draft-ietf-opsec-icmp-filtering-03.txt   draft-ietf-opsec-icmp-filtering-04.txt 
Operational Security Capabilities for F. Gont Operational Security Capabilities for F. Gont
IP Network Infrastructure (opsec) UTN/FRH IP Network Infrastructure (opsec) UTN/FRH
Internet-Draft G. Gont Internet-Draft G. Gont
Intended status: Informational SI6 Networks Intended status: Informational SI6 Networks
Expires: September 13, 2012 C. Pignataro Expires: January 4, 2014 C. Pignataro
Cisco Cisco
March 12, 2012 July 3, 2013
Recommendations for filtering ICMP messages Recommendations for filtering ICMP messages
draft-ietf-opsec-icmp-filtering-03 draft-ietf-opsec-icmp-filtering-04
Abstract Abstract
This document document provides advice on the filtering of ICMPv4 and This document document provides advice on the filtering of ICMPv4 and
ICMPv6 messages. Additionaly, it discusses the operational and ICMPv6 messages. Additionaly, it discusses the operational and
interoperability implications of such filtering. interoperability implications of such filtering.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 35 skipping to change at page 1, line 35
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 13, 2012. This Internet-Draft will expire on January 4, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 3, line 7 skipping to change at page 2, line 20
modifications of such material outside the IETF Standards Process. modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other it for publication as an RFC or to translate it into languages other
than English. than English.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 6
2. Internet Control Message Protocol version 4 (ICMP) . . . . . . 4 2. Internet Control Message Protocol version 4 (ICMP) . . . . . . 6
2.1. ICMPv4 Error Messages . . . . . . . . . . . . . . . . . . 6 2.1. ICMPv4 Error Messages . . . . . . . . . . . . . . . . . . 8
2.1.1. Destination Unreachable (Type 3) . . . . . . . . . . . 7 2.1.1. Destination Unreachable (Type 3) . . . . . . . . . . . 9
2.1.2. Source Quench (Type 4, Code 0) . . . . . . . . . . . . 20 2.1.1.1. Net Unreachable (Code 0) . . . . . . . . . . . . . 9
2.1.3. Redirect (Type 5) . . . . . . . . . . . . . . . . . . 21 2.1.1.2. Host Unreachable (Code 1) . . . . . . . . . . . . 10
2.1.4. Time Exceeded (Type 11) . . . . . . . . . . . . . . . 23 2.1.1.3. Protocol Unreachable (Code 2) . . . . . . . . . . 11
2.1.5. Parameter Problem (Type 12) . . . . . . . . . . . . . 25 2.1.1.4. Port Unreachable (Code 3) . . . . . . . . . . . . 12
2.2. ICMPv4 Informational Messages . . . . . . . . . . . . . . 26 2.1.1.5. Fragmentation Needed and DF Set (Code 4) . . . . . 13
2.2.1. Echo or Echo Reply Message . . . . . . . . . . . . . . 26 2.1.1.6. Source Route Failed (Code 5) . . . . . . . . . . . 13
2.2.2. Router Solicitation or Router Advertisement message . 28 2.1.1.7. Destination Network Unknown (Code 6)
2.2.3. Timestamp or Timestamp Reply Message . . . . . . . . . 29 (Deprecated) . . . . . . . . . . . . . . . . . . . 14
2.1.1.8. Destination Host Unknown (Code 7) . . . . . . . . 15
2.1.1.9. Source Host Isolated (Code 8) (Deprecated) . . . . 16
2.1.1.10. Communication with Destination Network
Administratively Prohibited (Code 9)
(Deprecated) . . . . . . . . . . . . . . . . . . . 16
2.1.1.11. Communication with Destination Host
Administratively Prohibited (Code 10)
(Deprecated) . . . . . . . . . . . . . . . . . . . 17
2.1.1.12. Network Unreachable for Type of Service (Code
11) . . . . . . . . . . . . . . . . . . . . . . . 18
2.1.1.13. Host Unreachable for Type of Service (Code 12) . . 19
2.1.1.14. Communication Administratively Prohibited
(Code 13) . . . . . . . . . . . . . . . . . . . . 20
2.1.1.15. Host Precedence Violation (Code 14) . . . . . . . 21
2.1.1.16. Precedence Cutoff in Effect (Code 15) . . . . . . 21
2.1.2. Source Quench (Type 4, Code 0) . . . . . . . . . . . . 22
2.1.3. Redirect (Type 5) . . . . . . . . . . . . . . . . . . 23
2.1.3.1. Redirect Datagrams for the Network (Code 0) . . . 23
2.1.3.2. Redirect Datagrams for the Host (Code 1) . . . . . 24
2.1.3.3. Redirect datagrams for the Type of Service and
Network (Code 2) . . . . . . . . . . . . . . . . . 24
2.1.3.4. Redirect Datagrams for the Type of Service and
Host (Code 3) . . . . . . . . . . . . . . . . . . 25
2.1.4. Time Exceeded (Type 11) . . . . . . . . . . . . . . . 25
2.1.4.1. Time to Live Exceeded in Transit (Code 0) . . . . 26
2.1.4.2. Fragment Reassembly Time Exceeded (Code 1) . . . . 26
2.1.5. Parameter Problem (Type 12) . . . . . . . . . . . . . 27
2.1.5.1. Pointer Indicates the Error (Code 0) . . . . . . . 27
2.1.5.2. Required Option is Missing (Code 1) . . . . . . . 28
2.2. ICMPv4 Informational Messages . . . . . . . . . . . . . . 28
2.2.1. Echo or Echo Reply Message . . . . . . . . . . . . . . 28
2.2.1.1. Echo Message (Type 8, Code 0) . . . . . . . . . . 28
2.2.1.2. Echo Reply Message (Type 0, Code 0) . . . . . . . 29
2.2.2. Router Solicitation or Router Advertisement message . 30
2.2.2.1. Router Solicitation Message (Type 10, Code 0) . . 30
2.2.2.2. Router Advertisement Message (Type 9, Code 0) . . 31
2.2.3. Timestamp or Timestamp Reply Message . . . . . . . . . 31
2.2.3.1. Timestamp Message (Type 13, Code 0) . . . . . . . 31
2.2.3.2. Timestamp Reply Message (Type 14, Code 0) . . . . 32
2.2.4. Information Request or Information Reply Message 2.2.4. Information Request or Information Reply Message
(Deprecated) . . . . . . . . . . . . . . . . . . . . . 30 (Deprecated) . . . . . . . . . . . . . . . . . . . . . 32
2.2.5. Address Mask Request or Address Mask Reply . . . . . . 31 2.2.4.1. Information Request Message (Type 15, Code 0) . . 32
3. Internet Control Message Protocol version 6 (ICMPv6) . . . . . 33 2.2.4.2. Information Reply Message (Type 16, Code 0) . . . 33
3.1. ICMPv6 Error Messages . . . . . . . . . . . . . . . . . . 34 2.2.5. Address Mask Request or Address Mask Reply . . . . . . 33
3.1.1. Destination Unreachable (Type 1) . . . . . . . . . . . 34 2.2.5.1. Address Mask Request (Type 17, Code 0) . . . . . . 34
3.1.2. Packet Too Big Message (Type 2, code 0) . . . . . . . 38 2.2.5.2. Address Mask Reply (Type 18, Code 0) . . . . . . . 34
3.1.3. Time Exceeded Message (Type 3) . . . . . . . . . . . . 39 3. Internet Control Message Protocol version 6 (ICMPv6) . . . . . 35
3.1.4. Parameter Problem Message (Type 4) . . . . . . . . . . 40 3.1. ICMPv6 Error Messages . . . . . . . . . . . . . . . . . . 36
3.1.5. Private experimentation (Type 100) . . . . . . . . . . 42 3.1.1. Destination Unreachable (Type 1) . . . . . . . . . . . 36
3.1.6. Private experimentation (Type 101) . . . . . . . . . . 43 3.1.1.1. No route to destination (Code 0) . . . . . . . . . 36
3.1.1.2. Communication with destination
administratively prohibited (Code 1) . . . . . . . 37
3.1.1.3. Beyond scope of source address (Code 2) . . . . . 38
3.1.1.4. Address unreachable (Code 3) . . . . . . . . . . . 38
3.1.1.5. Port unreachable (Code 4) . . . . . . . . . . . . 39
3.1.1.6. Source address failed ingress/egress policy
(Code 5) . . . . . . . . . . . . . . . . . . . . . 39
3.1.1.7. Reject route to destination (Code 6) . . . . . . . 40
3.1.2. Packet Too Big Message (Type 2, Code 0) . . . . . . . 40
3.1.3. Time Exceeded Message (Type 3) . . . . . . . . . . . . 41
3.1.3.1. Hop limit exceeded in transit (Code 0) . . . . . . 41
3.1.3.2. Fragment reassembly time exceeded (Code 1) . . . . 42
3.1.4. Parameter Problem Message (Type 4) . . . . . . . . . . 42
3.1.4.1. Erroneous header field encountered (Code 0) . . . 42
3.1.4.2. Unrecognized Next Header Type encountered
(Code 1) . . . . . . . . . . . . . . . . . . . . . 43
3.1.4.3. Unrecognized IPv6 option encountered (Code 2) . . 44
3.1.5. Private experimentation (Type 100) . . . . . . . . . . 44
3.1.6. Private experimentation (Type 101) . . . . . . . . . . 45
3.1.7. Reserved for expansion of ICMPv6 error messages 3.1.7. Reserved for expansion of ICMPv6 error messages
(Type 127) . . . . . . . . . . . . . . . . . . . . . . 43 (Type 127) . . . . . . . . . . . . . . . . . . . . . . 45
3.2. ICMPv6 Informational messages . . . . . . . . . . . . . . 44 3.2. ICMPv6 Informational messages . . . . . . . . . . . . . . 46
3.2.1. Echo Request or Echo Reply Message . . . . . . . . . . 44 3.2.1. Echo Request or Echo Reply Message . . . . . . . . . . 46
3.2.2. Private experimentation (Type 200) . . . . . . . . . . 44 3.2.1.1. Echo Request message (Type 128, Code 0) . . . . . 46
3.2.3. Private experimentation (Type 201) . . . . . . . . . . 45 3.2.1.2. Echo reply message (Type 129, Code 0) . . . . . . 46
3.2.4. Reserved for expansion of ICMPv6 informational 3.2.2. Multicast Listener Discovery (MLD) . . . . . . . . . . 46
messages (Type 255) . . . . . . . . . . . . . . . . . 45 3.2.2.1. Multicast Listener Query (Type 130) . . . . . . . 47
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 46 3.2.2.2. Multicast Listener Report (Type 131) . . . . . . . 47
5. Security Considerations . . . . . . . . . . . . . . . . . . . 46 3.2.2.3. Multicast Listener Done (Type 132) . . . . . . . . 47
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 46 3.2.2.4. Version 2 Multicast Listener Report (Type 143) . . 47
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 47 3.2.3. Neighbor Discovery (ND) . . . . . . . . . . . . . . . 48
7.1. Normative References . . . . . . . . . . . . . . . . . . . 47 3.2.3.1. Router Solicitation (Type 133) . . . . . . . . . . 48
7.2. Informative References . . . . . . . . . . . . . . . . . . 47 3.2.3.2. Router Advertisement (Type 134) . . . . . . . . . 48
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 48 3.2.3.3. Neighbor Solicitation (Type 135) . . . . . . . . . 48
3.2.3.4. Neighbor Advertisement (Type 136) . . . . . . . . 48
3.2.3.5. Redirect Message (Type 137) . . . . . . . . . . . 49
3.2.4. Router Renumbering (Type 138) . . . . . . . . . . . . 49
3.2.5. IPv6 Node Information Queries . . . . . . . . . . . . 49
3.2.5.1. ICMP Node Information Query (Type 139) . . . . . . 49
3.2.5.2. ICMP Node Information Response (Type 140) . . . . 50
3.2.6. IPv6 ND Inverse Discovery . . . . . . . . . . . . . . 50
3.2.6.1. Inverse Neighbor Discovery Solicitation
Message (Type 141) . . . . . . . . . . . . . . . . 50
3.2.6.2. Inverse Neighbor Discovery Advertisement
Message (Type 142) . . . . . . . . . . . . . . . . 50
3.2.7. Mobility . . . . . . . . . . . . . . . . . . . . . . . 50
3.2.7.1. Home Agent Address Discovery Request Message
(Type 144) . . . . . . . . . . . . . . . . . . . . 50
3.2.7.2. Home Agent Address Discovery Reply Message
(Type 145) . . . . . . . . . . . . . . . . . . . . 51
3.2.7.3. Mobile Prefix Solicitation (Type 146) . . . . . . 51
3.2.7.4. Mobile Prefix Advertisement (Type 147) . . . . . . 51
3.2.8. SEcure Neighbor Discovery (SEND) . . . . . . . . . . . 52
3.2.8.1. Certification Path Solicitation Message (Type
148) . . . . . . . . . . . . . . . . . . . . . . . 52
3.2.8.2. Certification Path Advertisement Message (Type
149) . . . . . . . . . . . . . . . . . . . . . . . 52
3.2.9. ICMP messages utilized by experimental mobility
protocols such as Seamoby (Type 150) . . . . . . . . . 52
3.2.10. Multicast Router Discovery . . . . . . . . . . . . . . 52
3.2.10.1. Multicast Router Advertisement (Type 151) . . . . 52
3.2.10.2. Multicast Router Solicitation (Type 152) . . . . . 53
3.2.10.3. Multicast Router Termination (Type 153) . . . . . 53
3.2.11. FMIPv6 Messages (Type 154) . . . . . . . . . . . . . . 53
3.2.12. RPL Control Message (Type 155) . . . . . . . . . . . . 54
3.2.13. Private experimentation (Type 200) . . . . . . . . . . 54
3.2.14. Private experimentation (Type 201) . . . . . . . . . . 54
3.2.15. Reserved for expansion of ICMPv6 informational
messages (Type 255) . . . . . . . . . . . . . . . . . 55
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 55
5. Security Considerations . . . . . . . . . . . . . . . . . . . 55
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 56
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 56
7.1. Normative References . . . . . . . . . . . . . . . . . . . 56
7.2. Informative References . . . . . . . . . . . . . . . . . . 57
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 58
1. Introduction 1. Introduction
This document document provides advice on the filtering of ICMPv4 and This document document provides advice on the filtering of ICMPv4 and
ICMPv6 messages. Additionaly, it discusses the operational and ICMPv6 messages. Additionaly, it discusses the operational and
interoperability implications of such filtering. interoperability implications of such filtering.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
2. Internet Control Message Protocol version 4 (ICMP) 2. Internet Control Message Protocol version 4 (ICMP)
Table 1 summarizes the recommendations with respect to what a device Table 1 summarizes the recommendations with respect to what a device
SHOULD do when generating, forwarding, or receiving ICMPv4 and ICMPv6 SHOULD do when generating, forwarding, or receiving ICMPv6 messages.
messages.
+-------------------------------+----------+-----------+------------+ +-------------------------------+----------+-----------+------------+
| ICMPv4 Message | Sourced | Through | Destined | | ICMPv4 Message | Sourced | Through | Destined |
| | from | Device | to Device | | | from | Device | to Device |
| | Device | | | | | Device | | |
+-------------------------------+----------+-----------+------------+ +-------------------------------+----------+-----------+------------+
| ICMPv4-unreach-net | Rate-L | Rate-L | Rate-L | | ICMPv4-unreach-net | Rate-L | Rate-L | Rate-L |
+-------------------------------+----------+-----------+------------+ +-------------------------------+----------+-----------+------------+
| ICMPv4-unreach-host | Rate-L | Rate-L | Rate-L | | ICMPv4-unreach-host | Rate-L | Rate-L | Rate-L |
+-------------------------------+----------+-----------+------------+ +-------------------------------+----------+-----------+------------+
skipping to change at page 7, line 20 skipping to change at page 9, line 20
Section 4.3.2 of [RFC1812] contains a number of requirements for the Section 4.3.2 of [RFC1812] contains a number of requirements for the
generation and processing of ICMP error messages, including: generation and processing of ICMP error messages, including:
initialization of the TTL of the error message, the amount of data initialization of the TTL of the error message, the amount of data
from the offending packet to be included in the ICMP payload, setting from the offending packet to be included in the ICMP payload, setting
the IP Source Address of ICMP error messages, setting of the TOS and the IP Source Address of ICMP error messages, setting of the TOS and
Precedence, processing of IP Source Route option in offending Precedence, processing of IP Source Route option in offending
packets, scenarios in which routers MUST NOT send ICMP error packets, scenarios in which routers MUST NOT send ICMP error
messages, and application of rate-limiting to ICMP error messages. messages, and application of rate-limiting to ICMP error messages.
The ICMP specification [RFC0792] originally defined the ICMP Source The ICMP specification [RFC0792] originally defined the ICMP Source
Quench message (type 4, code 0), which was meant to provide a Quench message (Type 4, Code 0), which was meant to provide a
mechanism for flow control and congestion control. ICMP Source mechanism for flow control and congestion control. ICMP Source
Quench is being formally deprecated by Quench is being formally deprecated by [RFC6633].
[I-D.ietf-tsvwg-source-quench].
[RFC1191] defines a mechanism called "Path MTU Discovery" (PMTUD), [RFC1191] defines a mechanism called "Path MTU Discovery (PMTUD),
which makes use of ICMP error messages of type 3 (Destination which makes use of ICMP error messages of Type 3 (Destination
Unreachable), code 4 (fragmentation needed and DF bit set) to allow Unreachable), Code 4 (fragmentation needed and DF bit set) to allow
systems to determine the MTU of an arbitrary internet path. systems to determine the MTU of an arbitrary internet path.
Appendix D of [RFC4301] provides information about which ICMP error Appendix D of [RFC4301] provides information about which ICMP error
messages are produced by hosts, intermediate routers, or both. messages are produced by hosts, intermediate routers, or both.
2.1.1. Destination Unreachable (Type 3) 2.1.1. Destination Unreachable (Type 3)
The ICMP Destination Unreachable message is sent by a router in The ICMP Destination Unreachable message is sent by a router in
response to a packet which it cannot forward because the destination response to a packet which it cannot forward because the destination
(or next hop) is unreachable or a service is unavailable. Examples (or next hop) is unreachable or a service is unavailable. Examples
of such cases include a message addressed to a host which is not of such cases include a message addressed to a host which is not
there and therefore does not respond to ARP requests, and messages there and therefore does not respond to ARP requests, and messages
addressed to network prefixes for which the router has no valid addressed to network prefixes for which the router has no valid
route. [RFC1812] states that a router MUST be able to generate ICMP route. [RFC1812] states that a router MUST be able to generate ICMP
Destination Unreachable messages and SHOULD choose a response code Destination Unreachable messages and SHOULD choose a response Code
that most closely matches the reason the message is being generated. that most closely matches the reason the message is being generated.
Section 3.2.2.1 of [RFC1122] states that a Destination Unreachable Section 3.2.2.1 of [RFC1122] states that a Destination Unreachable
message that is received MUST be reported to the transport layer, and message that is received MUST be reported to the transport layer, and
that the transport layer SHOULD use the information appropriately. that the transport layer SHOULD use the information appropriately.
2.1.1.1. Net Unreachable (code 0) 2.1.1.1. Net Unreachable (Code 0)
2.1.1.1.1. Uses 2.1.1.1.1. Uses
Used to indicate that a router cannot forward a packet because it has Used to indicate that a router cannot forward a packet because it has
no routes at all (including no default route) to the destination no routes at all (including no default route) to the destination
specified in the packet. A number of systems abort connections in specified in the packet. A number of systems abort connections in
non-synchronized states in response to this message, to avoid long non-synchronized states in response to this message, to avoid long
delays in connection establishment attempts [RFC5461]. delays in connection establishment attempts [RFC5461].
2.1.1.1.2. Message Specification 2.1.1.1.2. Message Specification
skipping to change at page 8, line 46 skipping to change at page 10, line 46
This attack be mitigated by rate-limiting the rate of IMCP messages This attack be mitigated by rate-limiting the rate of IMCP messages
generated. For rate-limiting ICMPv4 messages see Section 4.3.2.8 of generated. For rate-limiting ICMPv4 messages see Section 4.3.2.8 of
[RFC1812]. [RFC1812].
2.1.1.1.4. Operational and Interoperability Impact if Blocked 2.1.1.1.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts May lead to long delays between connection establishment attempts
that could have been avoided by those systems aborting non- that could have been avoided by those systems aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.2. Host Unreachable (code 1) 2.1.1.2. Host Unreachable (Code 1)
2.1.1.2.1. Uses 2.1.1.2.1. Uses
Used to indicate that a router cannot forward a to the intended Used to indicate that a router cannot forward a to the intended
destination because it is unreachable. A number of systems abort destination because it is unreachable. A number of systems abort
connections in non-synchronized states in response to this message, connections in non-synchronized states in response to this message,
to avoid long delays in connection establishment attempts [RFC5461]. to avoid long delays in connection establishment attempts [RFC5461].
2.1.1.2.2. Message Specification 2.1.1.2.2. Message Specification
skipping to change at page 9, line 37 skipping to change at page 11, line 37
This can be mitigated by rate-limiting the rate of IMCP messages This can be mitigated by rate-limiting the rate of IMCP messages
generated. For rate-limiting ICMPv4 messages see Section 4.3.2.8 of generated. For rate-limiting ICMPv4 messages see Section 4.3.2.8 of
[RFC1812]. [RFC1812].
2.1.1.2.4. Operational and Interoperability Impact if Blocked 2.1.1.2.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts May lead to long delays between connection establishment attempts
that could have been avoided by those systems aborting non- that could have been avoided by those systems aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.3. Protocol Unreachable (code 2) 2.1.1.3. Protocol Unreachable (Code 2)
2.1.1.3.1. Uses 2.1.1.3.1. Uses
Used by hosts to indicate that the designated transport protocol is Used by hosts to indicate that the designated transport protocol is
not supported. not supported.
2.1.1.3.2. Message Specification 2.1.1.3.2. Message Specification
Defined in [RFC0792]. [RFC1122] states that a host SHOULD send a Defined in [RFC0792]. [RFC1122] states that a host SHOULD send a
protocol unreachable when the designated transport protocol is not protocol unreachable when the designated transport protocol is not
skipping to change at page 10, line 23 skipping to change at page 12, line 23
router with packets which the attacker knows will result in the router with packets which the attacker knows will result in the
router spending resources in generating a high volume of ICMP router spending resources in generating a high volume of ICMP
messages. These DoS attacks can be mitigated by rate-limiting the messages. These DoS attacks can be mitigated by rate-limiting the
rate of IMCP messages generated. For rate-limiting ICMPv4 messages rate of IMCP messages generated. For rate-limiting ICMPv4 messages
see Section 4.3.2.8 of [RFC1812]. see Section 4.3.2.8 of [RFC1812].
2.1.1.3.4. Operational and Interoperability Impact if Blocked 2.1.1.3.4. Operational and Interoperability Impact if Blocked
None. None.
2.1.1.4. Port Unreachable (code 3) 2.1.1.4. Port Unreachable (Code 3)
2.1.1.4.1. Uses 2.1.1.4.1. Uses
Used by end-systems to signal the source system that it could not Used by end-systems to signal the source system that it could not
demultiplex the received packet (i.e., there was no listening process demultiplex the received packet (i.e., there was no listening process
on the destination port). Used by UDP-based trace route to locate on the destination port). Used by UDP-based trace route to locate
the final destination (UDP probes are sent to an UDP port that is the final destination (UDP probes are sent to an UDP port that is
believed to be unused). Some firewalls respond with this error believed to be unused). Some firewalls respond with this error
message when a received packet is discarded due to a violation of the message when a received packet is discarded due to a violation of the
firewall security policy. A number of systems abort connections in firewall security policy. A number of systems abort connections in
skipping to change at page 11, line 25 skipping to change at page 13, line 25
messages. These DoS attacks can be mitigated by rate-limiting the messages. These DoS attacks can be mitigated by rate-limiting the
rate of IMCP messages generated. For rate-limiting ICMPv4 messages rate of IMCP messages generated. For rate-limiting ICMPv4 messages
see Section 4.3.2.8 of [RFC1812]. see Section 4.3.2.8 of [RFC1812].
2.1.1.4.4. Operational and Interoperability Impact if Blocked 2.1.1.4.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.5. Fragmentation Needed and DF Set (code 4) 2.1.1.5. Fragmentation Needed and DF Set (Code 4)
2.1.1.5.1. Uses 2.1.1.5.1. Uses
Used for the Path-MTU Discovery mechanism described in [RFC1191]. Used for the Path-MTU Discovery mechanism described in [RFC1191].
2.1.1.5.2. Message Specification 2.1.1.5.2. Message Specification
Defined in [RFC0792] Defined in [RFC0792]
2.1.1.5.3. Threats 2.1.1.5.3. Threats
This error message can be used to perform Denial of Service (DoS) This error message can be used to perform Denial of Service (DoS)
attacks against transport protocols. [RFC5927] describes the use of attacks against transport protocols. [RFC5927] describes the use of
this error message to attack TCP connections. this error message to attack TCP connections.
2.1.1.5.4. Operational and Interoperability Impact if Blocked 2.1.1.5.4. Operational and Interoperability Impact if Blocked
Filtering this error message breaks the Path-MTU Discovery mechansim Filtering this error message breaks the Path-MTU Discovery mechansim
described in [RFC1191]. described in [RFC1191].
2.1.1.6. Source Route Failed (code 5) 2.1.1.6. Source Route Failed (Code 5)
2.1.1.6.1. Uses 2.1.1.6.1. Uses
Signals errors araising from IPv4 source routes. Signals errors araising from IPv4 source routes.
2.1.1.6.2. Message Specification 2.1.1.6.2. Message Specification
Defined in [RFC0792]. Section 3.2.2.1 of [RFC1122] states that his Defined in [RFC0792]. Section 3.2.2.1 of [RFC1122] states that his
message may result from a routing transient, and MUST therefore be message may result from a routing transient, and MUST therefore be
interpreted as only a hint, not proof, that the specified destination interpreted as only a hint, not proof, that the specified destination
skipping to change at page 12, line 38 skipping to change at page 14, line 38
This can be mitigated by rate-limiting the rate of IMCP messages This can be mitigated by rate-limiting the rate of IMCP messages
generated. For rate-limiting ICMPv4 messages see Section 4.3.2.8 of generated. For rate-limiting ICMPv4 messages see Section 4.3.2.8 of
[RFC1812]. [RFC1812].
2.1.1.6.4. Operational and Interoperability Impact if Blocked 2.1.1.6.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.7. Destination Network Unknown (code 6) (Deprecated) 2.1.1.7. Destination Network Unknown (Code 6) (Deprecated)
2.1.1.7.1. Uses 2.1.1.7.1. Uses
Signal unreachability condition to the sending system. Currently Signal unreachability condition to the sending system. Currently
deprecated. A number of systems abort connections in non- deprecated. A number of systems abort connections in non-
synchronized states in response to this message, to avoid long delays synchronized states in response to this message, to avoid long delays
in connection establishment attempts [RFC5461]. in connection establishment attempts [RFC5461].
2.1.1.7.2. Message Specification 2.1.1.7.2. Message Specification
Defined in [RFC1122]. [RFC1812] states that this code SHOULD NOT be Defined in [RFC1122]. [RFC1812] states that this Code SHOULD NOT be
generated since it would imply on the part of the router that the generated since it would imply on the part of the router that the
destination network does not exist (net unreachable code 0 SHOULD be destination network does not exist (net unreachable Code 0 SHOULD be
used in place of code 6). used in place of Code 6).
2.1.1.7.3. Threats 2.1.1.7.3. Threats
An attacker can potentially perform a Denial of Service (DoS) attack An attacker can potentially perform a Denial of Service (DoS) attack
against the router by forcing it to generate a high volume of ICMP against the router by forcing it to generate a high volume of ICMP
Destination Unreachable messages. This can be done by flooding the Destination Unreachable messages. This can be done by flooding the
router with packets which the attacker knows will result in the router with packets which the attacker knows will result in the
router spending resources in generating a high volume of ICMP router spending resources in generating a high volume of ICMP
messages. messages.
This can be mitigated by not-generating and dropping (rather than This can be mitigated by not-generating and dropping (rather than
forwarding) these messages (since they have been deprecated). forwarding) these messages (since they have been deprecated).
2.1.1.7.4. Operational and Interoperability Impact if Blocked 2.1.1.7.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.8. Destination Host Unknown (code 7) 2.1.1.8. Destination Host Unknown (Code 7)
2.1.1.8.1. Uses 2.1.1.8.1. Uses
Signal unreachability condition to the sending system. A number of Signal unreachability condition to the sending system. A number of
systems abort connections in non-synchronized states in response to systems abort connections in non-synchronized states in response to
this message, to avoid long delays in connection establishment this message, to avoid long delays in connection establishment
attempts [RFC5461]. attempts [RFC5461].
2.1.1.8.2. Message Specification 2.1.1.8.2. Message Specification
skipping to change at page 14, line 11 skipping to change at page 16, line 11
This can be mitigated by rate-limiting the rate of IMCP messages This can be mitigated by rate-limiting the rate of IMCP messages
generated. For rate-limiting ICMPv4 messages see Section 4.3.2.8 of generated. For rate-limiting ICMPv4 messages see Section 4.3.2.8 of
[RFC1812]. [RFC1812].
2.1.1.8.4. Operational and Interoperability Impact if Blocked 2.1.1.8.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.9. Source Host Isolated (code 8) (Deprecated) 2.1.1.9. Source Host Isolated (Code 8) (Deprecated)
2.1.1.9.1. Uses 2.1.1.9.1. Uses
Signal unreachability condition to the sending system, but is Signal unreachability condition to the sending system, but is
currently deprecated. A number of systems abort connections in non- currently deprecated. A number of systems abort connections in non-
synchronized states in response to this message, to avoid long delays synchronized states in response to this message, to avoid long delays
in connection establishment attempts [RFC5461]. in connection establishment attempts [RFC5461].
2.1.1.9.2. Message Specification 2.1.1.9.2. Message Specification
skipping to change at page 14, line 49 skipping to change at page 16, line 49
2.1.1.9.4. Operational and Interoperability Impact if Blocked 2.1.1.9.4. Operational and Interoperability Impact if Blocked
Might lead to long delays between connection establishment attempts Might lead to long delays between connection establishment attempts
or long response times that could have been avoided by aborting non- or long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
However, this error message is deprecated, and thus systems should However, this error message is deprecated, and thus systems should
not depend on it for any purpose. not depend on it for any purpose.
2.1.1.10. Communication with Destination Network Administratively 2.1.1.10. Communication with Destination Network Administratively
Prohibited (code 9) (Deprecated) Prohibited (Code 9) (Deprecated)
2.1.1.10.1. Uses 2.1.1.10.1. Uses
Signal unreachability condition to the sending system. A number of Signal unreachability condition to the sending system. A number of
systems abort connections in non-synchronized states in response to systems abort connections in non-synchronized states in response to
this message, to avoid long delays in connection establishment this message, to avoid long delays in connection establishment
attempts [RFC5461]. attempts [RFC5461].
2.1.1.10.2. Message Specification 2.1.1.10.2. Message Specification
This error code is defined in [RFC1122], and was intended for use by This error Code is defined in [RFC1122], and was intended for use by
end-to-end encryption devices used by U.S military agencies. end-to-end encryption devices used by U.S military agencies.
[RFC1812] deprecates its use, stating that routers SHOULD use the [RFC1812] deprecates its use, stating that routers SHOULD use the
Code 13 (Communication Administratively Prohibited) if they Code 13 (Communication Administratively Prohibited) if they
administratively filter packets. administratively filter packets.
2.1.1.10.3. Threats 2.1.1.10.3. Threats
May reveal filtering policies. In orther to mitigate this issue, a May reveal filtering policies. In orther to mitigate this issue, a
node could deny the generation of these error messages. However, we node could deny the generation of these error messages. However, we
note that this would also have a negative impact on network note that this would also have a negative impact on network
skipping to change at page 15, line 45 skipping to change at page 17, line 45
2.1.1.10.4. Operational and Interoperability Impact if Blocked 2.1.1.10.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
However, this error message is deprecated, and thus system should not However, this error message is deprecated, and thus system should not
depend on it for any purpose. depend on it for any purpose.
2.1.1.11. Communication with Destination Host Administratively 2.1.1.11. Communication with Destination Host Administratively
Prohibited (code 10) (Deprecated) Prohibited (Code 10) (Deprecated)
2.1.1.11.1. Uses 2.1.1.11.1. Uses
Signal unreachability condition to the sending system, but is Signal unreachability condition to the sending system, but is
currently deprecated. A number of systems abort connections in non- currently deprecated. A number of systems abort connections in non-
synchronized states in response to this message, to avoid long delays synchronized states in response to this message, to avoid long delays
in connection establishment attempts [RFC5461]. in connection establishment attempts [RFC5461].
2.1.1.11.2. Message Specification 2.1.1.11.2. Message Specification
This error code is defined in [RFC1122], and was intended for use by This error Code is defined in [RFC1122], and was intended for use by
end-to-end encryption devices used by U.S military agencies. end-to-end encryption devices used by U.S military agencies.
[RFC1812] deprecates its use, stating that routers SHOULD use the [RFC1812] deprecates its use, stating that routers SHOULD use the
Code 13 (Communication Administratively Prohibited) if they Code 13 (Communication Administratively Prohibited) if they
administratively filter packets. administratively filter packets.
2.1.1.11.3. Threats 2.1.1.11.3. Threats
May reveal filtering policies. In orther to mitigate this issue, a May reveal filtering policies. In orther to mitigate this issue, a
node could deny the generation of these error messages. However, we node could deny the generation of these error messages. However, we
note that this would also have a negative impact on network note that this would also have a negative impact on network
skipping to change at page 16, line 39 skipping to change at page 18, line 39
[RFC1812]. [RFC1812].
2.1.1.11.4. Operational and Interoperability Impact if Blocked 2.1.1.11.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
However, this error message is deprecated, and thus system should not However, this error message is deprecated, and thus system should not
depend on it for any purpose. depend on it for any purpose.
2.1.1.12. Network Unreachable for Type of Service (code 11) 2.1.1.12. Network Unreachable for Type of Service (Code 11)
2.1.1.12.1. Uses 2.1.1.12.1. Uses
Signal unreachability condition to the sending system when TOS-based Signal unreachability condition to the sending system when TOS-based
routing is implemented, because the TOS specified for the routes is routing is implemented, because the TOS specified for the routes is
neither the default TOS (0000) nor the TOS of the packet that the neither the default TOS (0000) nor the TOS of the packet that the
router is attempting to route. A number of systems abort connections router is attempting to route. A number of systems abort connections
in non-synchronized states in response to this message, to avoid long in non-synchronized states in response to this message, to avoid long
delays in connection establishment attempts [RFC5461]. delays in connection establishment attempts [RFC5461].
skipping to change at page 17, line 33 skipping to change at page 19, line 33
messages. This can be mitigated by rate-limiting the rate of ICMP messages. This can be mitigated by rate-limiting the rate of ICMP
messages generated. For rate-limiting ICMPv4 messages see Section messages generated. For rate-limiting ICMPv4 messages see Section
4.3.2.8 of [RFC1812]. 4.3.2.8 of [RFC1812].
2.1.1.12.4. Operational and Interoperability Impact if Blocked 2.1.1.12.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.13. Host Unreachable for Type of Service (code 12) 2.1.1.13. Host Unreachable for Type of Service (Code 12)
2.1.1.13.1. Uses 2.1.1.13.1. Uses
Signal unreachability condition to the sending system, when TOS-based Signal unreachability condition to the sending system, when TOS-based
routing is implemented, because the TOS specified for the routes is routing is implemented, because the TOS specified for the routes is
neither the default TOS (0000) nor the TOS of the packet that the neither the default TOS (0000) nor the TOS of the packet that the
router is attempting to route. A number of systems abort connections router is attempting to route. A number of systems abort connections
in non-synchronized states in response to this message, to avoid long in non-synchronized states in response to this message, to avoid long
delays in connection establishment attempts [RFC5461]. delays in connection establishment attempts [RFC5461].
skipping to change at page 18, line 24 skipping to change at page 20, line 24
messages. This can be mitigated by rate-limiting the rate of ICMP messages. This can be mitigated by rate-limiting the rate of ICMP
messages generated. For rate-limiting ICMPv4 messages see Section messages generated. For rate-limiting ICMPv4 messages see Section
4.3.2.8 of [RFC1812]. 4.3.2.8 of [RFC1812].
2.1.1.13.3. Operational and Interoperability Impact if Blocked 2.1.1.13.3. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.14. Communication Administratively Prohibited (code 13) 2.1.1.14. Communication Administratively Prohibited (Code 13)
2.1.1.14.1. Uses 2.1.1.14.1. Uses
Signal unreachability condition (due to filtering policies) to the Signal unreachability condition (due to filtering policies) to the
sending system. A number of systems abort connections in non- sending system. A number of systems abort connections in non-
synchronized states in response to this message, to avoid long delays synchronized states in response to this message, to avoid long delays
in connection establishment attempts [RFC5461]. in connection establishment attempts [RFC5461].
2.1.1.14.2. Message Specification 2.1.1.14.2. Message Specification
skipping to change at page 19, line 12 skipping to change at page 21, line 12
messages. This can be mitigated by rate-limiting the rate of ICMP messages. This can be mitigated by rate-limiting the rate of ICMP
messages generated. For rate-limiting ICMPv4 messages see Section messages generated. For rate-limiting ICMPv4 messages see Section
4.3.2.8 of [RFC1812]. 4.3.2.8 of [RFC1812].
2.1.1.14.4. Operational and Interoperability Impact if Blocked 2.1.1.14.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.15. Host Precedence Violation (code 14) 2.1.1.15. Host Precedence Violation (Code 14)
2.1.1.15.1. Uses 2.1.1.15.1. Uses
Signal unreachability condition to the sending system. A number of Signal unreachability condition to the sending system. A number of
systems abort connections in non-synchronized states in response to systems abort connections in non-synchronized states in response to
this message, to avoid long delays in connection establishment this message, to avoid long delays in connection establishment
attempts [RFC5461]. attempts [RFC5461].
2.1.1.15.2. Message Specification 2.1.1.15.2. Message Specification
skipping to change at page 19, line 47 skipping to change at page 21, line 47
messages. This can be mitigated by rate-limiting the rate of ICMP messages. This can be mitigated by rate-limiting the rate of ICMP
messages generated. For rate-limiting ICMPv4 messages see Section messages generated. For rate-limiting ICMPv4 messages see Section
4.3.2.8 of [RFC1812]. 4.3.2.8 of [RFC1812].
2.1.1.15.4. Operational and Interoperability Impact if Blocked 2.1.1.15.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.1.16. Precedence Cutoff in Effect (code 15) 2.1.1.16. Precedence Cutoff in Effect (Code 15)
2.1.1.16.1. Uses 2.1.1.16.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
2.1.1.16.2. Message Specification 2.1.1.16.2. Message Specification
Defined in [RFC1812], and is sent when the network operators have Defined in [RFC1812], and is sent when the network operators have
imposed a minimum level of precedence required for operation, and a imposed a minimum level of precedence required for operation, and a
skipping to change at page 20, line 40 skipping to change at page 22, line 40
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.2. Source Quench (Type 4, Code 0) 2.1.2. Source Quench (Type 4, Code 0)
2.1.2.1. Uses 2.1.2.1. Uses
Originally meant to aid in congestion-control and flow-control. Originally meant to aid in congestion-control and flow-control.
Currently ignored by most end-system implementations, because of its Currently ignored by most end-system implementations, because of its
security implications (see [RFC5927]. It is being formally security implications (see [RFC5927]. It is being formally
deprecated by [I-D.ietf-tsvwg-source-quench]. deprecated by [RFC6633].
2.1.2.2. Message Specification 2.1.2.2. Message Specification
The Source Quench message was originally specified in [RFC0792]. It The Source Quench message was originally specified in [RFC0792]. It
is being formally deprecated by [I-D.ietf-tsvwg-source-quench]. is being formally deprecated by [RFC6633].
2.1.2.3. Threats 2.1.2.3. Threats
Can be exploited for performing throughput-reduction attacks Can be exploited for performing throughput-reduction attacks
[RFC5927]. [RFC5927].
2.1.2.4. Operational and Interoperability Impact if Blocked 2.1.2.4. Operational and Interoperability Impact if Blocked
None. None.
skipping to change at page 21, line 26 skipping to change at page 23, line 26
the same connected (sub-) net through which the Redirect arrived, or the same connected (sub-) net through which the Redirect arrived, or
that are received from a source other than the first-hop gateway that are received from a source other than the first-hop gateway
SHOULD be silently disacarded. SHOULD be silently disacarded.
Section 4.3.3.2 of [RFC1812] states that a router MAY ignore ICMP Section 4.3.3.2 of [RFC1812] states that a router MAY ignore ICMP
Redirects when choosing a path for a packet originated by the router Redirects when choosing a path for a packet originated by the router
if the router is running a routing protocol or if forwarding is if the router is running a routing protocol or if forwarding is
enabled on the router and on the interface over which the packet is enabled on the router and on the interface over which the packet is
being sent. being sent.
2.1.3.1. Redirect Datagrams for the Network (code 0) 2.1.3.1. Redirect Datagrams for the Network (Code 0)
2.1.3.1.1. Uses 2.1.3.1.1. Uses
Used by routers to communicate end-systems a better first-hop router Used by routers to communicate end-systems a better first-hop router
for a particular network. Currently ignored by a large number of for a particular network. Currently ignored by a large number of
stacks. stacks.
2.1.3.1.2. Message Specification 2.1.3.1.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
skipping to change at page 22, line 7 skipping to change at page 24, line 7
2.1.3.1.4. Operational and Interoperability Impact if Blocked 2.1.3.1.4. Operational and Interoperability Impact if Blocked
If the ICMP redirect was originated in some network segment other If the ICMP redirect was originated in some network segment other
than the one it should be forwarded on, there is no operational than the one it should be forwarded on, there is no operational
impact, as the message is bogus or part of an attack. If an ICMP impact, as the message is bogus or part of an attack. If an ICMP
Redirect that was locally generated is blocked, the end-system will Redirect that was locally generated is blocked, the end-system will
not be informed of the better first-hop for reaching the target not be informed of the better first-hop for reaching the target
network, and thus this would result in less-optimum routes being used network, and thus this would result in less-optimum routes being used
to get the target network. to get the target network.
2.1.3.2. Redirect Datagrams for the Host (code 1) 2.1.3.2. Redirect Datagrams for the Host (Code 1)
2.1.3.2.1. Uses 2.1.3.2.1. Uses
Used by routers to communicate end-systems a better first-hop for a Used by routers to communicate end-systems a better first-hop for a
particular host. Currently ignored my a large number of stacks. particular host. Currently ignored my a large number of stacks.
2.1.3.2.2. Message Specification 2.1.3.2.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
skipping to change at page 22, line 36 skipping to change at page 24, line 36
2.1.3.2.4. Operational and Interoperability Impact if Blocked 2.1.3.2.4. Operational and Interoperability Impact if Blocked
If the ICMP redirect was originated in some network segment other If the ICMP redirect was originated in some network segment other
than the one it should be forwarded on, there is no operational than the one it should be forwarded on, there is no operational
impact, as the message is bogus or part of an attack. If an ICMP impact, as the message is bogus or part of an attack. If an ICMP
Redirect that was locally generated is blocked, the end-system will Redirect that was locally generated is blocked, the end-system will
not be informed of the better first-hop for reaching the target not be informed of the better first-hop for reaching the target
network, and thus this would result in less-optimum routes being used network, and thus this would result in less-optimum routes being used
to get the target network. to get the target network.
2.1.3.3. Redirect datagrams for the Type of Service and Network (code 2.1.3.3. Redirect datagrams for the Type of Service and Network (Code
2) 2)
2.1.3.3.1. Uses 2.1.3.3.1. Uses
Used by routers to communicate end-systems a better first-hop router Used by routers to communicate end-systems a better first-hop router
for a particular network. Currently ignored my a large number of for a particular network. Currently ignored my a large number of
stacks. stacks.
2.1.3.3.2. Message Specification 2.1.3.3.2. Message Specification
skipping to change at page 23, line 23 skipping to change at page 25, line 23
2.1.3.3.4. Operational and Interoperability Impact if Blocked 2.1.3.3.4. Operational and Interoperability Impact if Blocked
If the ICMP redirect was originated in some network segment other If the ICMP redirect was originated in some network segment other
than the one it should be forwarded on, there is no operational than the one it should be forwarded on, there is no operational
impact, as the message is bogus or part of an attack. If an ICMP impact, as the message is bogus or part of an attack. If an ICMP
Redirect that was locally generated is blocked, the end-system will Redirect that was locally generated is blocked, the end-system will
not be informed of the better first-hop for reaching the target not be informed of the better first-hop for reaching the target
network, and thus this would result in less-optimum routes being used network, and thus this would result in less-optimum routes being used
to get the target network. to get the target network.
2.1.3.4. Redirect Datagrams for the Type of Service and Host (code 3) 2.1.3.4. Redirect Datagrams for the Type of Service and Host (Code 3)
2.1.3.4.1. Uses 2.1.3.4.1. Uses
Used by routers to communicate end-systems a better first-hop for a Used by routers to communicate end-systems a better first-hop for a
particular host. Currently ignored my a large number of stacks. particular host. Currently ignored my a large number of stacks.
2.1.3.4.2. Message Specification 2.1.3.4.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
skipping to change at page 24, line 9 skipping to change at page 26, line 9
2.1.4. Time Exceeded (Type 11) 2.1.4. Time Exceeded (Type 11)
Section 3.2.2.4 of [RFC1122] states that an incoming Time Exceeded Section 3.2.2.4 of [RFC1122] states that an incoming Time Exceeded
message MUST be passed to the transport layer. message MUST be passed to the transport layer.
Section 4.3.3.4 of [RFC1812] states that when the router receives Section 4.3.3.4 of [RFC1812] states that when the router receives
(i.e., is destined for the router) a Time Exceeded message, it MUST (i.e., is destined for the router) a Time Exceeded message, it MUST
comply with [RFC1122]. comply with [RFC1122].
2.1.4.1. Time to Live Exceeded in Transit (code 0) 2.1.4.1. Time to Live Exceeded in Transit (Code 0)
2.1.4.1.1. Uses 2.1.4.1.1. Uses
Used for the traceroute troubleshooting tool. Signals unreachability Used for the traceroute troubleshooting tool. Signals unreachability
condition due to routing loops. A number of systems abort condition due to routing loops. A number of systems abort
connections in non-synchronized states in response to this message, connections in non-synchronized states in response to this message,
to avoid long delays in connection establishment attempts [RFC5461]. to avoid long delays in connection establishment attempts [RFC5461].
2.1.4.1.2. Message Specification 2.1.4.1.2. Message Specification
skipping to change at page 24, line 39 skipping to change at page 26, line 39
Can be used for network mapping. Can be used for network mapping.
2.1.4.1.4. Operational and Interoperability Impact if Blocked 2.1.4.1.4. Operational and Interoperability Impact if Blocked
Breaks the traceroute tool. May lead to long delays between Breaks the traceroute tool. May lead to long delays between
connection establishment attempts or long response times that could connection establishment attempts or long response times that could
have been avoided by aborting non-synchronized connections in have been avoided by aborting non-synchronized connections in
response to ICMP soft errors [RFC5461]. response to ICMP soft errors [RFC5461].
2.1.4.2. Fragment Reassembly Time Exceeded (code 1) 2.1.4.2. Fragment Reassembly Time Exceeded (Code 1)
2.1.4.2.1. Uses 2.1.4.2.1. Uses
Signals fragment reassembly timeout. A number of systems abort Signals fragment reassembly timeout. A number of systems abort
connections in non-synchronized states in response to this message, connections in non-synchronized states in response to this message,
to avoid long delays in connection establishment attempts [RFC5461]. to avoid long delays in connection establishment attempts [RFC5461].
2.1.4.2.2. Message Specification 2.1.4.2.2. Message Specification
Defined in [RFC0792]. [RFC0792] states this message may be sent by a Defined in [RFC0792]. [RFC0792] states this message may be sent by a
skipping to change at page 25, line 34 skipping to change at page 27, line 34
be handled by TCP in the same way as Destination Unreachable codes 0, be handled by TCP in the same way as Destination Unreachable codes 0,
1, 5. 1, 5.
Section 4.3.3.5 of [RFC1812] states that a router MUST generate a Section 4.3.3.5 of [RFC1812] states that a router MUST generate a
Parameter Problem message for any error not specifically covered by Parameter Problem message for any error not specifically covered by
another ICMP message. The IP header field or IP option including the another ICMP message. The IP header field or IP option including the
byte indicated by the pointer field MUST be included unchanged in the byte indicated by the pointer field MUST be included unchanged in the
IP header returned with this ICMP message. Section 4.3.2 of the same IP header returned with this ICMP message. Section 4.3.2 of the same
document defines an exception to this rule. document defines an exception to this rule.
2.1.5.1. Pointer Indicates the Error (code 0) 2.1.5.1. Pointer Indicates the Error (Code 0)
2.1.5.1.1. Uses 2.1.5.1.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
2.1.5.1.2. Message Specification 2.1.5.1.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
skipping to change at page 26, line 11 skipping to change at page 28, line 11
May be used to fingerprint the operating system of the host sending May be used to fingerprint the operating system of the host sending
this error message. this error message.
2.1.5.1.4. Operational and Interoperability Impact if Blocked 2.1.5.1.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
2.1.5.2. Required Option is Missing (code 1) 2.1.5.2. Required Option is Missing (Code 1)
2.1.5.2.1. Uses 2.1.5.2.1. Uses
This ICMP Parameter Problem message code is sent whenever a received This ICMP Parameter Problem message Code is sent whenever a received
IP packet should have contained a particular IP Option but the actual IP packet should have contained a particular IP Option but the actual
received IP packet did not contain that IP option. At present, a received IP packet did not contain that IP option. At present, a
common situation in which this is ICMP Parameter Problem message type common situation in which this is ICMP Parameter Problem message Type
is likely to arise is in certain high-security IP deployments where is likely to arise is in certain high-security IP deployments where
one or more IP Security options (e.g. RFC-1108, CIPSO) are deployed, one or more IP Security options (e.g. RFC-1108, CIPSO) are deployed,
and a packet is missing one of those security options. Other similar and a packet is missing one of those security options. Other similar
situations might also exist now, or in future. situations might also exist now, or in future.
2.1.5.2.2. Message Specification 2.1.5.2.2. Message Specification
Defined in Section 3.2.2.5 of [RFC1122]. Defined in Section 3.2.2.5 of [RFC1122].
2.1.5.2.3. Threats 2.1.5.2.3. Threats
skipping to change at page 26, line 48 skipping to change at page 28, line 48
Additionally, blocking this ICMP message would make network trouble- Additionally, blocking this ICMP message would make network trouble-
shooting difficult or impossible in networks where IP Security shooting difficult or impossible in networks where IP Security
Options (e.g. CIPSO, IPSO) are deployed. So blocking these ICMP Options (e.g. CIPSO, IPSO) are deployed. So blocking these ICMP
messages could lead to a kind of denial-of-service attack on such messages could lead to a kind of denial-of-service attack on such
deployments. deployments.
2.2. ICMPv4 Informational Messages 2.2. ICMPv4 Informational Messages
2.2.1. Echo or Echo Reply Message 2.2.1. Echo or Echo Reply Message
2.2.1.1. Echo Message (type 8, code 0) 2.2.1.1. Echo Message (Type 8, Code 0)
2.2.1.1.1. Uses 2.2.1.1.1. Uses
Used by the ping troubleshooting tool. Used by the ping troubleshooting tool.
2.2.1.1.2. Message Specification 2.2.1.1.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
Section 3.2.2.6 of [RFC1122] states that every host MUST implement an Section 3.2.2.6 of [RFC1122] states that every host MUST implement an
ICMP Echo server function that receives Echo Requests and sends ICMP Echo server function that receives Echo Requests and sends
skipping to change at page 27, line 43 skipping to change at page 29, line 43
Has been exploited to perform Smurf attacks [smurf]. A router could Has been exploited to perform Smurf attacks [smurf]. A router could
mitigate this by dropping ICMP echor request messages directed to any mitigate this by dropping ICMP echor request messages directed to any
of its directly-connected subnets. of its directly-connected subnets.
2.2.1.1.4. Operational and Interoperability Impact if Blocked 2.2.1.1.4. Operational and Interoperability Impact if Blocked
Filtering this error message will break the ping tool. The best Filtering this error message will break the ping tool. The best
current practice is to rate-limit this ICMP message. current practice is to rate-limit this ICMP message.
2.2.1.2. Echo Reply Message (Type 0, code 0) 2.2.1.2. Echo Reply Message (Type 0, Code 0)
2.2.1.2.1. Uses 2.2.1.2.1. Uses
Used by the ping troubleshooting tool. Used by the ping troubleshooting tool.
2.2.1.2.2. Message Specification 2.2.1.2.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
Section 3.2.2.6 of [RFC1122] states that every host MUST implement an Section 3.2.2.6 of [RFC1122] states that every host MUST implement an
skipping to change at page 28, line 38 skipping to change at page 30, line 38
Can be used for network mapping [icmp-scanning]. Has been exploited Can be used for network mapping [icmp-scanning]. Has been exploited
to perform Smurf attacks [smurf]. to perform Smurf attacks [smurf].
2.2.1.2.4. Operational and Interoperability Impact if Blocked 2.2.1.2.4. Operational and Interoperability Impact if Blocked
Filtering this error message will break the ping tool. The best Filtering this error message will break the ping tool. The best
current practice is to rate-limit this ICMP message. current practice is to rate-limit this ICMP message.
2.2.2. Router Solicitation or Router Advertisement message 2.2.2. Router Solicitation or Router Advertisement message
2.2.2.1. Router Solicitation Message (type 10, code 0) 2.2.2.1. Router Solicitation Message (Type 10, Code 0)
2.2.2.1.1. Uses 2.2.2.1.1. Uses
Used by some systems as form of stateless autoconfiguration, to Used by some systems as form of stateless autoconfiguration, to
solicit routers on a network segment. solicit routers on a network segment.
2.2.2.1.2. Message Specification 2.2.2.1.2. Message Specification
Defined in [RFC1256] Defined in [RFC1256]
skipping to change at page 29, line 17 skipping to change at page 31, line 17
2.2.2.1.3. Threats 2.2.2.1.3. Threats
Can be used for network mapping (e.g., learning about routers on a Can be used for network mapping (e.g., learning about routers on a
network segment.). network segment.).
2.2.2.1.4. Operational and Interoperability Impact if Blocked 2.2.2.1.4. Operational and Interoperability Impact if Blocked
This mesages should not be routed. Therefore, there is no This mesages should not be routed. Therefore, there is no
operational/interoperability impact if blocked. operational/interoperability impact if blocked.
2.2.2.2. Router Advertisement Message (type 9, code 0) 2.2.2.2. Router Advertisement Message (Type 9, Code 0)
2.2.2.2.1. Uses 2.2.2.2.1. Uses
Used to advertise routers on a network segment. Used to advertise routers on a network segment.
2.2.2.2.2. Message Specification 2.2.2.2.2. Message Specification
Defined in [RFC1256] Defined in [RFC1256]
Section 4.3.3.10 of [RFC1812] states that an IP router MUST support Section 4.3.3.10 of [RFC1812] states that an IP router MUST support
skipping to change at page 29, line 46 skipping to change at page 31, line 46
Can be spoofed by an attacker to direct all traffic sent on a network Can be spoofed by an attacker to direct all traffic sent on a network
segment to itself and/or to perform a DoS attack. segment to itself and/or to perform a DoS attack.
2.2.2.2.4. Operational and Interoperability Impact if Blocked 2.2.2.2.4. Operational and Interoperability Impact if Blocked
This mesages should not be routed. Therefore, there is no This mesages should not be routed. Therefore, there is no
operational/interoperability impact if blocked. operational/interoperability impact if blocked.
2.2.3. Timestamp or Timestamp Reply Message 2.2.3. Timestamp or Timestamp Reply Message
2.2.3.1. Timestamp Message (type 13, code 0) 2.2.3.1. Timestamp Message (Type 13, Code 0)
2.2.3.1.1. Uses 2.2.3.1.1. Uses
May be used as a fall-back mechanism when NTP fails (?). May be used as a fall-back mechanism when NTP fails (?).
2.2.3.1.2. Message Specification 2.2.3.1.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
Section 3.2.2.8 of [RFC1122] states that a host MAY implement Section 3.2.2.8 of [RFC1122] states that a host MAY implement
skipping to change at page 30, line 21 skipping to change at page 32, line 21
messages, a number of requirements are stated. messages, a number of requirements are stated.
2.2.3.1.3. Threats 2.2.3.1.3. Threats
Can be used for network mapping, and device fingerprinting. Can be used for network mapping, and device fingerprinting.
2.2.3.1.4. Operational and Interoperability Impact if Blocked 2.2.3.1.4. Operational and Interoperability Impact if Blocked
None. None.
2.2.3.2. Timestamp Reply Message (type 14, code 0) 2.2.3.2. Timestamp Reply Message (Type 14, Code 0)
2.2.3.2.1. Uses 2.2.3.2.1. Uses
May be used as a fall-back mechanism when NTP fails (?). May be used as a fall-back mechanism when NTP fails (?).
2.2.3.2.2. Message Specification 2.2.3.2.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
2.2.3.2.3. Threats 2.2.3.2.3. Threats
skipping to change at page 30, line 47 skipping to change at page 32, line 47
Systems will not be able to use ICMP timestamps as a fall-bak Systems will not be able to use ICMP timestamps as a fall-bak
mechanism when NTP fails. mechanism when NTP fails.
2.2.4. Information Request or Information Reply Message (Deprecated) 2.2.4. Information Request or Information Reply Message (Deprecated)
These messages are described in [RFC0792] as "a way for a host to These messages are described in [RFC0792] as "a way for a host to
find out the number of the network it is on". Section 3.2.2.7 of find out the number of the network it is on". Section 3.2.2.7 of
[RFC1122] and Section 4.3.3.7 of [RFC1812] deprecate the use of these [RFC1122] and Section 4.3.3.7 of [RFC1812] deprecate the use of these
messages. messages.
2.2.4.1. Information Request Message (type 15, code 0) 2.2.4.1. Information Request Message (Type 15, Code 0)
2.2.4.1.1. Uses 2.2.4.1.1. Uses
These messages originally provided a basic and simple mechanism for These messages originally provided a basic and simple mechanism for
dynamic host configuration. However, they have been deprecated. dynamic host configuration. However, they have been deprecated.
2.2.4.1.2. Message Specification 2.2.4.1.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
skipping to change at page 31, line 24 skipping to change at page 33, line 24
2.2.4.1.3. Threats 2.2.4.1.3. Threats
Allows for OS (Operating Sytem) and device fingerprintng. Since this Allows for OS (Operating Sytem) and device fingerprintng. Since this
messages have been deprecated, the best possible mitigation is to not messages have been deprecated, the best possible mitigation is to not
generate and to drop any received Information Request messages. generate and to drop any received Information Request messages.
2.2.4.1.4. Operational and Interoperability Impact if Blocked 2.2.4.1.4. Operational and Interoperability Impact if Blocked
None. None.
2.2.4.2. Information Reply Message (type 16, code 0) 2.2.4.2. Information Reply Message (Type 16, Code 0)
2.2.4.2.1. Uses 2.2.4.2.1. Uses
These messages originally provided a basic and simple mechanism for These messages originally provided a basic and simple mechanism for
dynamic host configuration. However, they have been deprecated. dynamic host configuration. However, they have been deprecated.
2.2.4.2.2. Message Specification 2.2.4.2.2. Message Specification
Defined in [RFC0792]. Defined in [RFC0792].
skipping to change at page 32, line 4 skipping to change at page 34, line 4
2.2.4.2.3. Threats 2.2.4.2.3. Threats
Allow for OS and device fingerprintng. Allow for OS and device fingerprintng.
2.2.4.2.4. Operational and Interoperability Impact if Blocked 2.2.4.2.4. Operational and Interoperability Impact if Blocked
None. None.
2.2.5. Address Mask Request or Address Mask Reply 2.2.5. Address Mask Request or Address Mask Reply
2.2.5.1. Address Mask Request (type 17, code 0) 2.2.5.1. Address Mask Request (Type 17, Code 0)
2.2.5.1.1. Uses 2.2.5.1.1. Uses
Was originally defined as a means for system stateless Was originally defined as a means for system stateless
autoconfiguration (to look-up the address mask). autoconfiguration (to look-up the address mask).
2.2.5.1.2. Message Specification 2.2.5.1.2. Message Specification
Defined in RFC0950. Section 3.2.2.9 of [RFC1122] includes a number Defined in RFC0950. Section 3.2.2.9 of [RFC1122] includes a number
of requirements regarding the generation and processing of this of requirements regarding the generation and processing of this
skipping to change at page 32, line 31 skipping to change at page 34, line 31
and responding with ICMP Address Mask Reply messages. and responding with ICMP Address Mask Reply messages.
2.2.5.1.3. Threats 2.2.5.1.3. Threats
Can be used for network mapping, and OS fingerprinting. Can be used for network mapping, and OS fingerprinting.
2.2.5.1.4. Operational and Interoperability Impact if Blocked 2.2.5.1.4. Operational and Interoperability Impact if Blocked
None. None.
2.2.5.2. Address Mask Reply (type 18, code 0) 2.2.5.2. Address Mask Reply (Type 18, Code 0)
2.2.5.2.1. Uses 2.2.5.2.1. Uses
Was originally defined as a means for system stateless Was originally defined as a means for system stateless
autoconfiguration (to allow systems to dynamically obtain the address autoconfiguration (to allow systems to dynamically obtain the address
mask). While they have not been deprecated, they are not used in mask). While they have not been deprecated, they are not used in
practice. practice.
2.2.5.2.2. Message Specification 2.2.5.2.2. Message Specification
skipping to change at page 33, line 15 skipping to change at page 35, line 15
2.2.5.2.3. Threats 2.2.5.2.3. Threats
Can be used for network mapping, and OS fingerprinting. Can be used for network mapping, and OS fingerprinting.
2.2.5.2.4. Operational and Interoperability Impact if Blocked 2.2.5.2.4. Operational and Interoperability Impact if Blocked
None. None.
3. Internet Control Message Protocol version 6 (ICMPv6) 3. Internet Control Message Protocol version 6 (ICMPv6)
Table 2 summarizes the recommendations. Table 2 summarizes the recommendations with respect to what a device
SHOULD do when generating, forwarding, or receiving ICMPv6.
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6 Message | Sourced | Through | Destined | | ICMPv6 Message | Sourced | Through | Destined |
| | from | Device | to Device | | | from | Device | to Device |
| | Device | | | | | Device | | |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-unreach | N/A | N/A | N/A | | ICMPv6-unreach | N/A | N/A | N/A |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-unreach-no-route | Rate-L | Permit | Rate-L | | ICMPv6-unreach-no-route | Rate-L | Permit | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
skipping to change at page 33, line 51 skipping to change at page 36, line 4
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-timed-hop-limit | Send | Permit | Rate-L | | ICMPv6-timed-hop-limit | Send | Permit | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-timed-reass | Send | Permit | Rate-L | | ICMPv6-timed-reass | Send | Permit | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-parameter | Rate-L | Permit | Rate-L | | ICMPv6-parameter | Rate-L | Permit | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-parameter-err-header | Rate-L | Deny | Rate-L | | ICMPv6-parameter-err-header | Rate-L | Deny | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-parameter-unrec-header | Rate-L | Deny | Rate-L | | ICMPv6-parameter-unrec-header | Rate-L | Deny | Rate-L |
+---------------------------------+-----------+---------+-----------+
+---------------------------------+-----------+---------+-----------+
| ICMPv6-parameter-unrec-option | Rate-L | Permit | Rate-L | | ICMPv6-parameter-unrec-option | Rate-L | Permit | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-err-private-exp-100 | Send | Deny | Rate-L | | ICMPv6-err-private-exp-100 | Send | Deny | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-err-private-exp-101 | Send | Deny | Rate-L | | ICMPv6-err-private-exp-101 | Send | Deny | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-err-expansion | Send | Permit | Rate-L | | ICMPv6-err-expansion | Send | Permit | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
| ICMPv6-echo-message | Send | Permit | Rate-L | | ICMPv6-echo-message | Send | Permit | Rate-L |
+---------------------------------+-----------+---------+-----------+ +---------------------------------+-----------+---------+-----------+
skipping to change at page 34, line 36 skipping to change at page 36, line 35
Table 2: Summary Recommendations for ICMPv6 Table 2: Summary Recommendations for ICMPv6
3.1. ICMPv6 Error Messages 3.1. ICMPv6 Error Messages
The ICMPv6 specification leaves it up to the implementation the The ICMPv6 specification leaves it up to the implementation the
reaction to ICMP error messages. Therefore, the ICMP attacks reaction to ICMP error messages. Therefore, the ICMP attacks
described in [RFC5927] might or might not be effective. described in [RFC5927] might or might not be effective.
3.1.1. Destination Unreachable (Type 1) 3.1.1. Destination Unreachable (Type 1)
3.1.1.1. No route to destination (code 0) 3.1.1.1. No route to destination (Code 0)
3.1.1.1.1. Uses 3.1.1.1.1. Uses
Used to indicate that the ofending packet cannot be delivered because Used to indicate that the ofending packet cannot be delivered because
there is no route towords the destination address. A number of there is no route towords the destination address. A number of
systems abort connections in non-synchronized states in response to systems abort connections in non-synchronized states in response to
this message, to avoid long delays in connection establishment this message, to avoid long delays in connection establishment
attempts [RFC5461]. attempts [RFC5461].
3.1.1.1.2. Message Specification 3.1.1.1.2. Message Specification
skipping to change at page 35, line 23 skipping to change at page 37, line 23
messages generated. For rate-limiting ICMPv6 messages see Section messages generated. For rate-limiting ICMPv6 messages see Section
2.4, paragraph (f), of [RFC4443]. 2.4, paragraph (f), of [RFC4443].
3.1.1.1.4. Operational and Interoperability Impact if Blocked 3.1.1.1.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.1.2. Communication with destination administratively prohibited 3.1.1.2. Communication with destination administratively prohibited
(code 1) (Code 1)
3.1.1.2.1. Uses 3.1.1.2.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.1.2.2. Message Specification 3.1.1.2.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 36, line 5 skipping to change at page 38, line 5
messages. This can be mitigated by rate-limiting the rate of ICMPv6 messages. This can be mitigated by rate-limiting the rate of ICMPv6
messages generated. For rate-limiting ICMPv6 messages see Section messages generated. For rate-limiting ICMPv6 messages see Section
2.4, paragraph (f), of [RFC4443]. 2.4, paragraph (f), of [RFC4443].
3.1.1.2.4. Operational and Interoperability Impact if Blocked 3.1.1.2.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.1.3. Beyond scope of source address (code 2) 3.1.1.3. Beyond scope of source address (Code 2)
3.1.1.3.1. Uses 3.1.1.3.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.1.3.2. Message Specification 3.1.1.3.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.1.1.3.3. Threats 3.1.1.3.3. Threats
3.1.1.3.4. Operational and Interoperability Impact if Blocked 3.1.1.3.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.1.4. Address unreachable (code 3) 3.1.1.4. Address unreachable (Code 3)
3.1.1.4.1. Uses 3.1.1.4.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.1.4.2. Message Specification 3.1.1.4.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 37, line 5 skipping to change at page 39, line 5
messages. This can be mitigated by rate-limiting the rate of ICMPv6 messages. This can be mitigated by rate-limiting the rate of ICMPv6
messages generated. For rate-limiting ICMPv6 messages see Section messages generated. For rate-limiting ICMPv6 messages see Section
2.4, paragraph (f), of [RFC4443]. 2.4, paragraph (f), of [RFC4443].
3.1.1.4.4. Operational and Interoperability Impact if Blocked 3.1.1.4.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.1.5. Port unreachable (code 4) 3.1.1.5. Port unreachable (Code 4)
3.1.1.5.1. Uses 3.1.1.5.1. Uses
Used to identicate that there is no listening process on the target Used to identicate that there is no listening process on the target
transport protocol port. transport protocol port.
3.1.1.5.2. Message Specification 3.1.1.5.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 37, line 37 skipping to change at page 39, line 37
messages. This can be mitigated by rate-limiting the rate of ICMPv6 messages. This can be mitigated by rate-limiting the rate of ICMPv6
messages generated. For rate-limiting ICMPv6 messages see Section messages generated. For rate-limiting ICMPv6 messages see Section
2.4, paragraph (f), of [RFC4443]. 2.4, paragraph (f), of [RFC4443].
3.1.1.5.4. Operational and Interoperability Impact if Blocked 3.1.1.5.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.1.6. Source address failed ingress/egress policy (code 5) 3.1.1.6. Source address failed ingress/egress policy (Code 5)
3.1.1.6.1. Uses 3.1.1.6.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.1.6.2. Message Specification 3.1.1.6.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 38, line 20 skipping to change at page 40, line 20
messages. This can be mitigated by rate-limiting the rate of ICMPv6 messages. This can be mitigated by rate-limiting the rate of ICMPv6
messages generated. For rate-limiting ICMPv6 messages see Section messages generated. For rate-limiting ICMPv6 messages see Section
2.4, paragraph (f), of [RFC4443]. 2.4, paragraph (f), of [RFC4443].
3.1.1.6.4. Operational and Interoperability Impact if Blocked 3.1.1.6.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.1.7. Reject route to destination (code 6) 3.1.1.7. Reject route to destination (Code 6)
3.1.1.7.1. Uses 3.1.1.7.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.1.7.2. Message Specification 3.1.1.7.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 38, line 49 skipping to change at page 40, line 49
messages. This can be mitigated by rate-limiting the rate of ICMPv6 messages. This can be mitigated by rate-limiting the rate of ICMPv6
messages generated. For rate-limiting ICMPv6 messages see Section messages generated. For rate-limiting ICMPv6 messages see Section
2.4, paragraph (f), of [RFC4443]. 2.4, paragraph (f), of [RFC4443].
3.1.1.7.4. Operational and Interoperability Impact if Blocked 3.1.1.7.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.2. Packet Too Big Message (Type 2, code 0) 3.1.2. Packet Too Big Message (Type 2, Code 0)
3.1.2.1. Uses 3.1.2.1. Uses
Used for the Path-MTU discovery mechanism for IPv6 defined in Used for the Path-MTU discovery mechanism for IPv6 defined in
[RFC1981]. [RFC1981].
3.1.2.2. Message Specification 3.1.2.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.1.2.3. Threats 3.1.2.3. Threats
skipping to change at page 39, line 28 skipping to change at page 41, line 28
3.1.2.4. Operational and Interoperability Impact if Blocked 3.1.2.4. Operational and Interoperability Impact if Blocked
Filtering this error message will break the Path-MTU Discovery Filtering this error message will break the Path-MTU Discovery
mechanism defined in [RFC1981], which could lead to a Denial of mechanism defined in [RFC1981], which could lead to a Denial of
Service (unless the sending node implements some for of Path-MTU Service (unless the sending node implements some for of Path-MTU
blackhole detection). blackhole detection).
3.1.3. Time Exceeded Message (Type 3) 3.1.3. Time Exceeded Message (Type 3)
3.1.3.1. Hop limit exceeded in transit (code 0) 3.1.3.1. Hop limit exceeded in transit (Code 0)
3.1.3.1.1. Uses 3.1.3.1.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.3.1.2. Message Specification 3.1.3.1.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 40, line 5 skipping to change at page 42, line 5
3.1.3.1.3. Threats 3.1.3.1.3. Threats
May be used for network mapping. May be used for network mapping.
3.1.3.1.4. Operational and Interoperability Impact if Blocked 3.1.3.1.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.3.2. Fragment reassembly time exceeded (code 1) 3.1.3.2. Fragment reassembly time exceeded (Code 1)
3.1.3.2.1. Uses 3.1.3.2.1. Uses
Used to signal a timeout in fragment reassembly. A number of systems Used to signal a timeout in fragment reassembly. A number of systems
abort connections in non-synchronized states in response to this abort connections in non-synchronized states in response to this
message, to avoid long delays in connection establishment attempts message, to avoid long delays in connection establishment attempts
[RFC5461]. [RFC5461].
3.1.3.2.2. Message Specification 3.1.3.2.2. Message Specification
skipping to change at page 40, line 33 skipping to change at page 42, line 33
help an attacker to evade a NIDS. help an attacker to evade a NIDS.
3.1.3.2.4. Operational and Interoperability Impact if Blocked 3.1.3.2.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.4. Parameter Problem Message (Type 4) 3.1.4. Parameter Problem Message (Type 4)
3.1.4.1. Erroneous header field encountered (code 0) 3.1.4.1. Erroneous header field encountered (Code 0)
3.1.4.1.1. Uses 3.1.4.1.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.4.1.2. Message Specification 3.1.4.1.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 41, line 17 skipping to change at page 43, line 17
This can be mitigated by rate-limiting the rate of ICMPv6 messages This can be mitigated by rate-limiting the rate of ICMPv6 messages
generated. For rate-limiting ICMPv6 messages see Section 2.4, generated. For rate-limiting ICMPv6 messages see Section 2.4,
paragraph (f), of [RFC4443]. paragraph (f), of [RFC4443].
3.1.4.1.4. Operational and Interoperability Impact if Blocked 3.1.4.1.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.4.2. Unrecognized Next Header type encountered (code 1) 3.1.4.2. Unrecognized Next Header Type encountered (Code 1)
3.1.4.2.1. Uses 3.1.4.2.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.4.2.2. Message Specification 3.1.4.2.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 42, line 5 skipping to change at page 44, line 5
This can be mitigated by rate-limiting the rate of ICMPv6 messages This can be mitigated by rate-limiting the rate of ICMPv6 messages
generated. For rate-limiting ICMPv6 messages see Section 2.4, generated. For rate-limiting ICMPv6 messages see Section 2.4,
paragraph (f), of [RFC4443]. paragraph (f), of [RFC4443].
3.1.4.2.4. Operational and Interoperability Impact if Blocked 3.1.4.2.4. Operational and Interoperability Impact if Blocked
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.4.3. Unrecognized IPv6 option encountered (code 2) 3.1.4.3. Unrecognized IPv6 option encountered (Code 2)
3.1.4.3.1. Uses 3.1.4.3.1. Uses
A number of systems abort connections in non-synchronized states in A number of systems abort connections in non-synchronized states in
response to this message, to avoid long delays in connection response to this message, to avoid long delays in connection
establishment attempts [RFC5461]. establishment attempts [RFC5461].
3.1.4.3.2. Message Specification 3.1.4.3.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
skipping to change at page 42, line 39 skipping to change at page 44, line 39
May lead to long delays between connection establishment attempts or May lead to long delays between connection establishment attempts or
long response times that could have been avoided by aborting non- long response times that could have been avoided by aborting non-
synchronized connections in response to ICMP soft errors [RFC5461]. synchronized connections in response to ICMP soft errors [RFC5461].
3.1.5. Private experimentation (Type 100) 3.1.5. Private experimentation (Type 100)
3.1.5.1. Uses 3.1.5.1. Uses
Used for performing controlled experiments with ICMPv6 messages Used for performing controlled experiments with ICMPv6 messages
before a specific ICMPv6 type is formally assigned by IANA. before a specific ICMPv6 Type is formally assigned by IANA.
3.1.5.2. Message Specification 3.1.5.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.1.5.3. Threats 3.1.5.3. Threats
The security implications of this message type will depend on the The security implications of this message Type will depend on the
specific experiment the message is being used for and whether the specific experiment the message is being used for and whether the
node this message is destined to implements the aforementioned node this message is destined to implements the aforementioned
"experiment". "experiment".
3.1.5.4. Operational and Interoperability Impact if Blocked 3.1.5.4. Operational and Interoperability Impact if Blocked
None (this message type is meant for experimentation rather than None (this message Type is meant for experimentation rather than
"production"). "production").
3.1.6. Private experimentation (Type 101) 3.1.6. Private experimentation (Type 101)
3.1.6.1. Uses 3.1.6.1. Uses
Used for performing controlled experiments with ICMPv6 messages Used for performing controlled experiments with ICMPv6 messages
before a specific ICMPv6 type is formally assigned by IANA. before a specific ICMPv6 Type is formally assigned by IANA.
3.1.6.2. Message Specification 3.1.6.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.1.6.3. Threats 3.1.6.3. Threats
The security implications of this message type will depend on the The security implications of this message Type will depend on the
specific experiment the message is being used for and whether the specific experiment the message is being used for and whether the
node this message is destined to implements the aforementioned node this message is destined to implements the aforementioned
"experiment". "experiment".
3.1.6.4. Operational and Interoperability Impact if Blocked 3.1.6.4. Operational and Interoperability Impact if Blocked
None (this message type is meant for controlled experimentation None (this message Type is meant for controlled experimentation
rather than "production"). rather than "production").
3.1.7. Reserved for expansion of ICMPv6 error messages (Type 127) 3.1.7. Reserved for expansion of ICMPv6 error messages (Type 127)
3.1.7.1. Uses 3.1.7.1. Uses
Type value 127 is reserved for future expansion of the type value Type value 127 is reserved for future expansion of the type value
range if there is a shortage in the future. range if there is a shortage in the future.
3.1.7.2. Message Specification 3.1.7.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.1.7.3. Threats 3.1.7.3. Threats
None. None.
3.1.7.4. Operational and Interoperability Impact if Blocked 3.1.7.4. Operational and Interoperability Impact if Blocked
It would prevent expansion of the type value range, and hence prevent It would prevent expansion of the Type value range, and hence prevent
extension of the ICMPv6 protocol. extension of the ICMPv6 protocol.
3.2. ICMPv6 Informational messages 3.2. ICMPv6 Informational messages
3.2.1. Echo Request or Echo Reply Message 3.2.1. Echo Request or Echo Reply Message
3.2.1.1. Echo Request message (type 128, code 0) 3.2.1.1. Echo Request message (Type 128, Code 0)
3.2.1.1.1. Uses 3.2.1.1.1. Uses
Used by the ping tool to test reachability. Used by the ping tool to test reachability.
3.2.1.1.2. Message Specification 3.2.1.1.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.2.1.1.3. Threats 3.2.1.1.3. Threats
Can be used for network mapping [icmp-scanning] and for performing Can be used for network mapping [icmp-scanning] and for performing
Smurf DoS attacks [smurf]. Smurf DoS attacks [smurf].
3.2.1.1.4. Operational and Interoperability Impact if Blocked 3.2.1.1.4. Operational and Interoperability Impact if Blocked
Filtering this error message will break the ping tool. The best Filtering this error message will break the ping tool. The best
current practice is to rate-limit this ICMP message. current practice is to rate-limit this ICMP message.
3.2.1.2. Echo reply message (Type 129, code 0) 3.2.1.2. Echo reply message (Type 129, Code 0)
3.2.1.2.1. Uses 3.2.1.2.1. Uses
Used by the ping tool to test reachability. Used by the ping tool to test reachability.
3.2.1.2.2. Message Specification 3.2.1.2.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.2.1.2.3. Threats 3.2.1.2.3. Threats
Can be used for network mapping [icmp-scanning] and for performing Can be used for network mapping [icmp-scanning] and for performing
Smurf DoS attacks [smurf]. Smurf DoS attacks [smurf].
3.2.1.2.4. Operational and Interoperability Impact if Blocked 3.2.1.2.4. Operational and Interoperability Impact if Blocked
Filtering this error message will break the ping tool. The best Filtering this error message will break the ping tool. The best
current practice is to rate-limit this ICMP message. current practice is to rate-limit this ICMP message.
3.2.2. Private experimentation (Type 200) 3.2.2. Multicast Listener Discovery (MLD)
3.2.2.1. Uses 3.2.2.1. Multicast Listener Query (Type 130)
3.2.2.1.1. Uses
3.2.2.1.2. Message Specification
Defined in [RFC2710].
3.2.2.1.3. Threats
3.2.2.1.4. Operational and Interoperability Impact if Blocked
3.2.2.2. Multicast Listener Report (Type 131)
3.2.2.2.1. Uses
3.2.2.2.2. Message Specification
Defined in [RFC2710].
3.2.2.2.3. Threats
3.2.2.2.4. Operational and Interoperability Impact if Blocked
3.2.2.3. Multicast Listener Done (Type 132)
3.2.2.3.1. Uses
3.2.2.3.2. Message Specification
Defined in [RFC2710].
3.2.2.3.3. Threats
3.2.2.3.4. Operational and Interoperability Impact if Blocked
3.2.2.4. Version 2 Multicast Listener Report (Type 143)
3.2.2.4.1. Uses
3.2.2.4.2. Message Specification
Defined in [RFC3810].
3.2.2.4.3. Threats
3.2.2.4.4. Operational and Interoperability Impact if Blocked
3.2.3. Neighbor Discovery (ND)
3.2.3.1. Router Solicitation (Type 133)
3.2.3.1.1. Uses
3.2.3.1.2. Message Specification
Defined in [RFC4861].
3.2.3.1.3. Threats
3.2.3.1.4. Operational and Interoperability Impact if Blocked
3.2.3.2. Router Advertisement (Type 134)
3.2.3.2.1. Uses
3.2.3.2.2. Message Specification
Defined in [RFC4861].
3.2.3.2.3. Threats
3.2.3.2.4. Operational and Interoperability Impact if Blocked
3.2.3.3. Neighbor Solicitation (Type 135)
3.2.3.3.1. Uses
3.2.3.3.2. Message Specification
Defined in [RFC4861].
3.2.3.3.3. Threats
3.2.3.3.4. Operational and Interoperability Impact if Blocked
3.2.3.4. Neighbor Advertisement (Type 136)
3.2.3.4.1. Uses
3.2.3.4.2. Message Specification
Defined in [RFC4861].
3.2.3.4.3. Threats
3.2.3.4.4. Operational and Interoperability Impact if Blocked
3.2.3.5. Redirect Message (Type 137)
3.2.3.5.1. Uses
3.2.3.5.2. Message Specification
Defined in [RFC4861].
3.2.3.5.3. Threats
3.2.3.5.4. Operational and Interoperability Impact if Blocked
3.2.4. Router Renumbering (Type 138)
3.2.4.1. Uses
3.2.4.2. Message Specification
Defined.
3.2.4.3. Threats
3.2.4.4. Operational and Interoperability Impact if Blocked
3.2.5. IPv6 Node Information Queries
3.2.5.1. ICMP Node Information Query (Type 139)
3.2.5.1.1. Uses
3.2.5.1.2. Message Specification
Defined in [RFC4620].
3.2.5.1.3. Threats
3.2.5.1.4. Operational and Interoperability Impact if Blocked
3.2.5.2. ICMP Node Information Response (Type 140)
3.2.5.2.1. Uses
3.2.5.2.2. Message Specification
Defined in [RFC4620].
3.2.5.2.3. Threats
3.2.5.2.4. Operational and Interoperability Impact if Blocked
3.2.6. IPv6 ND Inverse Discovery
3.2.6.1. Inverse Neighbor Discovery Solicitation Message (Type 141)
3.2.6.1.1. Uses
3.2.6.1.2. Message Specification
Defined in [RFC3122].
3.2.6.1.3. Threats
3.2.6.1.4. Operational and Interoperability Impact if Blocked
3.2.6.2. Inverse Neighbor Discovery Advertisement Message (Type 142)
3.2.6.2.1. Uses
3.2.6.2.2. Message Specification
Defined in [RFC3122].
3.2.6.2.3. Threats
3.2.6.2.4. Operational and Interoperability Impact if Blocked
3.2.7. Mobility
3.2.7.1. Home Agent Address Discovery Request Message (Type 144)
3.2.7.1.1. Uses
3.2.7.1.2. Message Specification
Defined in [RFC6275].
3.2.7.1.3. Threats
3.2.7.1.4. Operational and Interoperability Impact if Blocked
3.2.7.2. Home Agent Address Discovery Reply Message (Type 145)
3.2.7.2.1. Uses
3.2.7.2.2. Message Specification
Defined in [RFC6275].
3.2.7.2.3. Threats
3.2.7.2.4. Operational and Interoperability Impact if Blocked
3.2.7.3. Mobile Prefix Solicitation (Type 146)
3.2.7.3.1. Uses
3.2.7.3.2. Message Specification
Defined in [RFC6275].
3.2.7.3.3. Threats
3.2.7.3.4. Operational and Interoperability Impact if Blocked
3.2.7.4. Mobile Prefix Advertisement (Type 147)
3.2.7.4.1. Uses
3.2.7.4.2. Message Specification
Defined in [RFC6275].
3.2.7.4.3. Threats
3.2.7.4.4. Operational and Interoperability Impact if Blocked
3.2.8. SEcure Neighbor Discovery (SEND)
3.2.8.1. Certification Path Solicitation Message (Type 148)
3.2.8.1.1. Uses
3.2.8.1.2. Message Specification
Defined in [RFC3971].
3.2.8.1.3. Threats
3.2.8.1.4. Operational and Interoperability Impact if Blocked
3.2.8.2. Certification Path Advertisement Message (Type 149)
3.2.8.2.1. Uses
3.2.8.2.2. Message Specification
Defined in [RFC3971].
3.2.8.2.3. Threats
3.2.8.2.4. Operational and Interoperability Impact if Blocked
3.2.9. ICMP messages utilized by experimental mobility protocols such
as Seamoby (Type 150)
3.2.9.1. Uses
3.2.9.2. Message Specification
Defined in [RFC4065].
3.2.9.3. Threats
3.2.9.4. Operational and Interoperability Impact if Blocked
3.2.10. Multicast Router Discovery
3.2.10.1. Multicast Router Advertisement (Type 151)
3.2.10.1.1. Uses
3.2.10.1.2. Message Specification
Defined in [RFC4286].
3.2.10.1.3. Threats
3.2.10.1.4. Operational and Interoperability Impact if Blocked
3.2.10.2. Multicast Router Solicitation (Type 152)
3.2.10.2.1. Uses
3.2.10.2.2. Message Specification
Defined in [RFC4286].
3.2.10.2.3. Threats
3.2.10.2.4. Operational and Interoperability Impact if Blocked
3.2.10.3. Multicast Router Termination (Type 153)
3.2.10.3.1. Uses
3.2.10.3.2. Message Specification
Defined in [RFC4286].
3.2.10.3.3. Threats
3.2.10.3.4. Operational and Interoperability Impact if Blocked
3.2.11. FMIPv6 Messages (Type 154)
3.2.11.1. Uses
3.2.11.2. Message Specification
Defined in [RFC5568].
3.2.11.3. Threats
3.2.11.4. Operational and Interoperability Impact if Blocked
3.2.12. RPL Control Message (Type 155)
3.2.12.1. Uses
3.2.12.2. Message Specification
Defined in [RFC6550].
3.2.12.3. Threats
3.2.12.4. Operational and Interoperability Impact if Blocked
3.2.13. Private experimentation (Type 200)
3.2.13.1. Uses
Used for performing controlled experiments with ICMPv6 messages Used for performing controlled experiments with ICMPv6 messages
before a specific ICMPv6 type is formally assigned by IANA. before a specific ICMPv6 Type is formally assigned by IANA.
3.2.2.2. Message Specification 3.2.13.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.2.2.3. Threats 3.2.13.3. Threats
The security implications of this message type will depend on the The security implications of this message Type will depend on the
specific experiment the message is being used for and whether the specific experiment the message is being used for and whether the
node this message is destined to implements the aforementioned node this message is destined to implements the aforementioned
"experiment". "experiment".
3.2.2.4. Operational and Interoperability Impact if Blocked 3.2.13.4. Operational and Interoperability Impact if Blocked
None (this message type is meant for controlled experimentation None (this message Type is meant for controlled experimentation
rather than "production"). rather than "production").
3.2.3. Private experimentation (Type 201) 3.2.14. Private experimentation (Type 201)
3.2.3.1. Uses 3.2.14.1. Uses
Used for performing controlled experiments with ICMPv6 messages Used for performing controlled experiments with ICMPv6 messages
before a specific ICMPv6 type is formally assigned by IANA. before a specific ICMPv6 Type is formally assigned by IANA.
3.2.3.2. Message Specification 3.2.14.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.2.3.3. Threats 3.2.14.3. Threats
The security implications of this message type will depend on the The security implications of this message Type will depend on the
specific experiment the message is being used for and whether the specific experiment the message is being used for and whether the
node this message is destined to implements the aforementioned node this message is destined to implements the aforementioned
"experiment". "experiment".
3.2.3.4. Operational and Interoperability Impact if Blocked 3.2.14.4. Operational and Interoperability Impact if Blocked
None (this message type is meant for controlled experimentation None (this message Type is meant for controlled experimentation
rather than "production"). rather than "production").
3.2.4. Reserved for expansion of ICMPv6 informational messages (Type 3.2.15. Reserved for expansion of ICMPv6 informational messages (Type
255) 255)
3.2.4.1. Uses 3.2.15.1. Uses
Type value 255 is reserved for future expansion of the type value Type value 255 is reserved for future expansion of the type value
range if there is a shortage in the future. range if there is a shortage in the future.
3.2.4.2. Message Specification 3.2.15.2. Message Specification
Defined in [RFC4443]. Defined in [RFC4443].
3.2.4.3. Threats 3.2.15.3. Threats
None. None.
3.2.4.4. Operational and Interoperability Impact if Blocked 3.2.15.4. Operational and Interoperability Impact if Blocked
It would prevent expansion of the type value range, and hence prevent It would prevent expansion of the Type value range, and hence prevent
extension of the ICMPv6 protocol. extension of the ICMPv6 protocol.
4. IANA Considerations 4. IANA Considerations
This document has no IANA actions. This document has no IANA actions.
5. Security Considerations 5. Security Considerations
This document does not introduce any new security implications. It This document does not introduce any new security implications. It
attempts to help mitigate security threats that rely on ICMP or attempts to help mitigate security threats that rely on ICMP or
skipping to change at page 47, line 27 skipping to change at page 56, line 41
[RFC1812] Baker, F., "Requirements for IP Version 4 Routers", [RFC1812] Baker, F., "Requirements for IP Version 4 Routers",
RFC 1812, June 1995. RFC 1812, June 1995.
[RFC1981] McCann, J., Deering, S., and J. Mogul, "Path MTU Discovery [RFC1981] McCann, J., Deering, S., and J. Mogul, "Path MTU Discovery
for IP version 6", RFC 1981, August 1996. for IP version 6", RFC 1981, August 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast
Listener Discovery (MLD) for IPv6", RFC 2710,
October 1999.
[RFC3122] Conta, A., "Extensions to IPv6 Neighbor Discovery for
Inverse Discovery Specification", RFC 3122, June 2001.
[RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery
Version 2 (MLDv2) for IPv6", RFC 3810, June 2004.
[RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander, "SEcure
Neighbor Discovery (SEND)", RFC 3971, March 2005.
[RFC4065] Kempf, J., "Instructions for Seamoby and Experimental
Mobility Protocol IANA Allocations", RFC 4065, July 2005.
[RFC4286] Haberman, B. and J. Martin, "Multicast Router Discovery",
RFC 4286, December 2005.
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the [RFC4301] Kent, S. and K. Seo, "Security Architecture for the
Internet Protocol", RFC 4301, December 2005. Internet Protocol", RFC 4301, December 2005.
[RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control [RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control
Message Protocol (ICMPv6) for the Internet Protocol Message Protocol (ICMPv6) for the Internet Protocol
Version 6 (IPv6) Specification", RFC 4443, March 2006. Version 6 (IPv6) Specification", RFC 4443, March 2006.
[RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP Congestion [RFC4620] Crawford, M. and B. Haberman, "IPv6 Node Information
Control", RFC 5681, September 2009. Queries", RFC 4620, August 2006.
7.2. Informative References [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
September 2007.
[I-D.ietf-tsvwg-source-quench] [RFC5568] Koodli, R., "Mobile IPv6 Fast Handovers", RFC 5568,
Gont, F., "Deprecation of ICMP Source Quench messages", July 2009.
draft-ietf-tsvwg-source-quench-06 (work in progress),
February 2012. [RFC6275] Perkins, C., Johnson, D., and J. Arkko, "Mobility Support
in IPv6", RFC 6275, July 2011.
[RFC6550] Winter, T., Thubert, P., Brandt, A., Hui, J., Kelsey, R.,
Levis, P., Pister, K., Struik, R., Vasseur, JP., and R.
Alexander, "RPL: IPv6 Routing Protocol for Low-Power and
Lossy Networks", RFC 6550, March 2012.
7.2. Informative References
[RFC5461] Gont, F., "TCP's Reaction to Soft Errors", RFC 5461, [RFC5461] Gont, F., "TCP's Reaction to Soft Errors", RFC 5461,
February 2009. February 2009.
[RFC5927] Gont, F., "ICMP Attacks against TCP", RFC 5927, July 2010. [RFC5927] Gont, F., "ICMP Attacks against TCP", RFC 5927, July 2010.
[RFC6633] Gont, F., "Deprecation of ICMP Source Quench Messages",
RFC 6633, May 2012.
[icmp-scanning] [icmp-scanning]
Arkin, 0., "ICMP Usage in Scanning: The Complete Know- Arkin, 0., "ICMP Usage in Scanning: The Complete Know-
How", http://www.sys-security.com/archive/papers/ How", http://www.sys-security.com/archive/papers/
ICMP_Scanning_v3.0.pdf, 2001. ICMP_Scanning_v3.0.pdf, 2001.
[smurf] CERT, "CERT Advisory CA-1998-01: Smurf IP Denial-of- [smurf] CERT, "CERT Advisory CA-1998-01: Smurf IP Denial-of-
Service Attacks", Service Attacks",
http://www.cert.org/advisories/CA-1998-01.html, 1998. http://www.cert.org/advisories/CA-1998-01.html, 1998.
Authors' Addresses Authors' Addresses
 End of changes. 105 change blocks. 
148 lines changed or deleted 598 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/