 1) . . . . . 6 2.2 Unrecognized Next Header type encountered (code 1) . . . . . 6
2.3 Extension header too big (code TBA) . . . . . . . . . . . . 6 2.3 Extension header too big (code TBA) . . . . . . . . . . . . 6
2.4 Extension header chain too long (code TBA) . . . . . . . . . 7 2.4 Extension header chain too long (code TBA) . . . . . . . . . 7
2.5 Too many options in extension header (code TBA) . . . . . . 7 2.5 Too many options in extension header (code TBA) . . . . . . 7
2.6 Option too big (code TBA) . . . . . . . . . . . . . . . . . 7 2.6 Option too big (code TBA) . . . . . . . . . . . . . . . . . 7
3 ICMPv6 error for aggregate header limits . . . . . . . . . . . 8 3 ICMPv6 error for aggregate header limits . . . . . . . . . . . 8
3.1 Format . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.1 Format . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.2 Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 3.2 Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
4 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 4 Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
4.1 Priority of reporting . . . . . . . . . . . . . . . . . . . 10 4.1 Priority of reporting . . . . . . . . . . . . . . . . . . . 10
4.2 Host response . . . . . . . . . . . . . . . . . . . . . . . 10 4.2 Host response . . . . . . . . . . . . . . . . . . . . . . . 11
5 Applicability and use cases . . . . . . . . . . . . . . . . . . 11 5 Applicability and use cases . . . . . . . . . . . . . . . . . . 12
5.1 Nonconformant packet discard . . . . . . . . . . . . . . . . 11 5.1 Nonconformant packet discard . . . . . . . . . . . . . . . . 12
5.2 Reliability of ICMP . . . . . . . . . . . . . . . . . . . . 12 5.2 Reliability of ICMP . . . . . . . . . . . . . . . . . . . . 12
5.3 Processing limits . . . . . . . . . . . . . . . . . . . . . 12 5.3 Processing limits . . . . . . . . . . . . . . . . . . . . . 12
5.3.1 Long headers and header chains . . . . . . . . . . . . . 12 5.3.1 Long headers and header chains . . . . . . . . . . . . . 12
5.3.2 At end hosts . . . . . . . . . . . . . . . . . . . . . . 12 5.3.2 At end hosts . . . . . . . . . . . . . . . . . . . . . . 13
5.3.3 At intermediate nodes . . . . . . . . . . . . . . . . . 13 5.3.3 At intermediate nodes . . . . . . . . . . . . . . . . . 13
6 Security Considerations . . . . . . . . . . . . . . . . . . . . 13 6 Security Considerations . . . . . . . . . . . . . . . . . . . . 13
7 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 13 7 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 13
7.1 Parameter Problem codes . . . . . . . . . . . . . . . . . . 13 7.1 Parameter Problem codes . . . . . . . . . . . . . . . . . . 13
7.2 Destination Unreachable codes . . . . . . . . . . . . . . . 13 7.2 Destination Unreachable codes . . . . . . . . . . . . . . . 14
7.3 ICMP Extension Object Classes and Class Sub-types . . . . . 14 7.3 ICMP Extension Object Classes and Class Sub-types . . . . . 14
8 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 14 8 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 14
9 References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 9 References . . . . . . . . . . . . . . . . . . . . . . . . . . 14
9.1 Normative References . . . . . . . . . . . . . . . . . . . 14 9.1 Normative References . . . . . . . . . . . . . . . . . . . 14
9.2 Informative References . . . . . . . . . . . . . . . . . . 15 9.2 Informative References . . . . . . . . . . . . . . . . . . 16
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 15 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 16
1 Introduction 1 Introduction
This document specifies several new ICMPv6 errors that can be sent This document specifies several new ICMPv6 errors that can be sent
when a node discards a packet due to it being unable to process the when a node discards a packet due to it being unable to process the
necessary protocol headers because of processing constraints or necessary protocol headers because of processing constraints or
limits. New ICMPv6 code points are defined as an update to [RFC4443]. limits. New ICMPv6 code points are defined as an update to [RFC4443].
Five of the errors are specific to processing of extension headers; Five of the errors are specific to processing of extension headers;
another error is used when the aggregate protocol headers in a packet another error is used when the aggregate protocol headers in a packet
exceed the processing limits of a node. exceed the processing limits of a node.
skipping to change at page 5, line 50 skipping to change at page 5, line 50
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Code | Checksum | | Type | Code | Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Pointer | | Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| As much of invoking packet | | As much of invoking packet |
+ as possible without the ICMPv6 packet + + as possible without the ICMPv6 packet +
| exceeding the minimum IPv6 MTU [IPv6] | | exceeding the minimum IPv6 MTU [RFC8200] |
IPv6 Fields: IPv6 Fields:
Destination Address Destination Address
Copied from the Source Address field of the invoking packet. Copied from the Source Address field of the invoking packet.
ICMPv6 Fields: ICMPv6 Fields:
Type Type
4 (Parameter Problem type) 4 (Parameter Problem type)
skipping to change at page 8, line 30 skipping to change at page 8, line 30
The format of the ICMPv6 message for an aggregate header limit The format of the ICMPv6 message for an aggregate header limit
exceeded is: exceeded is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\
| Type | Code | Checksum | | | Type | Code | Checksum | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ I
| Length | Unused | C | Length | Unused | C
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ M +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ M
| Original Datagram | P | Invoking Packet | P
~ Internet Header + leading octets of original datagram ~ | ~ As much of invoking packet as possible without the ~ |
| | | | ICMPv6 packet exceeding the minimum IPv6 MTU [RFC8200] |/
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+/ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+/
|Version| Reserved | Checksum |\ |Version| Reserved | Checksum |\
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ E +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ E
| Length | Class-Num | C-Type | X | Length | Class-Num | C-Type | X
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ T +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ T
| Pointer | | | Pointer | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+/ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+/
IPv6 Fields: IPv6 Fields:
skipping to change at page 9, line 6 skipping to change at page 9, line 6
ICMPv6 Fields: ICMPv6 Fields:
Type Type
1 - Destination Unreachable type 1 - Destination Unreachable type
Code (pertinent to this specification) Code (pertinent to this specification)
TBA - Headers too long TBA - Headers too long
Length Length
Length of the padded Original Datagram field Measured in 64-bit Length of the padded Invoking Packet measured in 64-bit words.
words. The ICMP extension structure immediately follows the The ICMP extension structure immediately follows the padded
padded original datagram. Invoking Packet.
Original Datagram Invoking Packet
As much of invoking packet as possible without exceeding the Contains as much of invoking packet as possible without the
minimum ICMPv6 packet minus twelve bytes (for the ICMP ICMPv6 packet exceeding the minimum IPv6 MTU. The Invoking
extension structure and the ICMP extension object) and any Packet MUST be zero padded to the nearest 64-bit boundary
necessary padding. The Original Datagram field MUST be zero [RFC4884]. If the original invoking packet did not contain 128
padded to the nearest 64-bit boundary [RFC4884]. If the octets, the Invoking Packet MUST be zero padded to 128 octets.
original datagram did not contain 128 octets, the Original
Datagram field MUST be zero padded to 128 octets.
ICMP Extension Fields: ICMP Extension Fields:
Version Version
2 - per [RFC4884] 2 - per [RFC4884]
Reserved Reserved
0 0
Checksum Checksum
skipping to change at page 9, line 43 skipping to change at page 9, line 41
Class-Num Class-Num
TBA - Extended Information class TBA - Extended Information class
C-Type C-Type
TBA - Pointer sub-type TBA - Pointer sub-type
Pointer Pointer
Identifies the octet offset within the invoking packet where a Identifies the octet offset within the invoking packet where a
limit was exceeded. limit was exceeded.
The pointer will point beyond the end of the original datagram The pointer will point beyond the end of the Invoking Packet if
if the field exceeding the limit is beyond what can fit in the the field exceeding the limit is beyond what can fit in the
maximum size of an ICMPv6 error message with the ICMP maximum size of an ICMPv6 error message with the ICMP
extension. extension.
3.2 Usage 3.2 Usage
An ICMPv6 Destination Unreachable error with code for "headers An ICMPv6 Destination Unreachable error with code for "headers
too long" SHOULD be sent when a node discards a packet because too long" SHOULD be sent when a node discards a packet because
the aggregate length of headers in the packet exceeds the the aggregate length of headers in the packet exceeds the
processing limits of the node. The Pointer in the extended processing limits of the node. The Pointer in the extended
ICMPv6 structure is set to the offset of the first octet that ICMPv6 structure is set to the offset of the first octet that
exceeds the limit. exceeds the limit.
This error is sent in response to a node dropping a packet
because the aggregate header chain exceeds the processing
limits of a node. The aggregate header chain may be composed of
protocol headers other than an IPv6 header and IPv6 extension
headers. For instance, in the case of a node parsing a UDP
encapsulation protocol, the encapsulating UDP header would be
considered to be in the aggregate header chain.
As noted in section 4.1, the ICMPv6 Destination Unreachable
error with code for "headers too long" has the lowest
precedence of the ICMP errors discussed in this specification.
If a packet contains an error corresponding to a Parameter
Problem code then a node SHOULD send the Parameter Problem
error instead of sending the ICMPv6 Destination Unreachable
error with code for "headers too long".
4 Operation 4 Operation
Nodes that send or receive ICMPv6 errors due to header Nodes that send or receive ICMPv6 errors due to header
processing limits MUST comply with ICMPv6 processing as processing limits MUST comply with ICMPv6 processing as
specified in [RFC4443]. specified in [RFC4443].
4.1 Priority of reporting 4.1 Priority of reporting
More than one ICMPv6 error may be applicable to report for a More than one ICMPv6 error may be applicable to report for a
packet. For instance, the number of extension headers in a packet. For instance, the number of extension headers in a
skipping to change at page 14, line 23 skipping to change at page 14, line 35
* Extended information * Extended information
IANA is requested to assign the following Sub-type within the IANA is requested to assign the following Sub-type within the
aforementioned "Extended information" ICMP extension object class: aforementioned "Extended information" ICMP extension object class:
* Pointer * Pointer
8 Acknowledgments 8 Acknowledgments
The author would like to thank Ron Bonica, Bob Hinden, Nick Hilliard, The author would like to thank Ron Bonica, Bob Hinden, Nick Hilliard,
Michael Richardson, Mark Smith, and Suresh Krishnan for their Michael Richardson, Mark Smith, Suresh Krishnan, and Ole Tran for
comments and suggestions that improved this document. their comments and suggestions that improved this document.
9 References 9 References
9.1 Normative References 9.1 Normative References
[RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet [RFC4443] Conta, A., Deering, S., and M. Gupta, Ed., "Internet
Control Message Protocol (ICMPv6) for the Internet Protocol Control Message Protocol (ICMPv6) for the Internet Protocol
Version 6 (IPv6) Specification", RFC 4443, DOI Version 6 (IPv6) Specification", RFC 4443, DOI
10.17487/RFC4443, March 2006, <http://www.rfc- 10.17487/RFC4443, March 2006, <http://www.rfc-
editor.org/info/rfc4443>. editor.org/info/rfc4443>.
 End of changes. 13 change blocks. 
28 lines changed or deleted 42 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/