[rfc-dist] RFC 7113 on Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard)

rfc-editor at rfc-editor.org rfc-editor at rfc-editor.org
Tue Feb 11 13:55:26 PST 2014


A new Request for Comments is now available in online RFC libraries.

        
        RFC 7113

        Title:      Implementation Advice for IPv6 Router 
                    Advertisement Guard (RA-Guard) 
        Author:     F. Gont
        Status:     Informational
        Stream:     IETF
        Date:       February 2014
        Mailbox:    fgont at si6networks.com
        Pages:      13
        Characters: 29272
        Updates:    RFC 6105

        I-D Tag:    draft-ietf-v6ops-ra-guard-implementation-07.txt

        URL:        http://www.rfc-editor.org/rfc/rfc7113.txt

The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly
employed to mitigate attack vectors based on forged ICMPv6 Router
Advertisement messages.  Many existing IPv6 deployments rely on
RA-Guard as the first line of defense against the aforementioned attack
vectors.  However, some implementations of RA-Guard have been found
to be prone to circumvention by employing IPv6 Extension Headers.
This document describes the evasion techniques that affect the
aforementioned implementations and formally updates RFC 6105, such
that the aforementioned RA-Guard evasion vectors are eliminated.

This document is a product of the IPv6 Operations Working Group of the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  http://www.ietf.org/mailman/listinfo/ietf-announce
  http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see http://www.rfc-editor.org/search/rfc_search.php
For downloading RFCs, see http://www.rfc-editor.org/rfc.html

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor at rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC




More information about the rfc-dist mailing list