[ipv6hackers] Fwd: RFC 9288 on Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers

2 views
Skip to first unread message

Fernando Gont

unread,
Aug 18, 2022, 11:00:20 PMAug 18
to ipv6h...@lists.si6networks.com
Hi,

FYI. RFC 9288, "Recommendations on the Filtering of IPv6 Packets
Containing IPv6 Extension Headers at Transit Routers" (available at:
https://www.rfc-editor.org/rfc/rfc9288)

FWIW, IMO most of the value is in the analysis of what
protocols/features use what EHs, and what would break (if anything) if
packets with EHs are dropped.

These other two are useful for context:

* RFC 9098, "Operational Implications of IPv6 Packets with Extension
Headers" (https://www.rfc-editor.org/rfc/rfc9098.html)

* RFC 7872, "Observations on the Dropping of Packets with IPv6 Extension
Headers in the Real World (https://www.rfc-editor.org/rfc/rfc7872.html).

Thanks!

Cheers,
Fernando




-------- Forwarded Message --------
Subject: RFC 9288 on Recommendations on the Filtering of IPv6 Packets
Containing IPv6 Extension Headers at Transit Routers
Date: Thu, 18 Aug 2022 16:21:47 -0700 (PDT)
From: rfc-e...@rfc-editor.org
To: ietf-a...@ietf.org, rfc-...@rfc-editor.org
CC: rfc-e...@rfc-editor.org, drafts-u...@iana.org, op...@ietf.org

A new Request for Comments is now available in online RFC libraries.

RFC 9288

Title: Recommendations on the Filtering of IPv6
Packets Containing IPv6 Extension Headers at Transit Routers Author:
F. Gont,
W. Liu
Status: Informational
Stream: IETF
Date: August 2022
Mailbox: fg...@si6networks.com,
liush...@huawei.com
Pages: 33
Updates/Obsoletes/SeeAlso: None

I-D Tag: draft-ietf-opsec-ipv6-eh-filtering-10.txt

URL: https://www.rfc-editor.org/info/rfc9288

DOI: 10.17487/RFC9288

This document analyzes the security implications of IPv6 Extension
Headers and associated IPv6 options. Additionally, it discusses the
operational and interoperability implications of discarding packets
based on the IPv6 Extension Headers and IPv6 options they contain.
Finally, it provides advice on the filtering of such IPv6 packets at
transit routers for traffic not directed to them, for those cases
where such filtering is deemed as necessary.

This document is a product of the Operational Security Capabilities for
IP Network Infrastructure Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
https://www.ietf.org/mailman/listinfo/ietf-announce
https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-e...@rfc-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

_______________________________________________
IETF-Announce mailing list
IETF-A...@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce
_______________________________________________
Ipv6hackers mailing list
Ipv6h...@lists.si6networks.com
https://lists.si6networks.com/mailman/listinfo/ipv6hackers
Reply all
Reply to author
Forward
0 new messages