Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Extensible Provisioning Protocol (EPP) Host Mapping
RFC 5732 part of STD 69

Document	Type	RFC - Internet Standard (August 2009) Obsoletes RFC 4932 Was draft-hollenbeck-rfc4932bis (individual in app area)
	Author	Scott Hollenbeck
	Last updated	2015-10-14
	RFC stream	Internet Engineering Task Force (IETF)
	Formats	txt html pdf htmlized bibtex
IESG	Responsible AD	Alexey Melnikov
	Send notices to	(None)

Email authors IPR References Referenced by Search Lists

RFC 5732

Internet Engineering Task Force (IETF) L. Eggert
Request for Comments: 8085 NetApp
BCP: 145 G. Fairhurst
Obsoletes: 5405 University of Aberdeen
Category: Best Current Practice G. Shepherd
ISSN: 2070-1721 Cisco Systems
March 2017

UDP Usage Guidelines

Abstract

The User Datagram Protocol (UDP) provides a minimal message-passing
transport that has no inherent congestion control mechanisms. This
document provides guidelines on the use of UDP for the designers of
applications, tunnels, and other protocols that use UDP. Congestion
control guidelines are a primary focus, but the document also
provides guidance on other topics, including message sizes,
reliability, checksums, middlebox traversal, the use of Explicit
Congestion Notification (ECN), Differentiated Services Code Points
(DSCPs), and ports.

Because congestion control is critical to the stable operation of the
Internet, applications and other protocols that choose to use UDP as
an Internet transport must employ mechanisms to prevent congestion
collapse and to establish some degree of fairness with concurrent
traffic. They may also need to implement additional mechanisms,
depending on how they use UDP.

Some guidance is also applicable to the design of other protocols
(e.g., protocols layered directly on IP or via IP-based tunnels),
especially when these protocols do not themselves provide congestion
control.

This document obsoletes RFC 5405 and adds guidelines for multicast
UDP usage.

Eggert, et al. Best Current Practice [Page 1]
RFC 8085 UDP Usage Guidelines March 2017Hollenbeck Standards Track [Page 22]
RFC 5732 EPP Host Mapping August 2009

<complexType name="creDataType">
<sequence>
<element name="name" type="eppcom:labelType"/>
<element name="crDate" type="dateTime"/>
</sequence>
</complexType>

<complexType name="infDataType">
<sequence>
<element name="name" type="eppcom:labelType"/>
<element name="roid" type="eppcom:roidType"/>
<element name="status" type="host:statusType"
maxOccurs="7"/>
<element name="addr" type="host:addrType"
minOccurs="0" maxOccurs="unbounded"/>
<element name="clID" type="eppcom:clIDType"/>
<element name="crID" type="eppcom:clIDType"/>
<element name="crDate" type="dateTime"/>
<element name="upID" type="eppcom:clIDType"

Hollenbeck Standards Track [Page 23]
RFC 5732 EPP Host Mapping August 2009

minOccurs="0"/>
<element name="upDate" type="dateTime"
minOccurs="0"/>
<element name="trDate" type="dateTime"
minOccurs="0&

Status of This Memo

This memo documents an Internet Best Current Practice.

This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Further information on
BCPs is available in Section 2 of RFC 7841.

Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc8085.

This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.

Eggert, et al. Best Current Practice [Page 2]
RFC 8085 UDP Usage Guidelines March 2017

Table of Contents

1. Introduction ....................................................3
2. Terminology .....................................................5
3. UDP Usage Guidelines ............................................5
3.1. Congestion Control Guidelines ..............................6
3.2. Message Size Guidelines ...................................19
3.3. Reliability Guidelines ....................................21
3.4. Checksum Guidelines .......................................22
3.5. Middlebox Traversal Guidelines ............................25
3.6. Limited Applicability and Controlled Environments .........27
4. Multicast UDP Usage Guidelines .................................28
4.1. Multicast Congestion Control Guidelines ...................30
4.2. Message Size Guidelines for Multicast .....................32
5. Programming Guidelines .........................................32
5.1. Using UDP Ports ...........................................34
5.2. ICMP Guidelines ...........................................37
6. Security Considerations ........................................38
7. Summary ........................................................40
8. References .....................................................42
8.1. Normative References ......................................42
8.2. Informative References ....................................43
Appendix A. .......................................................53
Acknowledgments ...................................................55
Authors' Addresses ................................................55

1. Introduction

The User Datagram Protocol (UDP) [RFC768] provides a minimal,
unreliable, best-effort, message-passing transport to applications
and other protocols (such as tunnels) that wish to operate over IP.
Both are simply called "applications" in the remainder of this
document.

Compared to other transport protocols, UDP and its UDP-Lite variant
[RFC3828] are unique in that they do not establish end-to-end
connections between communicating end systems. UDP communication
consequently does not incur connection establishment and teardown
overheads, and there is minimal associated end-system state. Because
of these characteristics, UDP can offer a very efficient
communication transport to some applications.

A second unique characteristic of UDP is that it provides no inherent
congestion control mechanisms. On many platforms, applications can
send UDP datagrams at the line rate of the platform's link interface,
which is often much greater than the available end-to-end path
capacity, and doing so contributes to congestion along the path.
[RFC2914] describes the best current practice for congestion control

Eggert, et al. Best Current Practice [Page 3]
RFC 8085 UDP Usage Guidelines March 2017

in the Internet. It identifies two major reasons why congestion
control mechanisms are critical for the stable operation of the
Internet:

1. The prevention of congestion collapse, i.e., a state where an
increase in network load results in a decrease in useful work
done by the network.

2. The establishment of a degree of fairness, i.e., allowing
multiple flows to share the capacity of a path reasonably
equitably.

Because UDP itself provides no congestion control mechanisms, it is
up to the applications that use UDP for Internet communication to
employ suitable mechanisms to prevent congestion collapse and
establish a degree of fairness. [RFC2309] discusses the dangers of
congestion-unresponsive flows and states that "all UDP-based
streaming applications should incorporate effective congestion
avoidance mechanisms." [RFC7567] reaffirms this statement. This is
an important requirement, even for applications that do not use UDP
for streaming. In addition, congestion-controlled transmission is of
benefit to an application itself, because it can reduce self-induced
packet loss, minimize retransmissions, and hence reduce delays.
Congestion control is essential even at relatively slow transmission
rates. For example, an application that generates five 1500-byte UDP
datagrams in one second can already exceed the capacity of a 56 Kb/s
path. For applications that can operate at higher, potentially
unbounded data rates, congestion control becomes vital to prevent
congestion collapse and establish some degree of fairness. Section 3
describes a number of simple guidelines for the designers of such
applications.

A UDP datagram is carried in a single IP packet and is hence limited
to a maximum payload of 65,507 bytes for IPv4 and 65,527 bytes for
IPv6. The transmission of large IP packets usually requires IP
fragmentation. Fragmentation decreases communication reliability and
efficiency and should be avoided. IPv6 allows the option of
transmitting large packets ("jumbograms") without fragmentation when
all link layers along the path support this [RFC2675]. Some of the
guidelines in Section 3 describe how applications should determine
appropriate message sizes. Other sections of this document provide
guidance on reliability, checksums, middlebox traversal and use of
multicast.

This document provides guidelines and recommendations. Although most
UDP applications are expected to follow these guidelines, there do
exist valid reasons why a specific application may decide not to
follow a given guideline. In such cases, it is RECOMMENDED that

Eggert, et al. Best Current Practice [Page 4]
RFC 8085 UDP Usage Guidelines March 2017

application designers cite the respective section(s) of this document
in the technical specification of their application or protocol and
explain their rationale for their design choice.

[RFC5405] was scoped to provide guidelines for unicast applications
only, whereas this document also provides guidelines for UDP flows
that use IP anycast, multicast, broadcast, and applications that use
UDP tunnels to support IP flows.

Finally, although this document specifically refers to usage of UDP,
the spirit of some of its guidelines also applies to other message-
passing applications and protocols (specifically on the topics of
congestion control, message sizes, and reliability). Examples
include signaling, tunnel or control applications that choose to run
directly over IP by registering their own IP protocol number with
IANA. This document is expected to provide useful background reading
to the designers of such applications and protocols.

2. Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
[RFC2119].

3. UDP Usage Guidelines

Internet paths can have widely varying characteristics, including
transmission delays, available bandwidths, congestion levels,
reordering probabilities, supported message sizes, or loss rates.
Furthermore, the same Internet path can have very different
conditions over time. Consequently, applications that may be used on
the Internet MUST NOT make assumptions about specific path
characteristics. They MUST instead use mechanisms that let them
operate safely under very different path conditions. Typically, this
requires conservatively probing the current conditions of the
Internet path they communicate over to establish a transmission
behavior that it can sustain and that is reasonably fair to other
traffic sharing the path.

These mechanisms are difficult to implement correctly. For most
applications, the use of one of the existing IETF transport protocols
is the simplest method of acquiring the required mechanisms. Doing
so also avoids issues that protocols using a new IP protocol number
face when being deployed over the Internet, where middleboxes that
only support TCP and UDP are sometimes present. Consequently, the
RECOMMENDED alternative to the UDP usage described in the remainder
of this section is the use of an IETF transport protocol such as TCP

Eggert, et al. Best Current Practice [Page 5]
RFC 8085 UDP Usage Guidelines March 2017

[RFC793], Stream Control Transmission Protocol (SCTP) [RFC4960], and
SCTP Partial Reliability Extension (SCTP-PR) [RFC3758], or Datagram
Congestion Control Protocol (DCCP) [RFC4340] with its different
congestion control types [RFC4341][RFC4342][RFC5622], or transport
protocols specified by the IETF in the future. (UDP-encapsulated
SCTP [RFC6951] and DCCP [RFC6773] can offer support for traversing
firewalls and other middleboxes where the native protocols are not
supported.)

If used correctly, these more fully featured transport protocols are
not as "heavyweight" as often claimed. For example, the TCP
algorithms have been continuously improved over decades, and they
have reached a level of efficiency and correctness that custom
application-layer mechanisms will struggle to easily duplicate. In
addition, many TCP implementations allow connections to be tuned by
an application to its purposes. For example, TCP's "Nagle" algorithm
[RFC1122] can be disabled, improving communication latency at the
expense of more frequent -- but still congestion controlled -- packet
transmissions. Another example is the TCP SYN cookie mechanism
[RFC4987], which is available on many platforms. TCP with SYN
cookies does not require a server to maintain per-connection state
until the connection is established. TCP also requires the end that
closes a connection to maintain the TIME-WAIT state that prevents
delayed segments from one connection instance from interfering with a
later one. Applications that are aware of and designed for this
behavior can shift maintenance of the TIME-WAIT state to conserve
resources by controlling which end closes a TCP connection [FABER].
Finally, TCP's built-in capacity-probing and awareness of the maximum
transmission unit supported by the path (PMTU) results in efficient
data transmission that quickly compensates for the initial connection
setup delay, in the case of transfers that exchange more than a few
segments.

3.1. Congestion Control Guidelines

If an application or protocol chooses not to use a congestion-
controlled transport protocol, it SHOULD control the rate at which it
sends UDP datagrams to a destination host, in order to fulfill the
requirements of [RFC2914]. It is important to stress that an
application SHOULD perform congestion control over all UDP traffic it
sends to a destination, independently from how it generates this
traffic. For example, an application that forks multiple worker
processes or otherwise uses multiple sockets to generate UDP
datagrams SHOULD perform congestion control over the aggregate
traffic.

Eggert, et al. Best Current Practice [Page 6]
RFC 8085 UDP Usage Guidelines March 2017

Several approaches to perform congestion control are discussed in the
remainder of this section. This section describes generic topics
with an intended emphasis on unicast and anycast [RFC1546] usage.
Not all approaches discussed below are appropriate for all UDP-
transmitting applications. Section 3.1.2 discusses congestion
control options for applications that perform bulk transfers over
UDP. Such applications can employ schemes that sample the path over
several subsequent round-trips during which data is exchanged to
determine a sending rate that the path at its current load can
support. Other applications only exchange a few UDP datagrams with a
destination. Section 3.1.3 discusses congestion control options for
such "low data-volume" applications. Because they typically do not
transmit enough data to iteratively sample the path to determine a
safe sending rate, they need to employ different kinds of congestion
control mechanisms. Section 3.1.11 discusses congestion control
considerations when UDP is used as a tunneling protocol. Section 4
provides additional recommendations for broadcast and multicast
usage.

It is important to note that congestion control should not be viewed
as an add-on to a finished application. Many of the mechanisms
discussed in the guidelines below require application support to
operate correctly. Application designers need to consider congestion
control throughout the design of their application, similar to how
they consider security aspects throughout the design process.

In the past, the IETF has also investigated integrated congestion
control mechanisms that act on the traffic aggregate between two
hosts, i.e., a framework such as the Congestion Manager [RFC3124],
where active sessions may share current congestion information in a
way that is independent of the transport protocol. Such mechanisms
have currently failed to see deployment, but would otherwise simplify
the design of congestion control mechanisms for UDP sessions, so that
they fulfill the requirements in [RFC2914].

3.1.1. Protocol Timer Guidelines

Understanding the latency between communicating endpoints is usually
a crucial part of effective congestion control implementations for
protocols and applications. Latency estimation can be used in a
number of protocol functions, such as calculating a congestion-
controlled transmission rate, triggering retransmission, and
detecting packet loss. Additional protocol functions, for example,
determining an interval for probing a path, determining an interval
between keep-alive messages, determining an interval for measuring
the quality of experience, or determining if a remote endpoint has

Eggert, et al. Best Current Practice [Page 7]
RFC 8085 UDP Usage Guidelines March 2017

responded to a request to perform an action, typically operate over
longer timescales than congestion control and therefore are not
covered in this section.

The general recommendation in this document is that applications
SHOULD leverage existing congestion control techniques and the
latency estimators specified therein (see next subsection). The
following guidelines are provided for applications that need to
design their own latency estimation mechanisms.

The guidelines are framed in terms of "latency" and not "round-trip
time" because some situations require characterizing only the
network-based latency (e.g., TCP-Friendly Rate Control (TFRC)
[RFC5348]), while other cases necessitate inclusion of the time
required by the remote endpoint to provide feedback (e.g., developing
an understanding of when to retransmit a message).

The latency between endpoints is generally a dynamic property.
Therefore, estimates SHOULD represent some sort of averaging of
multiple recent measurement samples to account for variance.
Leveraging an Exponentially Weighted Moving Average (EWMA) has proven
useful for this purpose (e.g., in TCP [RFC6298] and TFRC [RFC5348]).

Independent latency estimates SHOULD be maintained for each
destination with which an endpoint communicates.

Latency samples MUST NOT be derived from ambiguous transactions. The
canonical example is in a protocol that retransmits data, but
subsequently cannot determine which copy is being acknowledged. This
ambiguity makes correct computation of the latency problematic. See
the discussion of Karn's algorithm in [RFC6298]. This requirement
ensures a sender establishes a sound estimate of the latency without
relying on misleading measurements.

When a latency estimate is used to arm a timer that provides loss
detection -- with or without retransmission -- expiry of the timer
MUST be interpreted as an indication of congestion in the network,
causing the sending rate to be adapted to a safe conservative rate
(e.g., TCP collapses the congestion window to one segment [RFC5681]).

Some applications require an initial latency estimate before the
latency between endpoints can be empirically sampled. For instance,
when arming a retransmission timer, an initial value is needed to
protect the messages sent before the endpoints sample the latency.
This initial latency estimate SHOULD generally be as conservative
(large) as possible for the given application. For instance, in the
absence of any knowledge about the latency of a path, TCP requires
the initial Retransmission Timeout (RTO) to be set to no less than 1

Eggert, et al. Best Current Practice [Page 8]
RFC 8085 UDP Usage Guidelines March 2017

second [RFC6298]. UDP applications SHOULD similarly use an initial
latency estimate of 1 second. Values shorter than 1 second can be
problematic (see the data analysis in the appendix of [RFC6298]).

3.1.2. Bulk-Transfer Applications

Applications that perform bulk transmission of data to a peer over
UDP, i.e., applications that exchange more than a few UDP datagrams
per RTT, SHOULD implement TFRC [RFC5348], window-based TCP-like
congestion control, or otherwise ensure that the application complies
with the congestion control principles.

TFRC has been designed to provide both congestion control and
fairness in a way that is compatible with the IETF's other transport
protocols. If an application implements TFRC, it need not follow the
remaining guidelines in Section 3.1.2, because TFRC already addresses
them, but it SHOULD still follow the remaining guidelines in the
subsequent subsections of Section 3.

Bulk-transfer applications that choose not to implement TFRC or TCP-
like windowing SHOULD implement a congestion control scheme that
results in bandwidth (capacity) use that competes fairly with TCP
within an order of magnitude.

Section 2 of [RFC3551] suggests that applications SHOULD monitor the
packet-loss rate to ensure that it is within acceptable parameters.
Packet loss is considered acceptable if a TCP flow across the same
network path under the same network conditions would achieve an
average throughput, measured on a reasonable timescale, that is not
less than that of the UDP flow. The comparison to TCP cannot be
specified exactly, but is intended as an "order-of-magnitude"
comparison in timescale and throughput. The recommendations for
managing timers specified in Section 3.1.1 also apply.

Finally, some bulk-transfer applications may choose not to implement
any congestion control mechanism and instead rely on transmitting
across reserved path capacity (see Section 3.1.9). This might be an
acceptable choice for a subset of restricted networking environments,
but is by no means a safe practice for operation over the wider
Internet. When the UDP traffic of such applications leaks out into
unprovisioned Internet paths, it can significantly degrade the
performance of other traffic sharing the path and even result in
congestion collapse. Applications that support an uncontrolled or
unadaptive transmission behavior SHOULD NOT do so by default and
SHOULD instead require users to explicitly enable this mode of
operation, and they SHOULD verify that sufficient path capacity has
been reserved for them.

Eggert, et al. Best Current Practice [Page 9]
RFC 8085 UDP Usage Guidelines March 2017

3.1.3. Low Data-Volume Applications

When applications that at any time exchange only a few UDP datagrams
with a destination implement TFRC or one of the other congestion
control schemes in Section 3.1.2, the network sees little benefit,
because those mechanisms perform congestion control in a way that is
only effective for longer transmissions.

Applications that at any time exchange only a few UDP datagrams with
a destination SHOULD still control their transmission behavior by not
sending on average more than one UDP datagram per RTT to a
destination. Similar to the recommendation in [RFC1536], an
application SHOULD maintain an estimate of the RTT for any
destination with which it communicates using the methods specified in
Section 3.1.1.

Some applications cannot maintain a reliable RTT estimate for a
destination. These applications do not need to or are unable to use
protocol timers to measure the RTT (Section 3.1.1). Two cases can be
identified:

1. The first case is that of applications that exchange too few UDP
datagrams with a peer to establish a statistically accurate RTT
estimate but that can monitor the reliability of transmission
(Section 3.3). Such applications MAY use a predetermined
transmission interval that is exponentially backed off when
packets are deemed lost. TCP specifies an initial value of 1
second [RFC6298], which is also RECOMMENDED as an initial value
for UDP applications. Some low data-volume applications, e.g.,
SIP [RFC3261] and General Internet Signaling Transport (GIST)
[RFC5971] use an interval of 500 ms, and shorter values are
likely problematic in many cases. As in the previous case, note
that the initial timeout is not the maximum possible timeout, see
Section 3.1.1.

2. A second case of applications cannot maintain an RTT estimate for
a destination, because the destination does not send return
traffic. Such applications SHOULD NOT send more than one UDP
datagram every 3 seconds and SHOULD use an even less aggressive
rate when possible. Shorter values are likely problematic in
many cases. Note that the sending rate in this case must be more
conservative than in the previous cases, because the lack of
return traffic prevents the detection of packet loss, i.e.,
congestion, and the application therefore cannot perform
exponential back off to reduce load.

Eggert, et al. Best Current Practice [Page 10]
RFC 8085 UDP Usage Guidelines March 2017

3.1.4. Applications Supporting Bidirectional Communications

Applications that communicate bidirectionally SHOULD employ
congestion control for both directions of the communication. For
example, for a client-server, request-response-style application,
clients SHOULD congestion-control their request transmission to a
server, and the server SHOULD congestion-control its responses to the
clients. Congestion in the forward and reverse directions is
uncorrelated, and an application SHOULD either independently detect
and respond to congestion along both directions or limit new and
retransmitted requests based on acknowledged responses across the
entire round-trip path.

3.1.5. Implications of RTT and Loss Measurements on Congestion Control

Transports such as TCP, SCTP, and DCCP provide timely detection of
congestion that results in an immediate reduction of their maximum
sending rate when congestion is experienced. This reaction is
typically completed 1-2 RTTs after loss/congestion is encountered.
Applications using UDP SHOULD implement a congestion control scheme
that provides a prompt reaction to signals indicating congestion
(e.g., by reducing the rate within the next RTT following a
congestion signal).

The operation of a UDP congestion control algorithm can be very
different from the way TCP operates. This includes congestion
controls that respond on timescales that fit applications that cannot
usefully work within the "change rate every RTT" model of TCP.
Applications that experience a low or varying RTT are particularly
vulnerable to sampling errors (e.g., due to measurement noise or
timer accuracy). This suggests the need to average loss/congestion
and RTT measurements over a longer interval; however, this also can
contribute additional delay in detecting congestion. Some
applications may not react by reducing their sending rate immediately
for various reasons, including the following: RTT and loss
measurements are only made periodically (e.g., using RTCP),
additional time is required to filter information, or the application
is only able to change its sending rate at predetermined interval
(e.g., some video codecs).

When designing a congestion control algorithm, the designer therefore
needs to consider the total time taken to reduce the load following a
lack of feedback or a congestion event. An application where the
most recent RTT measurement is smaller than the actual RTT or the
measured loss rate is smaller than the current rate, can result in
over estimating the available capacity. Such over-estimation can

Eggert, et al. Best Current Practice [Page 11]
RFC 8085 UDP Usage Guidelines March 2017

result in a sending rate that creates congestion to the application
or other flows sharing the path capacity, and can contribute to
congestion collapse -- both of these need to be avoided.

A congestion control designed for UDP SHOULD respond as quickly as
possible when it experiences congestion, and it SHOULD take into
account both the loss rate and the response time when choosing a new
rate. The implemented congestion control scheme SHOULD result in
bandwidth (capacity) use that is comparable to that of TCP within an
order of magnitude, so that it does not starve other flows sharing a
common bottleneck.

3.1.6. Burst Mitigation and Pacing

UDP applications SHOULD provide mechanisms to regulate the bursts of
transmission that the application may send to the network. Many TCP
and SCTP implementations provide mechanisms that prevent a sender
from generating long bursts at line-rate, since these are known to
induce early loss to applications sharing a common network
bottleneck. The use of pacing with TCP [ALLMAN] has also been shown
to improve the coexistence of TCP flows with other flows. The need
to avoid excessive transmission bursts is also noted in
specifications for applications (e.g., [RFC7143]).

Even low data-volume UDP flows may benefit from packet pacing, e.g.,
an application that sends three copies of a packet to improve
robustness to loss is RECOMMENDED to pace out those three packets
over several RTTs, to reduce the probability that all three packets
will be lost due to the same congestion event (or other event, such
as burst corruption).

3.1.7. Explicit Congestion Notification

Internet applications can use Explicit Congestion Notification (ECN)
[RFC3168] to gain benefits for the services they support [RFC8087].

Internet transports, such as TCP, provide a set of mechanisms that
are needed to utilize ECN. ECN operates by setting an ECN-capable
codepoint (ECT(0) or ECT(1)) in the IP header of packets that are
sent. This indicates to ECN-capable network devices (routers and
other devices) that they may mark (set the congestion experienced,
Congestion Experience (CE) codepoint) rather than drop the IP packet
as a signal of incipient congestion.

UDP applications can also benefit from enabling ECN, providing that
the API supports ECN and that they implement the required protocol
mechanisms to support ECN.

Eggert, et al. Best Current Practice [Page 12]
RFC 8085 UDP Usage Guidelines March 2017

The set of mechanisms required for an application to use ECN over UDP
are:

o A sender MUST provide a method to determine (e.g., negotiate) that
the corresponding application is able to provide ECN feedback
using a compatible ECN method.

o A receiver that enables the use of ECN for a UDP port MUST check
the ECN field at the receiver for each UDP datagram that it
receives on this port.

o The receiving application needs to provide feedback of congestion
information to the sending application. This MUST report the
presence of datagrams received with a CE-mark by providing a
mechanism to feed this congestion information back to the sending
application. The feedback MAY also report the presence of ECT(1)
and ECT(0)/Not-ECT packets [RFC7560]. ([RFC3168] and [RFC7560]
specify methods for TCP.)

o An application sending ECN-capable datagrams MUST provide an
appropriate congestion reaction when it receives feedback
indicating that congestion has been experienced. This ought to
result in reduction of the sending rate by the UDP congestion
control method (see Section 3.1) that is not less than the
reaction of TCP under equivalent conditions.

o A sender SHOULD detect network paths that do not support the ECN
field correctly. When detected, they need to either
conservatively react to congestion or even fall back to not using
ECN [RFC8087]. This method needs to be robust to changes within
the network path that may occur over the lifetime of a session.

o A sender is encouraged to provide a mechanism to detect and react
appropriately to misbehaving receivers that fail to report
CE-marked packets [RFC8087].

[RFC6679] provides guidance and an example of this support, by
describing a method to allow ECN to be used for UDP-based
applications using the Real-Time Protocol (RTP). Applications that
cannot provide this set of mechanisms, but wish to gain the benefits
of using ECN, are encouraged to use a transport protocol that already
supports ECN (such as TCP).

3.1.8. Differentiated Services Model

An application using UDP can use the differentiated services
(DiffServ) Quality of Service (QoS) framework. To enable
differentiated services processing, a UDP sender sets the

Eggert, et al. Best Current Practice [Page 13]
RFC 8085 UDP Usage Guidelines March 2017

Differentiated Services Code Point (DSCP) field [RFC2475] in packets
sent to the network. Normally, a UDP source/destination port pair
will set a single DSCP value for all packets belonging to a flow, but
multiple DSCPs can be used as described later in this section. A
DSCP may be chosen from a small set of fixed values (the class
selector code points), or from a set of recommended values defined in
the Per Hop Behavior (PHB) specifications, or from values that have
purely local meanings to a specific network that supports DiffServ.
In general, packets may be forwarded across multiple networks between
source and destination.

In setting a non-default DSCP value, an application must be aware
that DSCP markings may be changed or removed between the traffic
source and destination. This has implications on the design of
applications that use DSCPs. Specifically, applications SHOULD be
designed not to rely on implementation of a specific network
treatment; they need instead to implement congestion control methods
to determine if their current sending rate is inducing congestion in
the network.

[RFC7657] describes the implications of using DSCPs and provides
recommendations on using multiple DSCPs within a single network five-
tuple (source and destination addresses, source and destination
ports, and the transport protocol used, in this case, UDP or
UDP-Lite), and particularly the expected impact on transport protocol
interactions, with congestion control or reliability functionality
(e.g., retransmission, reordering). Use of multiple DSCPs can result
in reordering by increasing the set of network forwarding resources
used by a sender. It can also increase exposure to resource
depletion or failure.

3.1.9. QoS, Pre-Provisioned, or Reserved Capacity

The IETF usually specifies protocols for use within the Best Effort
General Internet. Sometimes it is relevant to specify protocols with
a different applicability. An application using UDP can use the
integrated services QoS framework. This framework is usually made
available within controlled environments (e.g., within a single
administrative domain or bilaterally agreed connection between
domains). Applications intended for the Internet SHOULD NOT assume
that QoS mechanisms are supported by the networks they use, and
therefore need to provide congestion control, error recovery, etc.,
in case the actual network path does not provide provisioned service.

Some UDP applications are only expected to be deployed over network
paths that use pre-provisioned capacity or capacity reserved using
dynamic provisioning, e.g., through the Resource Reservation Protocol
(RSVP). Multicast applications are also used with pre-provisioned

Eggert, et al. Best Current Practice [Page 14]
RFC 8085 UDP Usage Guidelines March 2017

capacity (e.g., IPTV deployments within access networks). These
applications MAY choose not to implement any congestion control
mechanism and instead rely on transmitting only on paths where the
capacity is provisioned and reserved for this use. This might be an
acceptable choice for a subset of restricted networking environments,
but is by no means a safe practice for operation over the wider
Internet. Applications that choose this option SHOULD carefully and
in detail describe the provisioning and management procedures that
result in the desired containment.

Applications that support an uncontrolled or unadaptive transmission
behavior SHOULD NOT do so by default and SHOULD instead require users
to explicitly enable this mode of operation.

Applications designed for use within a controlled environment (see
Section 3.6) may be able to exploit network management functions to
detect whether they are causing congestion, and react accordingly.
If the traffic of such applications leaks out into unprovisioned
Internet paths, it can significantly degrade the performance of other
traffic sharing the path and even result in congestion collapse.
Protocols designed for such networks SHOULD provide mechanisms at the
network edge to prevent leakage of traffic into unprovisioned
Internet paths (e.g., [RFC7510]). To protect other applications
sharing the same path, applications SHOULD also deploy an appropriate
circuit breaker, as described in Section 3.1.10.

An IETF specification targeting a controlled environment is expected
to provide an applicability statement that restricts the application
to the controlled environment (see Section 3.6).

3.1.10. Circuit Breaker Mechanisms

A transport circuit breaker is an automatic mechanism that is used to
estimate the congestion caused by a flow, and to terminate (or
significantly reduce the rate of) the flow when excessive congestion
is detected [RFC8084]. This is a safety measure to prevent
congestion collapse (starvation of resources available to other
flows), essential for an Internet that is heterogeneous and for
traffic that is hard to predict in advance.

A circuit breaker is intended as a protection mechanism of last
resort. Under normal circumstances, a circuit breaker should not be
triggered; it is designed to protect things when there is severe
overload. The goal is usually to limit the maximum transmission rate
that reflects the available capacity of a network path. Circuit
breakers can operate on individual UDP flows or traffic aggregates,
e.g., traffic sent using a network tunnel.

Eggert, et al. Best Current Practice [Page 15]
RFC 8085 UDP Usage Guidelines March 2017

[RFC8084] provides guidance and examples on the use of circuit
breakers. The use of a circuit breaker in RTP is specified in
[RFC8083].

Applications used in the general Internet SHOULD implement a
transport circuit breaker if they do not implement congestion control
or operate a low data-volume service (see Section 3.6). All
applications MAY implement a transport circuit breaker [RFC8084] and
are encouraged to consider implementing at least a slow-acting
transport circuit breaker to provide a protection of last resort for
their network traffic.

3.1.11. UDP Tunnels

One increasingly popular use of UDP is as a tunneling protocol
[INT-TUNNELS], where a tunnel endpoint encapsulates the packets of
another protocol inside UDP datagrams and transmits them to another
tunnel endpoint, which decapsulates the UDP datagrams and forwards
the original packets contained in the payload. One example of such a
protocol is Teredo [RFC4380]. Tunnels establish virtual links that
appear to directly connect locations that are distant in the physical
Internet topology and can be used to create virtual (private)
networks. Using UDP as a tunneling protocol is attractive when the
payload protocol is not supported by middleboxes that may exist along
the path, because many middleboxes support transmission using UDP.

Well-implemented tunnels are generally invisible to the endpoints
that happen to transmit over a path that includes tunneled links. On
the other hand, to the routers along the path of a UDP tunnel, i.e.,
the routers between the two tunnel endpoints, the traffic that a UDP
tunnel generates is a regular UDP flow, and the encapsulator and
decapsulator appear as regular UDP-sending and UDP-receiving
applications. Because other flows can share the path with one or
more UDP tunnels, congestion control needs to be considered.

Two factors determine whether a UDP tunnel needs to employ specific
congestion control mechanisms: first, whether the payload traffic is
IP-based; and second, whether the tunneling scheme generates UDP
traffic at a volume that corresponds to the volume of payload traffic
carried within the tunnel.

IP-based unicast traffic is generally assumed to be congestion
controlled, i.e., it is assumed that the transport protocols
generating IP-based unicast traffic at the sender already employ
mechanisms that are sufficient to address congestion on the path.
Consequently, a tunnel carrying IP-based unicast traffic should

Eggert, et al. Best Current Practice [Page 16]
RFC 8085 UDP Usage Guidelines March 2017

already interact appropriately with other traffic sharing the path,
and specific congestion control mechanisms for the tunnel are not
necessary.

However, if the IP traffic in the tunnel is known not to be
congestion controlled, additional measures are RECOMMENDED to limit
the impact of the tunneled traffic on other traffic sharing the path.
For the specific case of a tunnel that carries IP multicast traffic,
see Section 4.1.

The following guidelines define these possible cases in more detail:

1. A tunnel generates UDP traffic at a volume that corresponds to
the volume of payload traffic, and the payload traffic is IP
based and congestion controlled.

This is arguably the most common case for Internet tunnels. In
this case, the UDP tunnel SHOULD NOT employ its own congestion
control mechanism, because congestion losses of tunneled traffic
will already trigger an appropriate congestion response at the
original senders of the tunneled traffic. A circuit breaker
mechanism may provide benefit by controlling the envelope of the
aggregated traffic.

Note that this guideline is built on the assumption that most
IP-based communication is congestion controlled. If a UDP tunnel
is used for IP-based traffic that is known to not be congestion
controlled, the next set of guidelines applies.

2. A tunnel generates UDP traffic at a volume that corresponds to
the volume of payload traffic, and the payload traffic is not
known to be IP based, or is known to be IP based but not
congestion controlled.

This can be the case, for example, when some link-layer protocols
are encapsulated within UDP (but not all link-layer protocols;
some are congestion controlled). Because it is not known that
congestion losses of tunneled non-IP traffic will trigger an
appropriate congestion response at the senders, the UDP tunnel
SHOULD employ an appropriate congestion control mechanism or
circuit breaker mechanism designed for the traffic it carries.
Because tunnels are usually bulk-transfer applications as far as
the intermediate routers are concerned, the guidelines in
Section 3.1.2 apply.

3. A tunnel generates UDP traffic at a volume that does not
correspond to the volume of payload traffic, independent of
whether the payload traffic is IP based or congestion controlled.

Eggert, et al. Best Current Practice [Page 17]
RFC 8085 UDP Usage Guidelines March 2017

Examples of this class include UDP tunnels that send at a
constant rate, increase their transmission rates under loss, for
example, due to increasing redundancy when Forward Error
Correction is used, or are otherwise unconstrained in their
transmission behavior. These specialized uses of UDP for
tunneling go beyond the scope of the general guidelines given in
this document. The implementer of such specialized tunnels
SHOULD carefully consider congestion control in the design of
their tunneling mechanism and SHOULD consider use of a circuit
breaker mechanism.

The type of encapsulated payload might be identified by a UDP port;
identified by an Ethernet Type or IP protocol number. A tunnel
SHOULD provide mechanisms to restrict the types of flows that may be
carried by the tunnel. For instance, a UDP tunnel designed to carry
IP needs to filter out non-IP traffic at the ingress. This is
particularly important when a generic tunnel encapsulation is used
(e.g., one that encapsulates using an EtherType value). Such tunnels
SHOULD provide a mechanism to restrict the types of traffic that are
allowed to be encapsulated for a given deployment (see
[INT-TUNNELS]).

Designing a tunneling mechanism requires significantly more expertise
than needed for many other UDP applications, because tunnels are
usually intended to be transparent to the endpoints transmitting over
them, so they need to correctly emulate the behavior of an IP link
[INT-TUNNELS], for example:

o Requirements for tunnels that carry or encapsulate using ECN code
points [RFC6040].

o Usage of the IP DSCP field by tunnel endpoints [RFC2983].

o Encapsulation considerations in the design of tunnels [ENCAP].

o Usage of ICMP messages [INT-TUNNELS].

o Handling of fragmentation and packet size for tunnels
[INT-TUNNELS].

o Source port usage for tunnels designed to support equal cost
multipath (ECMP) routing (see Section 5.1.1).

o Guidance on the need to protect headers [INT-TUNNELS] and the use
of checksums for IPv6 tunnels (see Section 3.4.1).

o Support for operations and maintenance [INT-TUNNELS].

Eggert, et al. Best Current Practice [Page 18]
RFC 8085 UDP Usage Guidelines March 2017

At the same time, the tunneled traffic is application traffic like
any other from the perspective of the networks the tunnel transmits
over. This document only touches upon the congestion control
considerations for implementing UDP tunnels; a discussion of other
required tunneling behavior is out of scope.

3.2. Message Size Guidelines

IP fragmentation lowers the efficiency and reliability of Internet
communication. The loss of a single fragment results in the loss of
an entire fragmented packet, because even if all other fragments are
received correctly, the original packet cannot be reassembled and
delivered. This fundamental issue with fragmentation exists for both
IPv4 and IPv6.

In addition, some network address translators (NATs) and firewalls
drop IP fragments. The network address translation performed by a
NAT only operates on complete IP packets, and some firewall policies
also require inspection of complete IP packets. Even with these
being the case, some NATs and firewalls simply do not implement the
necessary reassembly functionality; instead, they choose to drop all
fragments. Finally, [RFC4963] documents other issues specific to
IPv4 fragmentation.

Due to these issues, an application SHOULD NOT send UDP datagrams
that result in IP packets that exceed the Maximum Transmission Unit
(MTU) along the path to the destination. Consequently, an
application SHOULD either use the path MTU information provided by
the IP layer or implement Path MTU Discovery (PMTUD) itself [RFC1191]
[RFC1981] [RFC4821] to determine whether the path to a destination
will support its desired message size without fragmentation.

However, the ICMP messages that enable path MTU discovery are being
increasingly filtered by middleboxes (including Firewalls) [RFC4890].
When the path includes a tunnel, some devices acting as a tunnel
ingress discard ICMP messages that originate from network devices
over which the tunnel passes, preventing these from reaching the UDP
endpoint.

Packetization Layer Path MTU Discovery (PLPMTUD) [RFC4821] does not
rely upon network support for ICMP messages and is therefore
considered more robust than standard PMTUD. It is not susceptible to
"black holing" of ICMP messages. To operate, PLPMTUD requires
changes to the way the transport is used: both to transmit probe
packets and to account for the loss or success of these probes. This
not only updates the PMTU algorithm, it also impacts loss recovery,
congestion control, etc. These updated mechanisms can be implemented

Eggert, et al. Best Current Practice [Page 19]
RFC 8085 UDP Usage Guidelines March 2017

within a connection-oriented transport (e.g., TCP, SCTP, DCCP), but
they are not a part of UDP; this type of feedback is not typically
present for unidirectional applications.

Therefore, PLPMTUD places additional design requirements on a UDP
application that wishes to use this method. This is especially true
for UDP tunnels, because the overhead of sending probe packets needs
to be accounted for and may require adding a congestion control
mechanism to the tunnel (see Section 3.1.11) as well as complicating
the data path at a tunnel decapsulator.

Applications that do not follow the recommendation to do PMTU/PLPMTUD
discovery SHOULD still avoid sending UDP datagrams that would result
in IP packets that exceed the path MTU. Because the actual path MTU
is unknown, such applications SHOULD fall back to sending messages
that are shorter than the default effective MTU for sending (EMTU_S
in [RFC1122]). For IPv4, EMTU_S is the smaller of 576 bytes and the
first-hop MTU [RFC1122]. For IPv6, EMTU_S is 1280 bytes [RFC2460].
The effective PMTU for a directly connected destination (with no
routers on the path) is the configured interface MTU, which could be
less than the maximum link payload size. Transmission of minimum-
sized UDP datagrams is inefficient over paths that support a larger
PMTU, which is a second reason to implement PMTU discovery.

To determine an appropriate UDP payload size, applications MUST
subtract the size of the IP header (which includes any IPv4 optional
headers or IPv6 extension headers) as well as the length of the UDP
header (8 bytes) from the PMTU size. This size, known as the Maximum
Segment Size (MSS), can be obtained from the TCP/IP stack [RFC1122].

Applications that do not send messages that exceed the effective PMTU
of IPv4 or IPv6 need not implement any of the above mechanisms. Note
that the presence of tunnels can cause an additional reduction of the
effective PMTU [INT-TUNNELS], so implementing PMTU discovery may be
beneficial.

Applications that fragment an application-layer message into multiple
UDP datagrams SHOULD perform this fragmentation so that each datagram
can be received independently, and be independently retransmitted in
the case where an application implements its own reliability
mechanisms.

Eggert, et al. Best Current Practice [Page 20]
RFC 8085 UDP Usage Guidelines March 2017

3.3. Reliability Guidelines

Application designers are generally aware that UDP does not provide
any reliability, e.g., it does not retransmit any lost packets.
Often, this is a main reason to consider UDP as a transport protocol.
Applications that do require reliable message delivery MUST implement
an appropriate mechanism themselves.

UDP also does not protect against datagram duplication, i.e., an
application may receive multiple copies of the same UDP datagram,
with some duplicates arriving potentially much later than the first.
Application designers SHOULD handle such datagram duplication
gracefully, and they may consequently need to implement mechanisms to
detect duplicates. Even if UDP datagram reception triggers only
idempotent operations, applications may want to suppress duplicate
datagrams to reduce load.

Applications that require ordered delivery MUST reestablish datagram
ordering themselves. The Internet can significantly delay some
packets with respect to others, e.g., due to routing transients,
intermittent connectivity, or mobility. This can cause reordering,
where UDP datagrams arrive at the receiver in an order different from
the transmission order.

Applications that use multiple transport ports need to be robust to
reordering between sessions. Load-balancing techniques within the
network, such as Equal Cost Multipath (ECMP) forwarding can also
result in a lack of ordering between different transport sessions,
even between the same two network endpoints.

It is important to note that the time by which packets are reordered
or after which duplicates can still arrive can be very large. Even
more importantly, there is no well-defined upper boundary here.
[RFC793] defines the maximum delay a TCP segment should experience --
the Maximum Segment Lifetime (MSL) -- as 2 minutes. No other RFC
defines an MSL for other transport protocols or IP itself. The MSL
value defined for TCP is conservative enough that it SHOULD be used
by other protocols, including UDP. Therefore, applications SHOULD be
robust to the reception of delayed or duplicate packets that are
received within this 2-minute interval.

Retransmission of lost packets or messages is a common reliability
mechanism. Such retransmissions can increase network load in
response to congestion, worsening that congestion. Any application
that uses retransmission is responsible for congestion control of its
retransmissions (as well as the application's original traffic);
hence, it is subject to the Congestion Control guidelines in

Eggert, et al. Best Current Practice [Page 21]
RFC 8085 UDP Usage Guidelines March 2017

Section 3.1. Guidance on the appropriate measurement of RTT in
Section 3.1.1 also applies for timers used for retransmission packet-
loss detection.

Instead of implementing these relatively complex reliability
mechanisms by itself, an application that requires reliable and
ordered message delivery SHOULD whenever possible choose an IETF
standard transport protocol that provides these features.

3.4. Checksum Guidelines

The UDP header includes an optional, 16-bit one's complement checksum
that provides an integrity check. These checks are not strong from a
coding or cryptographic perspective and are not designed to detect
physical-layer errors or malicious modification of the datagram
[RFC3819]. Application developers SHOULD implement additional checks
where data integrity is important, e.g., through a Cyclic Redundancy
Check (CRC) or keyed or non-keyed cryptographic hash included with
the data to verify the integrity of an entire object/file sent over
the UDP service.

The UDP checksum provides a statistical guarantee that the payload
was not corrupted in transit. It also allows the receiver to verify
that it was the intended destination of the packet, because it covers
the IP addresses, port numbers, and protocol number, and it verifies
that the packet is not truncated or padded, because it covers the
size field. Therefore, it protects an application against receiving
corrupted payload data in place of, or in addition to, the data that
was sent. More description of the set of checks performed using the
checksum field is provided in Section 3.1 of [RFC6396].

Applications SHOULD enable UDP checksums [RFC1122]. For IPv4,
[RFC768] permits an option to disable their use, by setting a zero
checksum value. An application is permitted to optionally discard
UDP datagrams with a zero checksum [RFC1122].

When UDP is used over IPv6, the UDP checksum is relied upon to
protect both the IPv6 and UDP headers from corruption (because IPv6
lacks a checksum) and MUST be used as specified in [RFC2460]. Under
specific conditions, a UDP application is allowed to use a zero UDP
zero-checksum mode with a tunnel protocol (see Section 3.4.1).

Applications that choose to disable UDP checksums MUST NOT make
assumptions regarding the correctness of received data and MUST
behave correctly when a UDP datagram is received that was originally
sent to a different destination or is otherwise corrupted.

Eggert, et al. Best Current Practice [Page 22]
RFC 8085 UDP Usage Guidelines March 2017

3.4.1. IPv6 Zero UDP Checksum

[RFC6935] defines a method that enables use of a zero UDP zero-
checksum mode with a tunnel protocol, providing that the method
satisfies the requirements in [RFC6936]. The application MUST
implement mechanisms and/or usage restrictions when enabling this
mode. This includes defining the scope for usage and measures to
prevent leakage of traffic to other UDP applications (see Appendix A
and Section 3.6). These additional design requirements for using a
zero IPv6 UDP checksum are not present for IPv4, since the IPv4
header validates information that is not protected in an IPv6 packet.
Key requirements are:

o Use of the UDP checksum with IPv6 MUST be the default
configuration for all implementations [RFC6935]. The receiving
endpoint MUST only allow the use of UDP zero-checksum mode for
IPv6 on a UDP destination port that is specifically enabled.

o An application that supports a checksum different than that in
[RFC2460] MUST comply with all implementation requirements
specified in Section 4 of [RFC6936] and with the usage
requirements specified in Section 5 of [RFC6936].

o A UDP application MUST check that the source and destination IPv6
addresses are valid for any packets with a UDP zero-checksum and
MUST discard any packet for which this check fails. To protect
from misdelivery, new encapsulation designs SHOULD include an
integrity check at the transport layer that includes at least the
IPv6 header, the UDP header and the shim header for the
encapsulation, if any [RFC6936].

o One way to help satisfy the requirements of [RFC6936] may be to
limit the usage of such tunnels, e.g., to constrain traffic to an
operator network, as discussed in Section 3.6. The encapsulation
defined for MPLS in UDP [RFC7510] chooses this approach.

As in IPv4, IPv6 applications that choose to disable UDP checksums
MUST NOT make assumptions regarding the correctness of received data
and MUST behave correctly when a UDP datagram is received that was
originally sent to a different destination or is otherwise corrupted.

IPv6 datagrams with a zero UDP checksum will not be passed by any
middlebox that validates the checksum based on [RFC2460] or that
updates the UDP checksum field, such as NATs or firewalls. Changing
this behavior would require such middleboxes to be updated to
correctly handle datagrams with zero UDP checksums. To ensure end-
to-end robustness, applications that may be deployed in the general
Internet MUST provide a mechanism to safely fall back to using a

Eggert, et al. Best Current Practice [Page 23]
RFC 8085 UDP Usage Guidelines March 2017

checksum when a path change occurs that redirects a zero UDP checksum
flow over a path that includes a middlebox that discards IPv6
datagrams with a zero UDP checksum.

3.4.2. UDP-Lite

A special class of applications can derive benefit from having
partially damaged payloads delivered, rather than discarded, when
using paths that include error-prone links. Such applications can
tolerate payload corruption and MAY choose to use the Lightweight
User Datagram Protocol (UDP-Lite) [RFC3828] variant of UDP instead of
basic UDP. Applications that choose to use UDP-Lite instead of UDP
should still follow the congestion control and other guidelines
described for use with UDP in Section 3.

UDP-Lite changes the semantics of the UDP "payload length" field to
that of a "checksum coverage length" field. Otherwise, UDP-Lite is
semantically identical to UDP. The interface of UDP-Lite differs
from that of UDP by the addition of a single (socket) option that
communicates the checksum coverage length: at the sender, this
specifies the intended checksum coverage, with the remaining
unprotected part of the payload called the "error-insensitive part".
By default, the UDP-Lite checksum coverage extends across the entire
datagram. If required, an application may dynamically modify this
length value, e.g., to offer greater protection to some messages.
UDP-Lite always verifies that a packet was delivered to the intended
destination, i.e., always verifies the header fields. Errors in the
insensitive part will not cause a UDP datagram to be discarded by the
destination. Therefore, applications using UDP-Lite MUST NOT make
assumptions regarding the correctness of the data received in the
insensitive part of the UDP-Lite payload.

A UDP-Lite sender SHOULD select the minimum checksum coverage to
include all sensitive payload information. For example, applications
that use the Real-Time Protocol (RTP) [RFC3550] will likely want to
protect the RTP header against corruption. Applications, where
appropriate, MUST also introduce their own appropriate validity
checks for protocol information carried in the insensitive part of
the UDP-Lite payload (e.g., internal CRCs).

A UDP-Lite receiver MUST set a minimum coverage threshold for
incoming packets that is not smaller than the smallest coverage used
by the sender [RFC3828]. The receiver SHOULD select a threshold that
is sufficiently large to block packets with an inappropriately short
coverage field. This may be a fixed value, or it may be negotiated
by an application. UDP-Lite does not provide mechanisms to negotiate
the checksum coverage between the sender and receiver. Therefore,
this needs to be performed by the application.

Eggert, et al. Best Current Practice [Page 24]
RFC 8085 UDP Usage Guidelines March 2017

Applications can still experience packet loss when using UDP-Lite.
The enhancements offered by UDP-Lite rely upon a link being able to
intercept the UDP-Lite header to correctly identify the partial
coverage required. When tunnels and/or encryption are used, this can
result in UDP-Lite datagrams being treated the same as UDP datagrams,
i.e., result in packet loss. Use of IP fragmentation can also
prevent special treatment for UDP-Lite datagrams, and this is another
reason why applications SHOULD avoid IP fragmentation (Section 3.2).

UDP-Lite is supported in some endpoint protocol stacks. Current
support for middlebox traversal using UDP-Lite is poor, because UDP-
Lite uses a different IPv4 protocol number or IPv6 "next header"
value than that used for UDP; therefore, few middleboxes are
currently able to interpret UDP-Lite and take appropriate actions
when forwarding the packet. This makes UDP-Lite less suited for
applications needing general Internet support, until such time as
UDP-Lite has achieved better support in middleboxes.

3.5. Middlebox Traversal Guidelines

NATs and firewalls are examples of intermediary devices
("middleboxes") that can exist along an end-to-end path. A middlebox
typically performs a function that requires it to maintain per-flow
state. For connection-oriented protocols, such as TCP, middleboxes
snoop and parse the connection-management information, and create and
destroy per-flow state accordingly. For a connectionless protocol
such as UDP, this approach is not possible. Consequently,
middleboxes can create per-flow state when they see a packet that --
according to some local criteria -- indicates a new flow, and destroy
the state after some time during which no packets belonging to the
same flow have arrived.

Depending on the specific function that the middlebox performs, this
behavior can introduce a time-dependency that restricts the kinds of
UDP traffic exchanges that will be successful across the middlebox.
For example, NATs and firewalls typically define the partial path on
one side of them to be interior to the domain they serve, whereas the
partial path on their other side is defined to be exterior to that
domain. Per-flow state is typically created when the first packet
crosses from the interior to the exterior, and while the state is
present, NATs and firewalls will forward return traffic. Return
traffic that arrives after the per-flow state has timed out is
dropped, as is other traffic that arrives from the exterior.

Eggert, et al. Best Current Practice [Page 25]
RFC 8085 UDP Usage Guidelines March 2017

Many applications that use UDP for communication operate across
middleboxes without needing to employ additional mechanisms. One
example is the Domain Name System (DNS), which has a strict request-
response communication pattern that typically completes within
seconds.

Other applications may experience communication failures when
middleboxes destroy the per-flow state associated with an application
session during periods when the application does not exchange any UDP
traffic. Applications SHOULD be able to gracefully handle such
communication failures and implement mechanisms to re-establish
application-layer sessions and state.

For some applications, such as media transmissions, this
re-synchronization is highly undesirable, because it can cause user-
perceivable playback artifacts. Such specialized applications MAY
send periodic keep-alive messages to attempt to refresh middlebox
state (e.g., [RFC7675]). It is important to note that keep-alive
messages are not recommended for general use -- they are unnecessary
for many applications and can consume significant amounts of system
and network resources.

An application that needs to employ keep-alive messages to deliver
useful service over UDP in the presence of middleboxes SHOULD NOT
transmit them more frequently than once every 15 seconds and SHOULD
use longer intervals when possible. No common timeout has been
specified for per-flow UDP state for arbitrary middleboxes. NATs
require a state timeout of 2 minutes or longer [RFC4787]. However,
empirical evidence suggests that a significant fraction of currently
deployed middleboxes unfortunately use shorter timeouts. The timeout
of 15 seconds originates with the Interactive Connectivity
Establishment (ICE) protocol [RFC5245]. When an application is
deployed in a controlled environment, the deployer SHOULD investigate
whether the target environment allows applications to use longer
intervals, or whether it offers mechanisms to explicitly control
middlebox state timeout durations, for example, using the Port
Control Protocol (PCP) [RFC6887], Middlebox Communications (MIDCOM)
[RFC3303], Next Steps in Signaling (NSIS) [RFC5973], or Universal
Plug and Play (UPnP) [UPnP]. It is RECOMMENDED that applications
apply slight random variations ("jitter"/>
</sequence>
</complexType>

<complexType name="statusType">
<simpleContent>
<extension base="normalizedString">
<attribute name="s" type="host:statusValueType"
use="required"/>
<attribute name="lang" type="language"
default="en"/>
</extension>
</simpleContent>
</complexType>

<complexType name="panDataType">
<sequence>
<element name="name" type="host:paNameType"/>
<element name="paTRID" type="epp:trIDType"/>
<element name="paDate" type="dateTime"/>
</sequence>
</complexType>

Hollenbeck Standards Track [Page 24]
RFC 5732 EPP Host Mapping August 2009

</schema>
END

5. Internationalization Considerations

EPP is represented in XML, which provides native support for encoding
information using the Unicode character set and its more compact
representations including UTF-8. Conformant XML processors recognize
both UTF-8 and UTF-16 [RFC2781]. Though XML includes provisions to
identify and use other character encodings through use of an
"encoding" attribute in an <?xml?> declaration, use of UTF-8 is
RECOMMENDED in environments where parser encoding support
incompatibility exists.

All date-time values presented via EPP MUST be expressed in Universal
Coordinated Time using the Gregorian calendar. XML Schema allows use
of time zone identifiers to indicate offsets from the zero meridian,
but this option MUST NOT be used with EPP. The extended date-time
form using upper case "T" and "Z" characters defined in
[W3C.REC-xmlschema-2-20041028] MUST be used to represent date-time
values, as XML Schema does not support truncated date-time forms or
lower case "T" and "Z" characters.

The syntax for domain and host names described in this document MUST
conform to [RFC0952] and [RFC1123]. At the time of this writing, RFC
3490 [RFC3490] describes a standard to use certain ASCII name labels
to represent non-ASCII name labels. These conformance requirements
might change as a result of progressing work in developing standards
for internationalized host names.

6. IANA Considerations

This document uses URNs to describe XML namespaces and XML schemas
conforming to a registry mechanism described in [RFC3688]. Two URI
assignments have been registered by the IANA.

Hollenbeck Standards Track [Page 25]
RFC 5732 EPP Host Mapping August 2009

Registration request for the host namespace:

URI: urn:ietf:params:xml:ns:host-1.0

Registrant Contact: See the "Author's Address" section of this
document.

XML: None. Namespace URIs do not represent an XML specification.

Registration request for the host XML schema:

URI: urn:ietf:params:xml:schema:host-1.0

Registrant Contact: See the "Author's Address" section of this
document.

XML: See the "Formal Syntax" section of this document.

7. Security Considerations

The object mapping described in this document does not provide any
security services or introduce any additional considerations beyond
those described by [RFC5730] or those caused by the protocol layers
used by EPP.

8. Acknowledgements

RFC 3732 is a product of the PROVREG working group, which suggested
improvements and provided many invaluable comments. The author
wishes to acknowledge the efforts of WG chairs Edward Lewis and Jaap
Akkerhuis for their process and editorial contributions. RFC 4932
and this document are individual submissions, based on the work done
in RFC 3732.

Specific suggestions that have been incorporated into this document
were provided by Chris Bason, Jordyn Buchanan, Dave Crocker, Anthony
Eden, Sheer El-Showk, Klaus Malorny, Dan Manley, Michael Mealling,
Patrick Mevzek, and Rick Wesson.

9. References

9.1. Normative References

[RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
September 1981.

[RFC0952] Harrenstien, K., Stahl, M., and E. Feinler, "DoD Internet
host table specification", RFC 952, October 1985.

Hollenbeck Standards Track [Page 26]
RFC 5732 EPP Host Mapping August 2009

[RFC1034] Mockapetris, P., "Domain names - concepts and facilities",
STD 13, RFC 1034, November 1987.

[RFC1035] Mockapetris, P., "Domain names - implementation and
specification", STD 13, RFC 1035, November 1987.

[RFC1123] Braden, R., "Requirements for Internet Hosts - Application
and Support", STD 3, RFC 1123, October 1989.

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC3688] Mealling, M., "The IETF XML Registry", BCP 81, RFC 3688,
January 2004.

[RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
Architecture", RFC 4291, February 2006.

[RFC5730] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)",
STD 69, RFC 5730, August 2009.

[W3C.REC-xml-20040204]
Sperberg-McQueen, C., Maler, E., Yergeau, F., Paoli, J.,
and T. Bray, "Extensible Markup Language (XML) 1.0 (Third
Edition)", World Wide Web Consortium FirstEdition REC-xml-
20040204, February 2004,
<http://www.w3.org/TR/2004/REC-xml-20040204>.

[W3C.REC-xmlschema-1-20041028]
Maloney, M., Thompson, H., Mendelsohn, N., and D. Beech,
"XML Schema Part 1: Structures Second Edition", World Wide
Web Consortium Recommendation REC-xmlschema-1-20041028,
October 2004,
<http://www.w3.org/TR/2004/REC-xmlschema-1-20041028>.

[W3C.REC-xmlschema-2-20041028]
Malhotra, A. and P. Biron, "XML Schema Part 2: Datatypes
Second Edition", World Wide Web Consortium
Recommendation REC-xmlschema-2-20041028, October 2004,
<http://www.w3.org/TR/2004/REC-xmlschema-2-20041028>.

9.2. Informative References

[RFC2781] Hoffman, P. and F. Yergeau, "UTF-16, an encoding of ISO
10646", RFC 2781, February 2000.

Hollenbeck Standards Track [Page 27]
RFC 5732 EPP Host Mapping August 2009

[RFC2874] Crawford, M. and C. Huitema, "DNS Extensions to Support
IPv6 Address Aggregation and Renumbering", RFC 2874,
July 2000.

[RFC3490] Faltstrom, P., Hoffman, P., and A. Costello,
"Internationalizing Domain Names in Applications (IDNA)",
RFC 3490, March 2003.

[RFC3596] Thomson, S., Huitema, C., Ksinant, V., and M. Souissi,
"DNS Extensions to Support IP Version 6", RFC 3596,
October 2003.

[RFC4932] Hollenbeck, S., "Extensible Provisioning Protocol (EPP)
Host Mapping", RFC 4932, May 2007.

Hollenbeck Standards Track [Page 28]
RFC 5732 EPP Host Mapping August 2009

Appendix A. Changes from RFC 4932

1. Changed "This document obsoletes RFC 3732" to "This document
obsoletes RFC 4932".

2. Replaced references to RFC 1886 with references to 3596.

3. Removed references to RFC 3152 since both it and 1886 have been
obsoleted by 3596.

4. Replaced references to RFC 3732 with references to 4932.

5. Replaced references to RFC 4930 with references to 5730.

6. Added "Other notification methods MAY be used in addition to the
required service message" in Section 3.2.

7. Added 2201 response code text in Section 3.2.

8. Added BSD license text to XML schema section.

Author's Address

Scott Hollenbeck
VeriSign, Inc.
21345 Ridgetop Circle
Dulles, VA 20166-6503
US

EMail: shollenbeck@verisign.com

Hollenbeck Standards Track [Page 29]

Extensible Provisioning Protocol (EPP) Host Mapping RFC 5732 part of STD 69

Extensible Provisioning Protocol (EPP) Host Mapping
RFC 5732 part of STD 69