Wrongful Termination of Internet Protocol (IP) Packets
RFC 8367

Document Type RFC - Informational (April 2018; No errata)
Last updated 2018-04-01
Stream ISE
Formats plain text pdf html bibtex
Stream ISE state (None)
Consensus Boilerplate Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 8367 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
Independent Submission                                        T. Mizrahi
Request for Comments: 8367                                       Marvell
Category: Informational                                       J. Yallouz
ISSN: 2070-1721                                                    Intel
                                                            1 April 2018

         Wrongful Termination of Internet Protocol (IP) Packets

Abstract

   Routers and middleboxes terminate packets for various reasons.  In
   some cases, these packets are wrongfully terminated.  This memo
   describes some of the most common scenarios of wrongful termination
   of Internet Protocol (IP) packets and presents recommendations for
   mitigating them.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not candidates for any level of Internet Standard;
   see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8367.

Copyright Notice

   Copyright (c) 2018 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Mizrahi & Yallouz             Informational                     [Page 1]
RFC 8367           Wrongful Termination of IP Packets       1 April 2018

Table of Contents

   1. Introduction ................................................... 2
   2. Abbreviations .................................................. 2
   3. Wrongful Termination Scenarios ................................. 3
      3.1. Color-Based Termination ................................... 3
      3.2. Age-Based Termination ..................................... 3
      3.3. Origin-Based Termination .................................. 4
      3.4. Length-Based Termination .................................. 4
      3.5. IP-Version-Based Termination .............................. 5
      3.6. Flag-Based Termination .................................... 5
   4. Security Considerations ........................................ 5
   5. IANA Considerations ............................................ 5
   6. Conclusion ..................................................... 6
   7. References ..................................................... 6
      7.1. Normative References ...................................... 6
      7.2. Informative References .................................... 6
   Authors' Addresses ................................................ 6

1.  Introduction

   IP packets are often terminated by network devices.  In some cases,
   control-plane packets are terminated and processed by the local
   device, while in other cases packets are terminated (discarded) due
   to a packet filtering mechanism.  Packet filtering is widely employed
   in network devices for sanity checking, policy enforcement, and
   security.  IP routers and middleboxes, such as firewalls, often
   terminate packets that do not comply with a predefined policy.
   Unfortunately, some filtering policies cause false positive or
   unnecessary packet termination.  Moreover, these wrongful
   terminations are sometimes biased and discriminate against packets
   based on their color, age, origin, length, or IP version.

   This memo discusses some of the most common scenarios of wrongful
   termination of IP packets and presents recommendations for preventing
   such discrimination.

2.  Abbreviations

   IP    Internet Protocol

   TTL   Time To Live

   OAM   Operations, Administration, and Maintenance

Mizrahi & Yallouz             Informational                     [Page 2]
RFC 8367           Wrongful Termination of IP Packets       1 April 2018

3.  Wrongful Termination Scenarios

3.1.  Color-Based Termination

   Synopsis

      IP packets are terminated due to their color.

   Description

      Routers often employ metering mechanisms [RFC4115].  These
      mechanisms often support a color-aware mode, in which the packet's
      color (green, yellow, or red) is used as a criterion in the
      metering algorithm.  This mode has been known to prefer green
      packets over red and yellow packets.

   Recommendation

      Use of color-blind metering is recommended, as it allows equal
      opportunity for packets of different colors.
Show full document text