RFC Errata
Found 1 record.
Status: Verified (1)
RFC 5722, "Handling of Overlapping IPv6 Fragments", December 2009
Note: This RFC has been updated by RFC 6946
Source of RFC: 6man (int)
Errata ID: 3089
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Simon Perreault
Date Reported: 2012-01-13
Verifier Name: Brian Haberman
Date Verified: 2012-06-01
Section 4 says:
IPv6 nodes transmitting datagrams that need to be fragmented MUST NOT create overlapping fragments. When reassembling an IPv6 datagram, if one or more its constituent fragments is determined to be an overlapping fragment, the entire datagram (and any constituent fragments, including those not yet received) MUST be silently discarded.
It should say:
IPv6 nodes transmitting datagrams that need to be fragmented MUST NOT create overlapping fragments. When reassembling an IPv6 datagram, if one or more its constituent fragments is determined to be an overlapping fragment, the entire datagram (and any constituent fragments) MUST be silently discarded.
Notes:
Discarding fragments "including those not yet received" is not implementable. You'd have to keep state about the (source, destination, protocol, id) 4-tuple for MSL (120 seconds). If you do this you create two bugs:
- A new attack vector: an attacker could eat your resources. And if you just limit the number of such state entries then you fail to implement RFC 5722 correctly.
- It breaks at fairly low speeds. See draft-ietf-intarea-ipv4-id-update.
The proposal is simply to remove the "including those not yet received" bit. Normal host stacks do not keep state once a fragment has been reassembled. You reassemble the full packet and clear the fragment table. So this corrected text would align the RFC with actual practice.
This errata report results from an implementation attempt by OpenBSD.