IETF Logo Mail Archive

Re: IPv6 Type 0 Routing Header issues

"George V. Neville-Neil" <gnn@neville-neil.com> Wed, 25 April 2007 02:22 UTC

Return-path: <ipv6-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HgX91-0002Qp-UO; Tue, 24 Apr 2007 22:22:11 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HgX90-0002QR-F2 for ipv6@ietf.org; Tue, 24 Apr 2007 22:22:10 -0400
Received: from mrout3.yahoo.com ([216.145.54.173]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HgX8z-0001Tf-3s for ipv6@ietf.org; Tue, 24 Apr 2007 22:22:10 -0400
Received: from minion.local.neville-neil.com (proxy8.corp.yahoo.com [216.145.48.13]) by mrout3.yahoo.com (8.13.6/8.13.6/y.out) with ESMTP id l3P2Lc0S077949; Tue, 24 Apr 2007 19:21:38 -0700 (PDT)
Date: Wed, 25 Apr 2007 10:49:25 +0900
Message-ID: <m2mz0xp6je.wl%gnn@neville-neil.com>
From: "George V. Neville-Neil" <gnn@neville-neil.com>
To: Jari Arkko <jari.arkko@piuha.net>
In-Reply-To: <462E7AB4.3050807@piuha.net>
References: <462D4706.4000504@spaghetti.zurich.ibm.com> <462E7AB4.3050807@piuha.net>
User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (Shijō) APEL/10.7 Emacs/22.0.95 (i386-apple-darwin8.8.2) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
X-Spam-Score: 0.1 (/)
X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb
Cc: v6ops@ops.ietf.org, ipv6@ietf.org, IPv6 Ops list <ipv6-ops@lists.cluenet.de>
Subject: Re: IPv6 Type 0 Routing Header issues
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "IP Version 6 Working Group \(ipv6\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Errors-To: ipv6-bounces@ietf.org

At Wed, 25 Apr 2007 00:46:28 +0300,
Jari Arkko wrote:
> 
> 
> > Just in case folks are missing out on this, find below a rather nasty
> > security issue.
> >   
> 
> I cannot say that this is a big surprise, even if the specific attack
> is news to me and it has a major impact. Some issues with Type 0
> have been known for years; I think draft-savola-ipv6-rh-ha was the
> first to report these. RFC 4294 warns of the issues and RFC 3775
> design was based on the idea of avoiding Type 0 because it
> was felt that at some point Type 0 would likely be filtered due
> to its problems. Also, draft-ietf-v6ops-security-overview was recently
> approved. It notes, among other things that "it may be desirable
> to forbid or limit the processing of Type 0 Routing Headers
> in hosts and some routers."
> 
> So I think we should take that advice and modify the stacks that
> do not do the right thing today. A good first approximation is
> to add a configuration knob for processing Type 0 headers
> in both hosts and routers, with default set to off. Better
> firewall support for doing this would also be needed (without
> disabling use of Type 2, of course).
> 

FreeBSD has already committed patches disabling the processing of
route header option 0 by default in all 3 of the currently shipping
branches (HEAD, 6-STABLE and 5-STABLE).

> But we at the IETF also need to draw a conclusion about the
> state of Type 0. This feature needs to be retired.

The sooner that decision is made the better.  Those of us working on
the stacks would like to remove this processing if the feature is
retired.

Best,
George Neville-Neil
(FreeBSD Security Team and Core Member)

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email