RFC 9288

Recommendations on the Filtering of IPv6 Packets Containing IPv6 Extension Headers at Transit Routers, August 2022

File formats:

icon for HTML icon for text file icon for v3pdf icon for XML
Status:
INFORMATIONAL
Authors:
F. Gont
W. Liu
Stream:
IETF
Source:
opsec (ops)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC9288

Discuss this RFC: Send questions or comments to opsec@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9288


Abstract

This document analyzes the security implications of IPv6 Extension Headers and associated IPv6 options. Additionally, it discusses the operational and interoperability implications of discarding packets based on the IPv6 Extension Headers and IPv6 options they contain. Finally, it provides advice on the filtering of such IPv6 packets at transit routers for traffic not directed to them, for those cases where such filtering is deemed as necessary.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.




Advanced Search