[v6ops] RFC 7113 on Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard)
rfc-editor@rfc-editor.org Tue, 11 February 2014 21:55 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8E0161A0770; Tue, 11 Feb 2014 13:55:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.45
X-Spam-Level:
X-Spam-Status: No, score=-2.45 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.548, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aT-sM4uZ0NCg; Tue, 11 Feb 2014 13:55:36 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2607:f170:8000:1500::d3]) by ietfa.amsl.com (Postfix) with ESMTP id 91B501A076E; Tue, 11 Feb 2014 13:55:36 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 1C5D47FC399; Tue, 11 Feb 2014 13:55:26 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
From: rfc-editor@rfc-editor.org
Message-Id: <20140211215531.1C5D47FC399@rfc-editor.org>
Date: Tue, 11 Feb 2014 13:55:26 -0800
Cc: drafts-update-ref@iana.org, v6ops@ietf.org, rfc-editor@rfc-editor.org
Subject: [v6ops] RFC 7113 on Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Feb 2014 21:55:38 -0000
A new Request for Comments is now available in online RFC libraries.
RFC 7113
Title: Implementation Advice for IPv6 Router
Advertisement Guard (RA-Guard)
Author: F. Gont
Status: Informational
Stream: IETF
Date: February 2014
Mailbox: fgont@si6networks.com
Pages: 13
Characters: 29272
Updates: RFC 6105
I-D Tag: draft-ietf-v6ops-ra-guard-implementation-07.txt
URL: http://www.rfc-editor.org/rfc/rfc7113.txt
The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly
employed to mitigate attack vectors based on forged ICMPv6 Router
Advertisement messages. Many existing IPv6 deployments rely on
RA-Guard as the first line of defense against the aforementioned attack
vectors. However, some implementations of RA-Guard have been found
to be prone to circumvention by employing IPv6 Extension Headers.
This document describes the evasion techniques that affect the
aforementioned implementations and formally updates RFC 6105, such
that the aforementioned RA-Guard evasion vectors are eliminated.
This document is a product of the IPv6 Operations Working Group of the IETF.
INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
http://www.ietf.org/mailman/listinfo/ietf-announce
http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
For searching the RFC series, see http://www.rfc-editor.org/search/rfc_search.php
For downloading RFCs, see http://www.rfc-editor.org/rfc.html
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC