RFC 7359

Layer 3 Virtual Private Network (VPN) Tunnel Traffic Leakages in Dual-Stack Hosts/Networks, August 2014

Canonical URL:
https://www.rfc-editor.org/rfc/rfc7359.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Author:
F. Gont
Stream:
IETF
Source:
opsec (ops)

Cite this RFC: TXT  |  XML

DOI:  http://dx.doi.org/10.17487/RFC7359

Discuss this RFC: Send questions or comments to opsec@ietf.org

Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

The subtle way in which the IPv6 and IPv4 protocols coexist in typical networks, together with the lack of proper IPv6 support in popular Virtual Private Network (VPN) tunnel products, may inadvertently result in VPN tunnel traffic leakages. That is, traffic meant to be transferred over an encrypted and integrity- protected VPN tunnel may leak out of such a tunnel and be sent in the clear on the local network towards the final destination. This document discusses some scenarios in which such VPN tunnel traffic leakages may occur as a result of employing IPv6-unaware VPN software. Additionally, this document offers possible mitigations for this issue.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×