| draft-ietf-v6ops-ipv6-discard-prefix-03.txt | draft-ietf-v6ops-ipv6-discard-prefix-04.txt | |||
|---|---|---|---|---|
| v6ops Working Group N. Hilliard | v6ops Working Group N. Hilliard | |||
| Internet-Draft INEX | Internet-Draft INEX | |||
| Updates: 5156 (if approved) March 28, 2012 | Updates: 5156 (if approved) D. Freedman | |||
| Intended status: Informational | Intended status: Informational Claranet | |||
| Expires: September 29, 2012 | Expires: November 23, 2012 May 22, 2012 | |||
| A Discard Prefix for IPv6 | A Discard Prefix for IPv6 | |||
| draft-ietf-v6ops-ipv6-discard-prefix-03 | draft-ietf-v6ops-ipv6-discard-prefix-04 | |||
| Abstract | Abstract | |||
| Remote triggered black hole filtering describes a method of | Remote triggered black hole filtering describes a method of | |||
| mitigating the effects of denial-of-service attacks by selectively | mitigating the effects of denial-of-service attacks by selectively | |||
| discarding traffic based on source or destination address. Remote | discarding traffic based on source or destination address. Remote | |||
| triggered black hole routing describes a method of selectively re- | triggered black hole routing describes a method of selectively re- | |||
| routing traffic into a sinkhole router (for further analysis) based | routing traffic into a sinkhole router (for further analysis) based | |||
| on destination address. This document updates RFC5156 by explaining | on destination address. This document updates RFC5156 by explaining | |||
| why a unique IPv6 prefix should be formally assigned by IANA for the | why a unique IPv6 prefix should be formally assigned by IANA for the | |||
| skipping to change at page 1, line 39 | skipping to change at page 1, line 39 | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 29, 2012. | This Internet-Draft will expire on November 23, 2012. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2012 IETF Trust and the persons identified as the | Copyright (c) 2012 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 21 | skipping to change at page 2, line 21 | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.1. Notational Conventions . . . . . . . . . . . . . . . . . . 3 | 1.1. Notational Conventions . . . . . . . . . . . . . . . . . . 3 | |||
| 2. A Discard Prefix for IPv6 . . . . . . . . . . . . . . . . . . . 3 | 2. A Discard Prefix for IPv6 . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Operational Implications . . . . . . . . . . . . . . . . . . . 4 | 3. Operational Implications . . . . . . . . . . . . . . . . . . . 4 | |||
| 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4 | 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 4 | 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 4 | |||
| 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 6. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 6.1. Normative References . . . . . . . . . . . . . . . . . . . 5 | 6.1. Normative References . . . . . . . . . . . . . . . . . . . 5 | |||
| 6.2. Informative References . . . . . . . . . . . . . . . . . . 5 | 6.2. Informative References . . . . . . . . . . . . . . . . . . 5 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 5 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 1. Introduction | 1. Introduction | |||
| Remote triggered black hole (RTBH) filtering describes a class of | Remote triggered black hole (RTBH) filtering describes a class of | |||
| methods of blocking IP traffic either from a specific source | methods of blocking IP traffic either from a specific source | |||
| ([RFC5635]) or to a specific destination ([RFC3882]) on a network. | ([RFC5635]) or to a specific destination ([RFC3882]) on a network. | |||
| RTBH routing describes a class of methods of re-routing IP traffic | RTBH routing describes a class of methods of re-routing IP traffic | |||
| destined to the attacked/targeted host to a special path (tunnel) | destined to the attacked/targeted host to a special path (tunnel) | |||
| where a sniffer could capture the traffic for analysis. Both these | where a sniffer could capture the traffic for analysis. Both these | |||
| methods operate by setting the next-hop address of an IP packet with | methods operate by setting the next-hop address of an IP packet with | |||
| skipping to change at page 5, line 4 | skipping to change at page 5, line 4 | |||
| This document directs IANA to record the allocation of the IPv6 | This document directs IANA to record the allocation of the IPv6 | |||
| address prefix xxxx/64 as a discard-only prefix in the IPv6 Address | address prefix xxxx/64 as a discard-only prefix in the IPv6 Address | |||
| Space registry. No end party is to be assigned this prefix. The | Space registry. No end party is to be assigned this prefix. The | |||
| prefix should be allocated from ::/3. | prefix should be allocated from ::/3. | |||
| 5. Security Considerations | 5. Security Considerations | |||
| As the prefix specified in this document ought not normally be | As the prefix specified in this document ought not normally be | |||
| transmitted or accepted over inter-domain BGP sessions for the | transmitted or accepted over inter-domain BGP sessions for the | |||
| reasons described in Section 3, it is usually appropriate to include | reasons described in Section 3, it is usually appropriate to include | |||
| this prefix in inter-domain BGP prefix filters [RFC3704]. | this prefix in inter-domain BGP prefix filters [RFC3704] or otherwise | |||
| ensure the prefix is neither transmitted to or accepted from a third | ||||
| party autonomous system. | ||||
| 6. References | 6. References | |||
| 6.1. Normative References | 6.1. Normative References | |||
| [RFC3882] Turk, D., "Configuring BGP to Block Denial-of-Service | [RFC3882] Turk, D., "Configuring BGP to Block Denial-of-Service | |||
| Attacks", RFC 3882, September 2004. | Attacks", RFC 3882, September 2004. | |||
| [RFC5156] Blanchet, M., "Special-Use IPv6 Addresses", RFC 5156, | [RFC5156] Blanchet, M., "Special-Use IPv6 Addresses", RFC 5156, | |||
| April 2008. | April 2008. | |||
| skipping to change at page 6, line 5 | skipping to change at page 6, line 5 | |||
| [RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix | [RFC3849] Huston, G., Lord, A., and P. Smith, "IPv6 Address Prefix | |||
| Reserved for Documentation", RFC 3849, July 2004. | Reserved for Documentation", RFC 3849, July 2004. | |||
| [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an | [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an | |||
| IANA Considerations Section in RFCs", BCP 26, RFC 5226, | IANA Considerations Section in RFCs", BCP 26, RFC 5226, | |||
| May 2008. | May 2008. | |||
| [RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks | [RFC5737] Arkko, J., Cotton, M., and L. Vegoda, "IPv4 Address Blocks | |||
| Reserved for Documentation", RFC 5737, January 2010. | Reserved for Documentation", RFC 5737, January 2010. | |||
| Author's Address | Authors' Addresses | |||
| Nick Hilliard | Nick Hilliard | |||
| INEX | INEX | |||
| 4027 Kingswood Road | 4027 Kingswood Road | |||
| Dublin 24 | Dublin 24 | |||
| IE | IE | |||
| Email: nick@inex.ie | Email: nick@inex.ie | |||
| David Freedman | ||||
| Claranet | ||||
| 21 Southampton Row, Holborn | ||||
| London WC1B 5HA | ||||
| UK | ||||
| Email: david.freedman@uk.clara.net | ||||
| End of changes. 7 change blocks. | ||||
| 8 lines changed or deleted | 10 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||