Internet-Draft | draft-mcbride-v6ops-eh-use-cases-00 | July 2023 |
McBride, et al. | Expires 7 January 2024 | [Page] |
This document outlines IPv6 extension header use cases including those intended to be deployed in limited domains and those intended for the global Internet. We specify use cases are deployed today and those which may be of use in the future. The hope is that through understanding these various extension header use cases, we can then better understand how best to implement any necessary limits on their use.¶
This note is to be removed before publishing as an RFC.¶
Status information for this document may be found at https://datatracker.ietf.org/doc/draft-mcbride-v6ops-eh-use-cases/.¶
Discussion of this document takes place on the IPv6 Operations Working Group mailing list (mailto:[email protected]), which is archived at https://mailarchive.ietf.org/arch/browse/v6ops/. Subscribe at https://www.ietf.org/mailman/listinfo/v6ops/.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 7 January 2024.¶
Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Extension headers have been specified since original 1995 IPv6 Specification [RFC2460] and maintained in the more recently updated [RFC8200]. In the nearly 30 years since extension headers were specified, there have been many documents which have specified how to limit, block and deprecate their use. What we haven't had is a document to show how extension headers are being deployed nor how related innovations are being proposed. This document outlines IPv6 extension header use cases including those intended to be deployed in limited domains and those deployed across the Internet. By understanding these various use cases we can better understand how best to improve upon, and perhaps limit, extension header deployment.¶
EH: IPv6 Extension Header¶
Hop-by-Hop Optioners Header: Used to carry optional information intended for every node along the path.¶
Routing Header: Used to list one or more nodes to be visited on the way to a packet's destination.¶
Fragment Header: Used to send a packet larger than would fit in the path MTU to its destination.¶
Encapsulating Security Payload: The Encapsulating Security Payload (ESP) extension header provides confidentiality, integrity, and authentication for IPv6 packets.¶
Authentication Header: The IPv6 Authentication Header (AH) extension provides data integrity, authentication, and anti-replay protection for IPv6 packets.¶
Destination Options Header: Used to carry optional information for destination nodes.¶
Mobility Header: The Mobility Header enables mobility support for network nodes in IPv6 networks.¶
Host Identity Protocol: The Host Identity Protocol (HIP) provides a cryptographic identity-based solution for secure communication and mobility management in IPv6 networks.¶
Shim6 Protocol: The Shim6 IPv6 extension header enables multihoming by providing source and destination address selection for efficient routing.¶
Single Administrative Domain: The EH is limited to one administrative domain.¶
Limited Domain: The EH is limited to a group of administrative domains.¶
Unlimited Domain: The EH is not limited to any group of domains.¶
Protocol Description Reference Number 0 IPv6 Hop-by-Hop Option [RFC8200] 43 Routing Header for IPv6 [RFC8200][RFC5095] 44 Fragment Header for IPv6 [RFC8200] 50 Encapsulating Security Payload [RFC4303] 51 Authentication Header [RFC4302] 60 Destination Options for IPv6 [RFC8200] 135 Mobility Header [RFC6275] 139 Host Identity Protocol [RFC7401] 140 Shim6 Protocol [RFC5533] 253 Use for experimentation and testing [RFC3692][RFC4727] 254 Use for experimentation and testing [RFC3692][RFC4727]¶
In this section we list and describe, several extension header use cases. We will specify if the use case is intended for a limited domain and the status of its deployment. We further categorize the EH into a category. The categories are the following:¶
Quality of Service Network Security Network Management Application Specific Internet of Things Content Delivery Networks Routing¶
Another crucial aspect in characterizing extension header usage is to determine whether the EH is intended for a single administrative domain, a limited domain, or an unlimited domain.¶
Furthermore, it is important to consider the potential consequences if
the EH is modified, which could be a result of transmission errors or
intentional alterations. It is also necessary to assess whether the EH
contains private data that, if exposed, could lead to a data leak.
This evaluation may prompt a deeper discussion on the additional
safeguards that should be implemented, such as incorporating a checksum,
a signature, or encryption mechanisms for the EH.¶
The following is the list of Destination Options and Hop-by-Hop Options which have an option number at IANA. Note, we will describe use cases, if any, for options which do not have an option number at IANA.¶
[ToBeDone: Separate these into Destination Options and Hop-by-hop options]¶
Hex Value Description RFC Number 0x00 Pad1 [RFC2460] 0x01 PadN [RFC2460] 0xC2 Jumbo Payload [RFC2675] 0x23 RPL Option [RFC9008] 0x63 RPL Option (DEPRECATED) [RFC6553] 0x04 Tunnel Encapsulation Limit [RFC2473] 0x05 Router Alert [RFC2711] 0x26 Quick-Start [RFC4782] 0x07 CALIPSO [RFC5570] 0x08 SMF_DPD [RFC6621] 0xC9 Home Address [RFC6275] 0x8A Endpoint Identification (DEPRECATED) [[CHARLES LYNN]] 0x8B ILNP Nonce [RFC6744] 0x8C Line-Identification Option [RFC6788] 0x4D Deprecated [RFC7731] 0x6D MPL Option [RFC7731] 0xEE IP_DFF [RFC6971] 0x0F Performance and Diagnostic Metrics (PDM) [RFC8250] 0x30 Minimum Path MTU Hop-by-Hop Option [RFC9268] 0x11 IOAM Destination Option and IOAM Hop-by-Hop Option [RFC-ietf-ippm-ioam-ipv6-options-12] 0x31 IOAM Destination Option and IOAM Hop-by-Hop Option [RFC-ietf-ippm-ioam-ipv6-options-12] 0x12 AltMark [RFC9343] 10011-11101 Unassigned 0x1E RFC3692-style Experiment [RFC4727] 0x3E RFC3692-style Experiment [RFC4727] 0x5E RFC3692-style Experiment [RFC4727] 0x7E RFC3692-style Experiment [RFC4727] 0x9E RFC3692-style Experiment [RFC4727] 0xBE RFC3692-style Experiment [RFC4727] 0xDE RFC3692-style Experiment [RFC4727] 0xFE RFC3692-style Experiment [RFC4727]¶
The following is the list of Routing Types which are defined at IANA. Note, we will describe use cases, if any, for options which do not have an option number at IANA.¶
Value Description Reference -------------------------------------------------- 0 Source Route (DEPRECATED) [RFC2460][RFC5095] 1 Nimrod (DEPRECATED 2009-05-06) 2 Type 2 Routing Header [RFC6275] 3 RPL Source Route Header [RFC6554] 4 Segment Routing Header (SRH) [RFC8754] 5 CRH-16 (TEMPORARY) [draft-bonica-6man-comp -rtg-hdr-30] 6 CRH-32 (TEMPORARY [draft-bonica-6man-comp -rtg-hdr-30] 7-252 Unassigned 253 RFC3692-style Experiment 1 [RFC4727] 254 RFC3692-style Experiment 2 [RFC4727] 255 Reserved¶
Segment Routing Header TLVs¶
Value Description Reference -------------------------------------------------- 0 Pad1 TLV [RFC8754] 1 Reserved [RFC8754] 2 Reserved [RFC8754] 3 Reserved [RFC8754] 4 PadN TLV [RFC8754] 5 HMAC TLV [RFC8754] 6 Reserved [RFC8754] 7-123 Unassigned 124-126 Experimentation and Test [RFC8754] 127 Reserved [RFC8754] 128-251 Unassigned 252-254 Experimentation and Test [RFC8754] 255 Reserved [RFC8754]¶
RFC 8250 specifies the Performance and Diagnostic Metrics (PDM) Destination Options header, which is used to measure the performance of IPv6 networks. The PDM header contains sequence numbers and timing information that can be used to calculate metrics such as round-trip delay and server delay.¶
The PDM header is embedded in each packet, and the information it contains is combined with the 5-tuple (source IP address, source port, destination IP address, destination port, and upper-layer protocol) to calculate the metrics. The PDM header also includes fields for storing time scaling factors, which can be used to adjust the measurements for different network conditions.¶
The PDM header can be used to assess performance problems in real time or after the fact. The measurements can be used to troubleshoot network problems, identify bottlenecks, and optimize network performance.¶
Segment Routing (SR) can be applied to the IPv6 data plane using a routing header called the Segment Routing Header (SRH). [RFC8754] specifies the encoding of IPv6 segments in an SRH. SRv6 uses this IPv6 Routing Extension Header to forward IPv6 packets using the source routing model. It implements hop-by-hop forwarding by adding a Segment Routing header (SRH) into IPv6 packets, encapsulating an explicit IPv6 address stack into the SRH, and continuously updating IPv6 destination addresses while offsetting the address stack on transit nodes. According to [I-D.matsushima-spring-srv6-deployment-status], there have been over 10 announced deployments of an SRH based data plane and over 20 additional deployments without public announcements.¶
[RFC6275] specifies Mobile IPv6, a protocol that allows nodes to remain reachable while moving around in the IPv6 Internet.The Mobility Header is an extension header used by mobile nodes, correspondent nodes, and home agents in all messaging related to the creation and management of mobile bindings. The Mobility Header is identified by a Next Header value of 135.¶
Multicast Listener Discovery (MLD) is used today by IPv6 routers for discovering multicast listeners on a directly attached link, much like Internet Group Management Protocol (IGMP) is used in IPv4. MLD uses ICMPv6 (IP Protocol 58) message types, rather than IGMP (IP Protocol 2) message types. MLD messages are identified in IPv6 packets by a preceding Next Header value of 58. MLD messages are sent with an IPv6 Router Alert option in a Hop-by-Hop Options header as defined in RFC 2710.¶
There's a potential deployment of using a bitstring (such as used in BIER) as part of the IPv6 data plane using an EH.¶
|<<-----(BIER-based multicast overlay)----->>| | | |<----------(L3 BIER(P2MP) tunnel)---------->| | | | SEP SEP SEP SEP | | +******************+ +****+ | | / \ / \ | +------+ +-------+ +-----+ +------+ | BFIR |-------|Non-BFR|-------| BFR |--------| BFER | +------+ +-------+ +-----+ +------+ ------- L2 link ******* IPv6(P2P) segment (SEP = Segment EndPoint) <-----> BIER(P2MP) tunnel¶
In this deployment, BIER works as part of the IPv6 data plane. The BFIR and BFERs work as IPv6 (P2MP) tunnel endpoints, and BFRs work as IPv6 segment endpoints. The BIER header is processed on each segment endpoint and there is no decapsulation, or re-encapsulation, on the segment endpoints.¶
This deployment typically needs an IPv6 extension header to carry the BIER header and processing of the BIER header (e.g., the bitstring) will be implemented as part of the IPv6 extension header processing. The IPv6 source address is the BIER packet source-origin identifier, and is unchanged through the BIER domain from BFIR to BFERs.¶
None.¶
None.¶
None.¶
Thanks to Dr. Tommaso Pecorella and Dhruv Dhody for their comments.¶
Note to RFC Editor: if this document does not obsolete an existing RFC, please remove this appendix before publication as an RFC¶
Note to RFC Editor: please remove this appendix before publication as an RFC¶