view Side-By-Side changes
|
INTERNET DRAFT
Requirements for IP Version 4 Routers |
November 28, 1994
6 March 1995
Document Revision 1.50 2.04 |
draft-ietf-rreq-cidr-01.txt |
Revision Date:
11/18/94
3/1/95 |
Philip Almquist --
Author
Frank Kastenholz
Fred Baker (Editor)
FTP Software, Inc
2 High Street
North Andover, Mass 01845-2620 USA
kasten@ftp.com
<draft-ietf-rreq-cidr-00.txt>
Cisco Systems
519 Lado Drive
Santa Barbara, California 93111
fred@cisco.com
Status of this Memo
This document is an Internet Draft. Internet Drafts are |
working documents of the Internet Engineering Task Force |
(IETF), its Areas, and its Working Groups. Note that other |
groups may also distribute working documents as Internet |
Drafts. |
Internet Drafts are draft documents valid for a maximum of six |
months. Internet Drafts may be updated, replaced, or |
obsoleted by other documents at any time. It is not |
appropriate to use Internet Drafts as reference material or to |
cite them other than as a ``working draft'' or ``work in |
progress.'' Please check the 1id-abstracts.txt listing |
Draft Requirements for IP Version 4 Routers March 1995
contained in the internet-drafts Shadow Directories on |
nic.ddn.mil, venera.isi.edu, nnsc.nsf.net, nic.nordu.net,
ftp.nisc.sri.com, or | munnari.oz.au to learn the current status
of any Internet | Draft. |
|
This is a working document only, it should neither be cited |
nor quoted in any formal document. |
This document will expire before 3 June 11 Sep. 1995. |
Distribution of this document is unlimited. |
Please send comments to The editor or the Router Requirements |
Working Group (rreq@isi.edu).
If your comment pertains to a particular piece of text, please |
remember to mention the section number. This document is very |
large and locating the text solely by context might not be
possible. Please also mention the date of this draft (3/1/95) |
(11/18/94)
and the revision level (1.50). |
November 28, 1994 (2.04).
IETF Exp. 11 Sep. 1995 [Page 2]
Draft Requirements for IP Version 4 Routers March 1995
0. PREFACE
This document is an updated version of RFC 1716, the |
historical Router Requirements document. That RFC preserved |
the significant work that went into the working group, but |
failed to adequately describe current technology for the IESG |
to consider it a current standard.
The current editor had been asked to bring the document up to |
date, so that it is useful as a procurement specification and |
a guide to implementors. In this, he stands squarely on the |
shoulders of those who have gone before him, and depends |
largely on expert contributors for text. Any credit is |
theirs,
theirs; the errors are his.
The content and form of this document are due, in large part,
to the working group's chair, and document's original editor
and author: Philip Almquist. It is also largely due to the |
efforst
efforts of its previous editor, Frank Kastenholz. Without |
their efforts, this document would not exist.
November 28, 1994
- 2 -
IETF Exp. 11 Sep. 1995 [Page 1]
Draft Requirements for IP Version 4 Routers March 1995
1. INTRODUCTION
The memo replaces for RFC-1009, Requirements RFC 1716, "Requirements for Internet
Gateways
Gateways" ([INTRO:1]).
This memo defines and discusses requirements for devices that |
perform the network layer forwarding function of the Internet |
protocol suite. The Internet community usually refers to such
devices as IP routers "IP routers" or simply routers; "routers"; The OSI community
refers to such devices as intermediate systems. "intermediate systems". Many older
Internet documents refer to these devices as gateways, "gateways", a
name which more recently has largely passed out of favor to
avoid confusion with application gateways.
An IP router can be distinguished from other sorts of packet
switching devices in that a router examines the IP protocol
header as part of the switching process. It generally removes |
the Link Layer header a message was received with, modifies |
the IP header, and replaces the Link Layer header for |
retransmission.
The authors of this memo recognize, as should its readers, |
that many routers support more than one protocol. Support for |
multiple protocol suites will be required in increasingly |
large parts of the Internet in the future. This memo,
however, does not attempt to specify Internet requirements for
protocol suites other than TCP/IP.
This document enumerates standard protocols that a router
connected to the Internet must use, and it incorporates by
reference the RFCs and other documents describing the current
specifications for these protocols. It corrects errors in the
referenced documents and adds additional discussion and
guidance for an implementor.
For each protocol, this memo also contains an explicit set of
requirements, recommendations, and options. The reader must
understand that the list of requirements in this memo is |
incomplete by itself. The complete set of requirements for an |
Internet protocol router is primarily defined in the standard
protocol specification documents, with the corrections,
amendments, and supplements contained in this memo.
This memo should be read in conjunction with the Requirements
IETF Exp. 11 Sep. 1995 [Page 2]
Draft Requirements for IP Version 4 Routers March 1995
for Internet Hosts RFCs ([INTRO:2] and [INTRO:3]). Internet
hosts and routers must both be capable of originating IP
datagrams and receiving IP datagrams destined for them. The
November 28, 1994
- 3 -
major distinction between Internet hosts and routers is that
routers implement forwarding algorithms, while Internet hosts |
do not require forwarding capabilities. Any Internet host
acting as a router must adhere to the requirements contained
in this memo.
The goal of open "open system interconnection interconnection" dictates that
routers must function correctly as Internet hosts when
necessary. To achieve this, this memo provides guidelines for
such instances. For simplification and ease of document
updates, this memo tries to avoid overlapping discussions of
host requirements with [INTRO:2] and [INTRO:3] and
incorporates the relevant requirements of those documents by
reference. In some cases the requirements stated in [INTRO:2]
and [INTRO:3] are superseded by this document.
A good-faith implementation of the protocols produced after
careful reading of the RFCs should differ from the |
requirements of this memo in only minor ways. Producing it | such
an implementation often requires some interaction with the
Internet technical | community, and must follow good
communications software | engineering practices. In many cases,
the requirements "requirements" in this document are already stated or
implied in the standard protocol documents, so that their
inclusion here is, in a sense, redundant. They were included
because some past | implementation has made the wrong choice,
causing problems of interoperability, performance, and/or
robustness.
This memo includes discussion and explanation of many of the
requirements and recommendations. A simple list of
requirements would be dangerous, because:
+ Some required features are more important than others, and
some features are optional.
+ Some features are critical in some applications of routers
but irrelevant in others.
+ There may be valid reasons why particular vendor products
that are designed for restricted contexts might choose to
IETF Exp. 11 Sep. 1995 [Page 3]
Draft Requirements for IP Version 4 Routers March 1995
use different specifications.
However, the specifications of this memo must be followed to
meet the general goal of arbitrary router interoperation
across the diversity and complexity of the Internet. Although
November 28, 1994
- 4 -
most current implementations fail to meet these requirements
in various ways, some minor and some major, this specification
is the ideal towards which we need to move.
These requirements are based on the current level of Internet
architecture. This memo will be updated as required to
provide additional clarifications or to include additional
information in those areas in which specifications are still
evolving.
1.1 Reading this Document
1.1.1 Organization
This memo emulates the layered organization used by
[INTRO:2] and [INTRO:3]. Thus, Chapter 2 describes the
layers found in the Internet architecture. Chapter 3
covers the Link Layer. Chapters 4 and 5 are concerned
with the Internet Layer protocols and forwarding
algorithms. Chapter 6 covers the Transport Layer. |
Upper layer protocols are divided among Chapters 7, 8, |
and 9. Chapter 7 discusses the protocols which routers |
use to exchange routing information with each other. |
Chapter 8 discusses network management. Chapter 9 |
discusses other upper layer protocols. The final
chapter covers operations and maintenance features.
This organization was chosen for simplicity, clarity,
and consistency with the Host Requirements RFCs.
Appendices to this memo include a bibliography, a
glossary, and some conjectures about future directions
of router standards.
In describing the requirements, we assume that an
implementation strictly mirrors the layering of the
protocols. However, strict layering is an imperfect
model, both for the protocol suite and for recommended
IETF Exp. 11 Sep. 1995 [Page 4]
Draft Requirements for IP Version 4 Routers March 1995
implementation approaches. Protocols in different
layers interact in complex and sometimes subtle ways,
and particular functions often involve multiple layers.
There are many design choices in an implementation, many
of which involve creative breaking "breaking" of strict layering.
Every implementor is urged to read [INTRO:4] and
[INTRO:5].
Each major section of this memo is organized into the |
following subsections:
November 28, 1994
- 5 -
(1) Introduction
(2) Protocol Walk-Through - considers the protocol
specification documents section-by-section,
correcting errors, stating requirements that may be
ambiguous or ill-defined, and providing further
clarification or explanation.
(3) Specific Issues - discusses protocol design and
implementation issues that were not included in the
walk-through.
Under many of the individual topics in this memo, there
is parenthetical material labeled DISCUSSION "DISCUSSION" or
IMPLEMENTATION.
"IMPLEMENTATION". This material is intended to give a
justification, clarification or explanation to the
preceding requirements text. The implementation
material contains suggested approaches that an
implementor may want to consider. The DISCUSSION and
IMPLEMENTATION sections are not part of the standard.
1.1.2 Requirements
In this memo, the words that are used to define the
significance of each particular requirement are
capitalized. These words are:
+ MUST "MUST"
This word means that the item is an absolute
requirement of the specification. Violation of such |
a requirement is a fundamental error; there is no |
case where it is justified.
IETF Exp. 11 Sep. 1995 [Page 5]
Draft Requirements for IP Version 4 Routers March 1995
+ MUST IMPLEMENT "MUST IMPLEMENT"
This phrase means that this specification requires
that the item be implemented, but does not require
that it be enabled by default.
+ MUST NOT "MUST NOT"
This phrase means that the item is an absolute
prohibition of the specification.
+ SHOULD "SHOULD"
This word means that there may exist valid reasons in
particular circumstances to ignore this item, but the
full implications should be understood and the case
November 28, 1994
- 6 -
carefully weighed before choosing a different course.
+ SHOULD IMPLEMENT "SHOULD IMPLEMENT"
This phrase is similar in meaning to SHOULD, but is
used when we recommend that a particular feature be
provided but does not necessarily recommend that it
be enabled by default.
+ SHOULD NOT "SHOULD NOT"
This phrase means that there may exist valid reasons
in particular circumstances when the described
behavior is acceptable or even useful, but useful. Even so, the
full implications should be understood and the case
carefully weighed before implementing any behavior
described with this label.
+ MAY "MAY"
This word means that this item is truly optional.
One vendor may choose to include the item because a
particular marketplace requires it or because it
enhances the product, for example; another vendor may
omit the same item.
1.1.3 Compliance
Some requirements are applicable to all routers. Other
requirements are applicable only to those which
implement particular features or protocols. In the
following paragraphs, Relevant "relevant" refers to the union of
the requirements applicable to all routers and the set
IETF Exp. 11 Sep. 1995 [Page 6]
Draft Requirements for IP Version 4 Routers March 1995
of requirements applicable to a particular router
because of the set of features and protocols it has
implemented.
Note that not all Relevant requirements are stated
directly in this memo. Various parts of this memo
incorporate by reference sections of the Host
Requirements specification, [INTRO:2] and [INTRO:3].
For purposes of determining compliance with this memo,
it does not matter whether a Relevant requirement is
stated directly in this memo or merely incorporated by
reference from one of those documents.
An implementation is said to be conditionally compliant "conditionally
compliant" if it satisfies all of the Relevant MUST, MUST
IMPLEMENT, and MUST NOT requirements. An implementation
November 28, 1994
- 7 -
is said to be unconditionally compliant "unconditionally compliant" if it is
conditionally compliant and also satisfies all of the
Relevant SHOULD, SHOULD IMPLEMENT, and SHOULD NOT
requirements. An implementation is not compliant if it
is not conditionally compliant (i.e., it fails to
satisfy one or more of the Relevant MUST, MUST
IMPLEMENT, or MUST NOT requirements).
This specification occasionally indicates that an |
implementation SHOULD implement a management variable, |
and that it SHOULD have a certain default value. An |
unconditionally compliant implementation implements the |
default behavior, and if there are other implemented |
behaviors implements the variable. A conditionally |
compliant implementation clearly documents what the |
default setting of the variable is or, in the absence of |
the implementation of a variable, may be construed to |
be. An implementation that both fails to implement the |
variable and chooses a different behavior is not |
compliant. | "not
compliant".
For any of the SHOULD and SHOULD NOT requirements, a
router may provide a configuration option that will
cause the router to act other than as specified by the
requirement. Having such a configuration option does
not void a router's claim to unconditional compliance if |
the option has a default setting, and that setting |
causes the router to operate in the required manner.
IETF Exp. 11 Sep. 1995 [Page 7]
Draft Requirements for IP Version 4 Routers March 1995
Likewise, routers may provide, except where explicitly
prohibited by this memo, options which cause them to
violate MUST or MUST NOT requirements. A router that |
provides such options is compliant (either fully or |
conditionally) if and only if each such option has a |
default setting that causes the router to conform to the |
requirements of this memo. Please note that the authors
of this memo, although aware of market realities,
strongly recommend against provision of such options.
Requirements are labeled MUST or MUST NOT because
experts in the field have judged them to be particularly
important to interoperability or proper functioning in
the Internet. Vendors should weigh carefully the
customer support costs of providing options that violate |
those rules.
November 28, 1994
- 8 -
Of course, this memo is not a complete specification of
an IP router, but rather is closer to what in the OSI
world is called a profile. For example, this memo
requires that a number of protocols be implemented.
Although most of the contents of their protocol
specifications are not repeated in this memo,
implementors are nonetheless required to implement the
protocols according to those specifications.
1.2 Relationships to Other Standards
There are several reference documents of interest in
checking the current status of protocol specifications and
standardization:
+ INTERNET OFFICIAL PROTOCOL STANDARDS
This document describes the Internet standards process
and lists the standards status of the protocols. As |
of this writing, the current version of this document |
is [ARCH:7]. This document is periodically re-issued.
You should always consult an RFC repository and use
the latest version of this document.
+ Assigned Numbers
This document lists the assigned values of the
parameters used in the various protocols. For
example, it lists IP protocol codes, TCP port numbers, |
IETF Exp. 11 Sep. 1995 [Page 8]
Draft Requirements for IP Version 4 Routers March 1995
Telnet Option Codes, ARP hardware types, and Terminal
Type names. As of this writing, the current version |
of this document is [INTRO:7]. This document is
periodically re-issued. You should always consult an
RFC repository and use the latest version of this
document.
+ Host Requirements
This pair of documents reviews the specifications that
apply to hosts and supplies guidance and clarification
for any ambiguities. Note that these requirements
also apply to routers, except where otherwise
specified in this memo. As of this writing, the |
current versions of these documents are [INTRO:2], and |
[INTRO:3].
+ Router Requirements (formerly Gateway Requirements) "Gateway Requirements")
This memo.
November 28, 1994
- 9 -
Note that these documents are revised and updated at
different times; in case of differences between these
documents, the most recent must prevail.
These and other Internet protocol documents may be
obtained from the:
DDN Network Information Center
14200 Park Meadow Drive,
Suite 200
Chantilly,
VA 22021
USA
nic@ds.internic.net
(800)
365-3642 or
(703)
802-4535
1.3 General Considerations
There are several important lessons that vendors of
Internet software have learned and which a new vendor
IETF Exp. 11 Sep. 1995 [Page 9]
Draft Requirements for IP Version 4 Routers March 1995
should consider seriously.
1.3.1 Continuing Internet Evolution
The enormous growth of the Internet has revealed
problems of management and scaling in a large datagram- datagram
based packet communication system. These problems are
being addressed, and as a result there will be
continuing evolution of the specifications described in
this memo. New routing protocols, algorithms, and
architectures are constantly being developed. New |
internet-layer
internet layer protocols, and modifications to existing |
protocols, are also constantly being devised. Routers |
play a crucial role in the Internet, and the number of |
routers deployed in the Internet is much smaller than |
the number of hosts. Vendors should therefore expect |
that router standards will continue to evolve much more |
quickly than host standards. These changes will be
carefully planned and controlled since there is
extensive participation in this planning by the vendors
and by the organizations responsible for operation of
the networks.
Development, evolution, and revision are characteristic
November 28, 1994
- 10 -
of computer network protocols today, and this situation
will persist for some years. A vendor who develops
computer communications software for the Internet
protocol suite (or any other protocol suite!) and then
fails to maintain and update that software for changing
specifications is going to leave a trail of unhappy
customers. The Internet is a large communication
network, and the users are in constant contact through
it. Experience has shown that knowledge of deficiencies
in vendor software propagates quickly through the
Internet technical community.
1.3.2 Robustness Principle
At every layer of the protocols, there is a general rule
(from [TRANS:2] by Jon Postel) whose application can
lead to enormous benefits in robustness and
interoperability:
Be
IETF Exp. 11 Sep. 1995 [Page 10]
Draft Requirements for IP Version 4 Routers March 1995
"Be conservative in what you do,
be liberal in what you accept from others. others."
Software should be written to deal with every
conceivable error, no matter how unlikely. Sooner or |
later Eventually a
packet will come in with that particular | combination of
errors and attributes, and unless the software is
prepared, chaos can ensue. It is best to | assume that
the network is filled with malevolent | entities that will
send packets designed to have the worst possible effect.
This assumption will lead to suitably protective design.
The most serious problems in the Internet have been
caused by unforeseen mechanisms triggered by low
probability events; mere human malice would never have
taken so devious a course!
Adaptability to change must be designed into all levels
of router software. As a simple example, consider a
protocol specification that contains an enumeration of
values for a particular header field - e.g., a type
field, a port number, or an error code; this enumeration
must be assumed to be incomplete. If the protocol
specification defines four possible error codes, the |
software must not break when a fifth code is defined.
An undefined code might be logged, but it must not cause
a failure.
November 28, 1994
- 11 -
The second part of the principal is almost as important: |
software on hosts or other routers may contain
deficiencies that make it unwise to exploit legal but
obscure protocol features. It is unwise to stray far
from the obvious and simple, lest untoward effects
result elsewhere. A corollary of this is watch "watch out for
misbehaving hosts; hosts"; router software should be prepared
to survive in the presence of misbehaving hosts. An
important function of routers in the Internet is to
limit the amount of disruption such hosts can inflict on
the shared communication facility.
1.3.3 Error Logging
The Internet includes a great variety of systems, each
implementing many protocols and protocol layers, and |
IETF Exp. 11 Sep. 1995 [Page 11]
Draft Requirements for IP Version 4 Routers March 1995
some of these contain bugs and misguided features in |
their Internet protocol software. As a result of
complexity, diversity, and distribution of function, the
diagnosis of problems is often very difficult.
Problem diagnosis will be aided if routers include a
carefully designed facility for logging erroneous or
strange
"strange" events. It is important to include as much
diagnostic information as possible when an error is
logged. In particular, it is often useful to record the
header(s) of a packet that caused an error. However,
care must be taken to ensure that error logging does not
consume prohibitive amounts of resources or otherwise
interfere with the operation of the router.
There is a tendency for abnormal but harmless protocol
events to overflow error logging files; this can be
avoided by using a circular "circular" log, or by enabling
logging only while diagnosing a known failure. It may
be useful to filter and count duplicate successive
messages. One strategy that seems to work well is to
both:
+ Always count abnormalities and make such counts
accessible through the management protocol (see
Chapter 8); and
+ Allow the logging of a great variety of events to be
selectively enabled. For example, it might useful to
be able to log everything "log everything" or to log "log everything for
host X. X".
This topic is further discussed in [MGT:5].
November 28, 1994
- 12 -
1.3.4 Configuration
In an ideal world, routers would be easy to configure,
and perhaps even entirely self-configuring. However,
practical experience in the real world suggests that
this is an impossible goal, and that many attempts by |
vendors to make configuration easy actually cause |
customers more grief than they prevent. As an extreme
example, a router designed to come up and start routing
packets without requiring any configuration information
at all would almost certainly choose some incorrect
IETF Exp. 11 Sep. 1995 [Page 12]
Draft Requirements for IP Version 4 Routers March 1995
parameter, possibly causing serious problems on any
networks unfortunate enough to be connected to it.
Often this memo requires that a parameter be a
configurable option. There are several reasons for
this. In a few cases there currently is some
uncertainty or disagreement about the best value and it
may be necessary to update the recommended value in the
future. In other cases, the value really depends on
external factors - e.g., the distribution of its
communication load, or the speeds and topology of nearby
networks - and self-tuning algorithms are unavailable
and may be insufficient. In some cases, configurability
is needed because of administrative requirements.
Finally, some configuration options are required to
communicate with obsolete or incorrect implementations
of the protocols, distributed without sources, that
persist in many parts of the Internet. To make correct
systems coexist with these faulty systems,
administrators must occasionally misconfigure the
correct systems. This problem will correct itself
gradually as the faulty systems are retired, but cannot
be ignored by vendors.
When we say that a parameter must be configurable, we do
not intend to require that its value be explicitly read
from a configuration file at every boot time. For many
parameters, there is one value that is appropriate for
all but the most unusual situations. In such cases, it
is quite reasonable that the parameter default to that
value if not explicitly set.
This memo requires a particular value for such defaults
in some cases. The choice of default is a sensitive
issue when the configuration item controls accommodation
November 28, 1994
- 13 -
of existing, faulty, systems. If the Internet is to
converge successfully to complete interoperability, the
default values built into implementations must implement
the official protocol, not misconfigurations to
accommodate faulty implementations. Although marketing
considerations have led some vendors to choose
misconfiguration defaults, we urge vendors to choose
defaults that will conform to the standard.
IETF Exp. 11 Sep. 1995 [Page 13]
Draft Requirements for IP Version 4 Routers March 1995
Finally, we note that a vendor needs to provide adequate
documentation on all configuration parameters, their
limits and effects.
1.4 Algorithms
In several places in this memo, specific algorithms that a
router ought to follow are specified. These algorithms are
not, per se, required of the router. A router need not
implement each algorithm as it is written in this document.
Rather, an implementation must present a behavior to the
external world that is the same as a strict, literal,
implementation of the specified algorithm.
Algorithms are described in a manner that differs from the
way a good implementor would implement them. For
expository purposes, a style that emphasizes conciseness,
clarity, and independence from implementation details has
been chosen. A good implementor will choose algorithms and |
implementation methods that produce the same results as
these algorithms, but may be more efficient or less
general.
We note that the art of efficient router implementation is |
outside the scope of this memo.
November 28, 1994
- 14 -
IETF Exp. 11 Sep. 1995 [Page 14]
Draft Requirements for IP Version 4 Routers March 1995
2. INTERNET ARCHITECTURE
This chapter does not contain any requirements. However, it
does contain useful background information on the general
architecture of the Internet and of routers.
General background and discussion on the Internet architecture
and supporting protocol suite can be found in the DDN Protocol
Handbook [ARCH:1]; for background see for example [ARCH:2],
[ARCH:3], and [ARCH:4]. The Internet architecture and
protocols are also covered in an ever-growing number of
textbooks, such as [ARCH:5] and [ARCH:6].
2.1 Introduction
The Internet system consists of a number of interconnected
packet networks supporting communication among host
computers using the Internet protocols. These protocols
include the Internet Protocol (IP), the Internet Control
Message Protocol (ICMP), the Internet Group Management
Protocol (IGMP), and a variety transport and application
protocols that depend upon them. As was described in
Section [1.2], the Internet Engineering Steering Group
periodically releases an Official Protocols "Official Protocols" memo listing
all of the Internet protocols.
All Internet protocols use IP as the basic data transport
mechanism. IP is a datagram, or connectionless,
internetwork service and includes provision for addressing,
type-of-service specification, fragmentation and
reassembly, and security. ICMP and IGMP are considered
integral parts of IP, although they are architecturally
layered upon IP. ICMP provides error reporting, flow
control, first-hop router redirection, and other
maintenance and control functions. IGMP provides the
mechanisms by which hosts and routers can join and leave IP
multicast groups.
Reliable data delivery is provided in the Internet protocol
suite by Transport Layer protocols such as the Transmission
Control Protocol (TCP), which provides end-end
retransmission, resequencing and connection control.
Transport Layer connectionless service is provided by the
IETF Exp. 11 Sep. 1995 [Page 15]
Draft Requirements for IP Version 4 Routers March 1995
User Datagram Protocol (UDP).
November 28, 1994
- 15 -
2.2 Elements of the Architecture
2.2.1 Protocol Layering
To communicate using the Internet system, a host must
implement the layered set of protocols comprising the
Internet protocol suite. A host typically must
implement at least one protocol from each layer.
The protocol layers used in the Internet architecture
are as follows [ARCH:7]:
+ Application Layer
The Application Layer is the top layer of the
Internet protocol suite. The Internet suite does not
further subdivide the Application Layer, although
some application layer protocols do contain some
internal sub-layering. The application layer of the
Internet suite essentially combines the functions of
the top two layers - Presentation and Application -
of the OSI Reference Model [ARCH:8]. The Application
Layer in the Internet protocol suite also includes
some of the function relegated to the Session Layer
in the OSI Reference Model.
We distinguish two categories of application layer
protocols: user protocols that provide service
directly to users, and support protocols that provide
common system functions. The most common Internet
user protocols are:
- Telnet (remote login)
- FTP (file transfer)
- SMTP (electronic mail delivery)
There are a number of other standardized user
protocols and many private user protocols.
Support protocols, used for host name mapping,
booting, and management, management include SNMP, BOOTP, TFTP,
IETF Exp. 11 Sep. 1995 [Page 16]
Draft Requirements for IP Version 4 Routers March 1995
the Domain Name System (DNS) protocol, and a variety
of routing protocols.
Application Layer protocols relevant to routers are
discussed in chapters 7, 8, and 9 of this memo.
+ Transport Layer
The Transport Layer provides end-to-end communication
services. This layer is roughly equivalent to the
Transport Layer
"Transport Layer" in the OSI Reference Model, except
November 28, 1994
- 16 -
that it also incorporates some of OSI's Session Layer
establishment and destruction functions.
There are two primary Transport Layer protocols at
present:
- Transmission Control Protocol (TCP)
- User Datagram Protocol (UDP)
TCP is a reliable connection-oriented transport
service that provides end-to-end reliability,
resequencing, and flow control. UDP is a
connectionless (datagram) ("datagram") transport service. Other
transport protocols have been developed by the
research community, and the set of official Internet
transport protocols may be expanded in the future.
Transport Layer protocols relevant to routers are
discussed in Chapter 6.
+ Internet Layer
All Internet transport protocols use the Internet
Protocol (IP) to carry data from source host to
destination host. IP is a connectionless or datagram
internetwork service, providing no end-to-end
delivery guarantees. IP datagrams may arrive at the
destination host damaged, duplicated, out of order,
or not at all. The layers above IP are responsible
for reliable delivery service when it is required.
The IP protocol includes provision for addressing,
type-of-service specification, fragmentation and
reassembly, and security.
The datagram or connectionless nature of IP is a
fundamental and characteristic feature of the
IETF Exp. 11 Sep. 1995 [Page 17]
Draft Requirements for IP Version 4 Routers March 1995
Internet architecture.
The Internet Control Message Protocol (ICMP) is a
control protocol that is considered to be an integral
part of IP, although it is architecturally layered |
upon IP - it uses IP to carry its data end-to-end.
ICMP provides error reporting, congestion reporting,
and first-hop router redirection.
The Internet Group Management Protocol (IGMP) is an
Internet layer protocol used for establishing dynamic
November 28, 1994
- 17 -
host groups for IP multicasting.
The Internet layer protocols IP, ICMP, and IGMP are
discussed in chapter 4.
+ Link Layer
To communicate on a directly connected network, a |
host must implement the communication protocol used
to interface to that network. We call this a Link |
Layer protocol.
Some older Internet documents refer to this layer as
the Network Layer, "Network Layer", but it is not the same as the
Network Layer
"Network Layer" in the OSI Reference Model.
This layer contains everything below "below" the Internet |
Layer and above "above" the Physical Layer (which is the |
media connectivity, normally electrical or optical, |
which encodes and transports messages). Its |
responsibility is the correct delivery of messages, |
among which it does not differentiate.
Protocols in this Layer are generally outside the
scope of Internet standardization; the Internet
(intentionally) uses existing standards whenever
possible. Thus, Internet Link Layer standards
usually address only address resolution and rules for
transmitting IP packets over specific Link Layer
protocols. Internet Link Layer standards are
discussed in chapter 3.
IETF Exp. 11 Sep. 1995 [Page 18]
Draft Requirements for IP Version 4 Routers March 1995
2.2.2 Networks
The constituent networks of the Internet system are
required to provide only packet (connectionless)
transport. According to the IP service specification,
datagrams can be delivered out of order, be lost or
duplicated, and/or contain errors.
For reasonable performance of the protocols that use IP
(e.g., TCP), the loss rate of the network should be very
low. In networks providing connection-oriented service,
the extra reliability provided by virtual circuits
enhances the end-end robustness of the system, but is
not necessary for Internet operation.
November 28, 1994
- 18 -
Constituent networks may generally be divided into two
classes:
+ Local-Area Networks (LANs)
LANs may have a variety of designs. LANs normally |
cover a small geographical area (e.g., a single
building or plant site) and provide high bandwidth
with low delays. LANs may be passive (similar to
Ethernet) or they may be active (such as ATM). |
+ Wide-Area Networks (WANs)
Geographically dispersed hosts and LANs are |
interconnected by wide-area networks, also called
long-haul networks. These networks may have a
complex internal structure of lines and packet-
switches, or they may be as simple as point-to-
point lines.
2.2.3 Routers
In the Internet model, constituent networks are
connected together by IP datagram forwarders which are
called routers "routers" or IP routers. "IP routers". In this document,
every use of the term router "router" is equivalent to IP router. "IP
router". Many older Internet documents refer to routers
as gateways. "gateways".
Historically, routers have been realized with packet-
IETF Exp. 11 Sep. 1995 [Page 19]
Draft Requirements for IP Version 4 Routers March 1995
switching software executing on a general-purpose CPU.
However, as custom hardware development becomes cheaper
and as higher throughput is required, but special- special purpose
hardware is becoming increasingly common. This
specification applies to routers regardless of how they
are implemented.
A router connects to two or more logical interfaces, |
represented by IP subnets or unnumbered point to point |
lines (discussed in section [2.2.7]). Thus, it has at |
least one physical interface. Forwarding an IP datagram
generally requires the router to choose the address and |
relevant interface of the next-hop router or (for the |
final hop) the destination host. This choice, called |
relaying
"relaying" or forwarding "forwarding depends upon a route database |
within the router. The route database is also called a |
routing table or forwarding table. The term "router" |
derives from the process of building this route |
database; routing protocols and configuration interact |
November 28, 1994
- 19 -
in a process called routing. "routing".
The routing database should be maintained dynamically to
reflect the current topology of the Internet system. A
router normally accomplishes this by participating in
distributed routing and reachability algorithms with
other routers.
Routers provide datagram transport only, and they seek
to minimize the state information necessary to sustain
this service in the interest of routing flexibility and
robustness.
Packet switching devices may also operate at the Link
Layer; such devices are usually called bridges. "bridges".
Network | segments that are connected by bridges share the
same IP | network prefix forming a single IP subnet.
These other | devices are outside the scope of this
document.
2.2.4 Autonomous Systems
For technical, managerial, and sometimes political
reasons, the routers of the Internet system are grouped
IETF Exp. 11 Sep. 1995 [Page 20]
Draft Requirements for IP Version 4 Routers March 1995
into collections called autonomous systems. "autonomous systems". The
routers included in a single autonomous system (AS) are
expected to:
+ Be under the control of a single operations and |
maintenance (O&M) organization;
+ Employ common routing protocols among themselves, to |
dynamically maintain their routing databases.
A number of different dynamic routing protocols have
been developed (see Section [7.2]); the routing protocol
within a single AS is generically called an interior
gateway protocol or IGP.
An IP datagram may have to traverse the routers of two |
or more Autonomous Systems to reach its destination, and |
the Autonomous Systems must provide each other with |
topology information to allow such forwarding. An
exterior gateway protocol (generally BGP or EGP) is used
for this purpose. |
November 28, 1994
- 20 -
2.2.5 Addressing Architecture
An IP datagram carries 32-bit source and destination
addresses, each of which is partitioned into two parts -
a constituent network prefix and a host number on that |
network. Symbolically:
IP-address ::= { <Network-prefix>, <Host-number> } |
To finally deliver the datagram, the last router in its
path must map the Host-number (or rest) "rest") part of an IP |
address to the host's Link Layer address. |
2.2.5.1 Classical IP Addressing Architecture
Although well documented elsewhere [INTERNET:2], it |
is useful to describe the historical use of the |
network prefix. The language developed to describe |
it is used in this and other documents and permeates |
the thinking behind many protocols.
IETF Exp. 11 Sep. 1995 [Page 21]
Draft Requirements for IP Version 4 Routers March 1995
The simplest classical network prefix is the Class A, |
B, C, D, or C E network prefix. These address ranges
are | discriminated by observing the values of the most |
significant bits of the address, and break the |
address into simple prefix and host number fields. |
This is described in [INTERNET:18]. | In short, the
classification is:
0xxx - Class A - general purpose unicast
addresses with standard 8 bit prefix
10xx - Class B - general purpose unicast
addresses with standard 16 bit prefix
110x - Class C - general purpose unicast
addresses with standard 24 bit prefix
1110 - Class D - IP Multicast Addresses - 28 bit
prefix, non-aggregatable
1111 - Class E - reserved for experimental use
This simple notion has been extended by the concept |
of subnets. "subnets". These were introduced in order to allow |
arbitrary complexity of interconnected LAN structures |
within an organization, while insulating the Internet |
system against explosive growth in assigned network |
prefixes and routing complexity. Subnets provide a |
multi-level hierarchical routing structure for the |
Internet system. The subnet extension, described in
[INTERNET:2], is a required part of the Internet |
architecture. The basic idea is to partition the |
<Host-number> field into two parts: a subnet number, |
and a true host number on that subnet:
IP-address ::=
{ <Network-number>, <Subnet-number>, <Host-
number> }
The interconnected physical networks within an |
organization use the same network prefix but |
different subnet numbers. The distinction between |
November 28, 1994
- 21 -
the subnets of such a subnetted network is not |
normally visible outside of that network. Thus, |
routing in the rest of the Internet uses only the |
<Network-prefix> part of the IP destination address. |
Routers outside the network treat <Network-prefix>
and <Host-number> together as an uninterpreted rest | "rest"
IETF Exp. 11 Sep. 1995 [Page 22]
Draft Requirements for IP Version 4 Routers March 1995
part of the 32-bit IP address. Within the subnetted
network, the routers use the extended network prefix: |
{ <Network-number>, <Subnet-number> }
The bit positions containing this extended network |
number have historically been indicated by a 32-bit |
mask called the subnet mask. "subnet mask". The <Subnet-number> |
bits SHOULD be contiguous and fall between the |
<Network-number> and the <Host-number> fields. More |
up to date protocols do not refer to a subnet mask, |
but to a prefix length; "prefix length"; the "prefix" portion of an |
address is that which would be selected by a subnet |
mask whose most significant bits are all ones and the |
rest are zeroes. The length of the prefix equals the |
number of ones in the subnet mask. This document |
assumes that all subnet masks are expressible as |
prefix lengths. |
The inventors of the subnet mechanism presumed that |
each piece of an organization's network would have |
only a single subnet number. In practice, it has |
often proven necessary or useful to have several |
subnets share a single physical cable. For this |
reason, routers should be capable of configuring |
multiple subnets on the same physical interfaces, and |
treat them (from a routing or forwarding perspective) |
as though they were distinct physical interfaces. |
2.2.5.2 Classless Inter Domain Routing (CIDR)
The explosive growth of the Internet has forced a |
review of address assignment policies. The |
traditional uses of Class general purpose (Class A, B, and C
C) networks are |
being have been modified in order to achieve better use
of IP's 32-bit address space. Classless Inter Domain
Routing | (CIDR) [INTERNET:15] is a method currently
being deployed in the Internet backbones to achieve
this added efficiency. CIDR depends on deploying and |
November 28, 1994
- 22 -
routing to arbitrary addressing domains. arbitrarily sized networks. In this |
model, hosts and routers make no assumptions about |
the use of addressing in the internet. The Class D
IETF Exp. 11 Sep. 1995 [Page 23]
Draft Requirements for IP Version 4 Routers March 1995
(IP Multicast) and Class E (Experimental) address
spaces are preserved, although this is primarily an
assignment policy.
By definition, CIDR comprises three elements:
+ topologically significant address assignment,
+ routing protocols that are capable of aggregating
network layer reachability information, and
+ consistent forwarding algorithm ("longest
match").
The use of networks and subnets is now historical, |
although the language used to describe them remains |
in current use. They have been replaced by the more |
tractable concept of a network prefix. "network prefix". A network |
prefix is, by definition, a contiguous set of bits at |
the more significant end of the address that defines |
a set of systems; host numbers select among those |
systems. There is no requirement that all of the |
internet use network prefixes uniformly. To collapse |
routing information, it is useful to divide the |
internet into addressing domains. Within such a |
domain, detailed information is available about |
constituent networks; outside it, only the common |
network prefix is advertised.
The classical IP addressing architecture used |
addresses and subnet masks to discriminate the host |
number from the network prefix. With network |
prefixes, it is sufficient to indicate the number of |
bits in the prefix. Both representations are in |
common use. Architecturally correct subnet masks are |
capable of being represented using the prefix length |
description. They comprise that subset of all |
possible bits patterns that have |
+ a contiguous string of ones at the more |
significant end, |
+ a contiguous string of zeros at the less |
significant end, and |
+ no intervening bits. |
Routers SHOULD always treat a route as a network |
prefix, and SHOULD reject configuration and routing |
information inconsistent with that model. |
IETF Exp. 11 Sep. 1995 [Page 24]
Draft Requirements for IP Version 4 Routers March 1995
IP-address ::= { < Network-prefix>, <Host-number> |
} |
An effect of the use of CIDR is that the set of |
November 28, 1994
- 23 -
destinations associated with address prefixes in the |
routing table may exhibit subset relationship. A |
route describing a smaller set of destinations (a |
longer prefix) is said to be more specific than a |
route describing a larger set of destinations (a |
shorter prefix); similarly, a route describing a |
larger set of destinations (a shorter prefix) is said |
to be less specific than a route describing a smaller |
set of destinations (a longer prefix).Routers prefix). Routers must |
use the most specific matching route (the longest |
matching network prefix) when forwarding traffic.
2.2.6 IP Multicasting
IP multicasting is an extension of Link Layer multicast
to IP internets. Using IP multicasts, a single datagram |
can be addressed to multiple hosts without sending it to |
all. In the extended case, these hosts may reside in |
different address domains. This collection of hosts is
called a multicast group. Each multicast group is
represented as a Class D IP address. An IP datagram
sent to the group is to be delivered to each group
member with the same best-effort delivery as that
provided for unicast IP traffic. The sender of the
datagram does not itself need to be a member of the
destination group.
The semantics of IP multicast group membership are |
defined in [INTERNET:4]. That document describes how |
hosts and routers join and leave multicast groups. It
also defines a protocol, the Internet Group Management
Protocol (IGMP), that monitors IP multicast group
membership.
Forwarding of IP multicast datagrams is accomplished
either through static routing information or via a
multicast routing protocol. Devices that forward IP
multicast datagrams are called multicast routers. They
may or may not also forward IP unicasts. Multicast |
IETF Exp. 11 Sep. 1995 [Page 25]
Draft Requirements for IP Version 4 Routers March 1995
datagrams are forwarded on the basis of both their |
source and destination addresses. Forwarding of IP
multicast packets is described in more detail in Section
[5.2.1]. Appendix D discusses multicast routing
protocols. |
November 28, 1994
- 24 -
2.2.7 Unnumbered Lines and Networks Prefixes
Traditionally, each network interface on an IP host or
router has its own IP address. This can cause |
inefficient use of the scarce IP address space, since it |
forces allocation of an IP network prefix to every |
point-to-point link.
To solve this problem, a number of people have proposed
and implemented the concept of unnumbered serial lines. | "unnumbered point to
point lines". An unnumbered serial point to point line does
not have any network | prefix associated with it. As a
consequence, the network interfaces connected to an
unnumbered serial point to point line do not have IP addresses.
Because the IP architecture has traditionally assumed
that all interfaces had IP addresses, these unnumbered
interfaces cause some interesting dilemmas. For
example, some IP options (e.g. (e.g., Record Route) specify
that a router must insert the interface address into the
option, but an unnumbered interface has no IP address.
Even more fundamental (as we shall see in chapter 5) is
that routes contain the IP address of the next hop
router. A router expects that this IP address will be |
on an IP (sub)net to which the router is connected. |
That assumption is of course violated if the only |
connection is an unnumbered serial point to point line.
To get around these difficulties, two schemes have been |
conceived. The first scheme says that two routers
connected by an unnumbered serial point to point line are not
really | two routers at all, but rather two half-routers "half-routers"
that | together make up a single virtual router. The |
unnumbered serial point to point line is essentially considered
to be | an internal bus in the virtual router. The two
halves of the virtual router must coordinate their
activities in such a way that they act exactly like a
IETF Exp. 11 Sep. 1995 [Page 26]
Draft Requirements for IP Version 4 Routers March 1995
single router.
This scheme fits in well with the IP architecture, but
suffers from two important drawbacks. The first is
that, although it handles the common case of a single
unnumbered serial point to point line, it is not readily
extensible to handle the case of a mesh of routers and
unnumbered
serial point to point lines. The second drawback is
that the interactions between the half routers are
necessarily complex and are not standardized,
effectively precluding
November 28, 1994
- 25 - the connection of equipment from
different vendors using unnumbered serial point to point lines.
Because of these drawbacks, this memo has adopted an |
alternate scheme, which has been invented multiple times
but which is probably originally attributable to Phil
Karn. In this scheme, a router that has unnumbered |
serial
point to point lines also has a special IP address,
called a
router-id "router-id" in this memo. The router-id is one
of the router's IP addresses (a router is required to
have at least one IP address). This router-id is used
as if it is the IP address of all unnumbered interfaces.
2.2.8 Notable Oddities
2.2.8.1 Embedded Routers
A router may be a stand-alone computer system,
dedicated to its IP router functions. Alternatively,
it is possible to embed router functions within a
host operating system that supports connections to |
two or more networks. The best-known example of an
operating system with embedded router code is the
Berkeley BSD system. The embedded router feature |
seems to make building a network easy, but it has a
number of hidden pitfalls:
(1) If a host has only a single constituent-network |
interface, it should not act as a router.
For example, hosts with embedded router code
IETF Exp. 11 Sep. 1995 [Page 27]
Draft Requirements for IP Version 4 Routers March 1995
that gratuitously forward broadcast packets or
datagrams on the same net often cause packet
avalanches.
(2) If a (multihomed) host acts as a router, it must |
implement ALL is
subject to the relevant router requirements | for routers
contained in this document.
For example, the routing protocol issues and the
router control and monitoring problems are as
hard and important for embedded routers as for
stand-alone routers.
Internet router requirements and specifications |
may change independently of operating system |
November 28, 1994
- 26 -
changes. An administration that operates an |
embedded router in the Internet is strongly |
advised to have the ability to maintain and | update the router code.
This might require | router source code.
(3) When a host executes embedded router code, it
becomes | part of the Internet infrastructure.
Thus, errors in software or configuration can
hinder communication between other hosts. As a
consequence, the host administrator must lose
some autonomy.
In many circumstances, a host administrator will
need to disable router code embedded in the
operating system. Embedded router code must be |
organized so that For this reason, it can should be easily disabled.
straightforward to disable embedded router
functionality.
(4) When a host running embedded router code is |
concurrently used for other services, the |
Operation and Maintenance requirements for the |
two modes of use may conflict.
For example, router O&M will in many cases be
performed remotely by an operations center; this |
may require privileged system access that the |
host administrator would not normally want to |
distribute.
IETF Exp. 11 Sep. 1995 [Page 28]
Draft Requirements for IP Version 4 Routers March 1995
2.2.8.2 Transparent Routers
There are two basic models for interconnecting
local-area networks and wide-area (or long-haul)
networks in the Internet. In the first, the local- |
area network is assigned a network prefix and all |
routers in the Internet must know how to route to
that network. In the second, the local-area network
shares (a small part of) the address space of the
wide-area network. Routers that support this second
model are called address "address sharing routers routers" or
transparent routers.
"transparent routers". The focus of this memo is on
routers that support the first model, but this is not
intended to exclude the use of transparent routers.
The basic idea of a transparent router is that the
hosts on the local-area network behind such a router
November 28, 1994
- 27 -
share the address space of the wide-area network in
front of the router. In certain situations this is a
very useful approach and the limitations do not
present significant drawbacks.
The words in front "in front" and behind "behind" indicate one of the
limitations of this approach: this model of
interconnection is suitable only for a geographically
(and topologically) limited stub environment. It
requires that there be some form of logical
addressing in the network level addressing of the
wide-area network. All of the IP addresses in the local
environment map to a few (usually one) physical
address in the wide-area network. This mapping
occurs in a way consistent with the { IP address <->
network address } mapping used throughout the wide-
area network.
Multihoming is possible on one wide-area network, but
may present routing problems if the interfaces are
geographically or topologically separated.
Multihoming on two (or more) wide-area networks is a
problem due to the confusion of addresses.
The behavior that hosts see from other hosts in what
is apparently the same network may differ if the
transparent router cannot fully emulate the normal
IETF Exp. 11 Sep. 1995 [Page 29]
Draft Requirements for IP Version 4 Routers March 1995
wide-area network service. For example, the ARPANET
used a Link Layer protocol that provided a
Destination Dead
"Destination Dead" indication in response to an
attempt | to send to a host that was off-line.
However, if there were a transparent router between
the ARPANET and an Ethernet, a host on the ARPANET
would not | receive a Destination Dead indication for
Ethernet | hosts.
2.3 Router Characteristics
An Internet router performs the following functions:
(1) Conforms to specific Internet protocols specified in |
this document, including the Internet Protocol (IP),
Internet Control Message Protocol (ICMP), and others
as necessary.
(2) Interfaces to two or more packet networks. For each |
November 28, 1994
- 28 -
connected network the router must implement the |
functions required by that network. These functions
typically include:
+ Encapsulating and decapsulating the IP datagrams |
with the connected network framing (e.g., an
Ethernet header and checksum),
+ Sending and receiving IP datagrams up to the | maximum
size supported by that network, this size is the
network's Maximum "Maximum Transmission Unit Unit" or MTU, "MTU",
+ Translating the IP destination address into an |
appropriate network-level address for the connected |
network (e.g., an Ethernet hardware address), if
needed, and
+ Responding to the network flow control and error |
indication,
indications, if any.
See chapter 3 (Link Layer).
(3) Receives and forwards Internet datagrams. Important |
issues in this process are buffer management,
IETF Exp. 11 Sep. 1995 [Page 30]
Draft Requirements for IP Version 4 Routers March 1995
congestion control, and fairness.
+ Recognizes error conditions and generates ICMP | error
and information messages as required.
+ Drops datagrams whose time-to-live fields have
reached zero.
+ Fragments datagrams when necessary to fit into the |
MTU of the next network.
See chapter 4 (Internet Layer - Protocols) and chapter |
5 (Internet Layer - Forwarding) for more information. |
(4) Chooses a next-hop destination for each IP datagram, |
based on the information in its routing database. See |
chapter 5 (Internet Layer - Forwarding) for more
information. |
(5) (Usually) supports an interior gateway protocol (IGP) |
to carry out distributed routing and reachability |
algorithms with the other routers in the same
autonomous system. In addition, some routers will
November 28, 1994
- 29 -
need to support an exterior gateway protocol (EGP) to
exchange topological information with other autonomous
systems. See chapter 7 (Application Layer - Routing |
Protocols) for more information.
(6) Provides network | management and system support
facilities, including loading, debugging, status
reporting, exception reporting and control. See
chapter 8 (Application Layer - Network Management
Protocols) and chapter 10 (Operation and Maintenance)
for more information.
A router vendor will have many choices on power,
complexity, and features for a particular router product.
It may be helpful to observe that the Internet system is
neither homogeneous nor fully connected. For reasons of |
technology and geography it is growing into a global
interconnect system plus a fringe "fringe" of LANs around the edge.
"edge". More and more these fringe LANs are becoming
richly interconnected, thus making them less out on the
fringe and more demanding on router requirements.
IETF Exp. 11 Sep. 1995 [Page 31]
Draft Requirements for IP Version 4 Routers March 1995
+ The global interconnect system is composed of a number | of
wide-area networks to which are attached routers of |
several Autonomous Systems (AS); there are relatively
few hosts connected directly to the system.
+ Most hosts are connected to LANs. Many organizations
have clusters of LANs interconnected by local routers.
Each such cluster is connected by routers at one or more
points into the global interconnect system. If it is
connected at only one point, a LAN is known as a stub "stub"
network.
Routers in the global interconnect system generally
require:
+ Advanced Routing and Forwarding Algorithms
These routers need routing algorithms that are highly |
dynamic
dynamic, impose minimal processing and communication
burdens, and also offer type-of-service routing. | Congestion
is still not a completely resolved issue (see | Section
[5.3.6]). Improvements in these areas are expected, as
the research community is actively working on these
issues.
+ High Availability
November 28, 1994
- 30 -
These routers need to be highly reliable, providing 24
hours a day, 7 days a week service. Equipment and |
software faults can have a wide-spread (sometimes |
global) effect. In case of failure, they must recover
quickly. In any environment, a router must be highly |
robust and able to oper operate, possibly in a degraded
state, under conditions of extreme congestion or failure
of network resources.
+ Advanced O&M Features
Internet routers normally operate in an unattended mode.
They will typically be operated remotely from a
centralized monitoring center. They need to provide
sophisticated means for monitoring and measuring traffic
and other events and for diagnosing faults.
IETF Exp. 11 Sep. 1995 [Page 32]
Draft Requirements for IP Version 4 Routers March 1995
+ High Performance
Long-haul lines in the Internet today are most |
frequently full duplex 56 KBPS, DS1 (1.4Mbps), and (1.544 Mbps), or DS3 (45Mbps)
(45 Mbps) speeds. LANs LANs, which are half duplex
multiaccess media, are typically Ethernet (10Mbps) and,
to a lesser degree, FDDI (100Mbps). However, network
media technology is constantly advancing and even higher
speeds are likely in the future. Full-duplex operation
is provided at all of these speeds.
The requirements for routers used in the LAN fringe (e.g.,
campus networks) depend greatly on the demands of the local
networks. These may be high or medium-performance devices,
probably competitively procured from several different
vendors and operated by an internal organization (e.g., a
campus computing center). The design of these routers
should emphasize low average latency and good burst
performance, together with delay and type-of-service
sensitive resource management. In this environment there
may be less formal O&M but it will not be less important.
The need for the routing mechanism to be highly dynamic
will become more important as networks become more complex
and interconnected. Users will demand more out of their
local connections because of the speed of the global
interconnects.
As networks have grown, and as more networks have become
old enough that they are phasing out older equipment, it
has become increasingly imperative that routers
interoperate with routers from other vendors.
November 28, 1994
- 31 -
Even though the Internet system is not fully
interconnected, many parts of the system need to have
redundant connectivity. Rich connectivity allows reliable
service despite failures of communication lines and
routers, and it can also improve service by shortening
Internet paths and by providing additional capacity.
Unfortunately, this richer topology can make it much more
difficult to choose the best path to a particular
destination.
IETF Exp. 11 Sep. 1995 [Page 33]
Draft Requirements for IP Version 4 Routers March 1995
2.4 Architectural Assumptions
The current Internet architecture is based on a set of
assumptions about the communication system. The
assumptions most relevant to routers are as follows:
+ The Internet is a network of networks.
Each host is directly connected to some particular
network(s); its connection to the Internet is only
conceptual. Two hosts on the same network communicate
with each other using the same set of protocols that
they would use to communicate with hosts on distant
networks.
+ Routers do not keep connection state information. |
To improve the robustness of the communication system,
routers are designed to be stateless, forwarding each IP
packet independently of other packets. As a result,
redundant paths can be exploited to provide robust
service in spite of failures of intervening routers and
networks.
All state information required for end-to-end flow
control and reliability is implemented in the hosts, in
the transport layer or in application programs. All
connection control information is thus co-located with
the end points of the communication, so it will be lost
only if an end point fails. Routers control message |
flow only indirectly, by dropping packets or increasing
network delay.
Note that future protocol developments may well end up
putting some more state into routers. This is |
especially likely for multicast routing, resource |
November 28, 1994
- 32 -
reservation, and flow based forwarding.
+ Routing complexity should be in the routers.
Routing is a complex and difficult problem, and ought to
be performed by the routers, not the hosts. An
important objective is to insulate host software from
changes caused by the inevitable evolution of the
IETF Exp. 11 Sep. 1995 [Page 34]
Draft Requirements for IP Version 4 Routers March 1995
Internet routing architecture.
+ The system must tolerate wide network variation.
A basic objective of the Internet design is to tolerate
a wide range of network characteristics - e.g.,
bandwidth, delay, packet loss, packet reordering, and
maximum packet size. Another objective is robustness
against failure of individual networks, routers, and
hosts, using whatever bandwidth is still available.
Finally, the goal is full open "open system interconnection: | interconnection":
an Internet router must be able to interoperate robustly |
and effectively with any other router or Internet host,
across diverse Internet paths.
Sometimes implementors have designed for less ambitious
goals. For example, the LAN environment is typically
much more benign than the Internet as a whole; LANs have
low packet loss and delay and do not reorder packets.
Some vendors have fielded implementations that are
adequate for a simple LAN environment, but work badly
for general interoperation. The vendor justifies such a
product as being economical within the restricted LAN
market. However, isolated LANs seldom stay isolated for |
long. They are soon connected to each other, to
organization-wide internets, and eventually to the
global Internet system. In the end, neither the
customer nor the vendor is served by incomplete or
substandard routers.
The requirements in this document are designed for a |
full-function router. It is intended that fully
compliant routers will be usable in almost any part of
the Internet.
November 28, 1994
- 33 -
IETF Exp. 11 Sep. 1995 [Page 35]
Draft Requirements for IP Version 4 Routers March 1995
3. LINK LAYER
Although [INTRO:1] covers Link Layer standards (IP over |
various data links, link layers, ARP, etc.), this document anticipates
that Link-Layer material will be covered in a separate Link
Layer Requirements document. A Link-Layer Requirements
document | would be applicable to both hosts and routers. Thus,
this document will not obsolete the parts of [INTRO:1] that
deal with link-layer issues.
3.1 INTRODUCTION
Routers have essentially the same Link Layer protocol
requirements as other sorts of Internet systems. These
requirements are given in chapter 3 of Requirements "Requirements for
Internet Gateways Gateways" [INTRO:1]. A router MUST comply with
its requirements and SHOULD comply with its
recommendations. Since some of the material in that
document has become somewhat dated, some additional
requirements and explanations are included below.
DISCUSSION:
It is expected that the Internet community will produce
a Requirements "Requirements for Internet Link Layer Layer" standard which |
will supersede both this chapter and the chapter |
entitled "INTERNET LAYER PROTOCOLS" in [INTRO:1].
3.2 LINK/INTERNET LAYER INTERFACE
This document does not attempt to specify the interface |
between the Link Layer and the upper layers. However, note |
well that other parts of this document, particularly
chapter 5, require various sorts of information to be
passed across this layer boundary.
This section uses the following definitions:
+ Source physical address
The source physical address is the Link Layer address of
the host or router from which the packet was received.
IETF Exp. 11 Sep. 1995 [Page 36]
Draft Requirements for IP Version 4 Routers March 1995
+ Destination physical address
The destination physical address is the Link Layer
address to which the packet was sent.
The information that must pass from the Link Layer to the
November 28, 1994
- 34 -
Internetwork Layer for each received packet is:
(1) The IP packet [5.2.2],
(2) The length of the data portion (i.e., not including the
Link-Layer framing) of the Link Layer frame [5.2.2],
(3) The identity of the physical interface from which the
IP packet was received [5.2.3], and
(4) The classification of the packet's destination physical
address as a Link Layer unicast, broadcast, or
multicast [4.3.2], [5.3.4].
In addition, the Link Layer also should provide:
(5) The source physical address.
The information that must pass from the Internetwork Layer
to the Link Layer for each transmitted packet is:
(1) The IP packet [5.2.1]
(2) The length of the IP packet [5.2.1]
(3) The destination physical interface [5.2.1]
(4) The next hop IP address [5.2.1]
In addition, the Internetwork Layer also should provide:
(5) The Link Layer priority value [5.3.3.2]
The Link Layer must also notify the Internetwork Layer if
the packet to be transmitted causes a Link Layer
precedence-related error [5.3.3.3].
IETF Exp. 11 Sep. 1995 [Page 37]
Draft Requirements for IP Version 4 Routers March 1995
3.3 SPECIFIC ISSUES
3.3.1 Trailer Encapsulation
Routers that can connect to 10Mb ten megabit Ethernets MAY be
able | to receive and forward Ethernet packets
encapsulated | using the trailer encapsulation described
in [LINK:1]. However, a router SHOULD NOT originate
trailer encapsulated packets. A router MUST NOT
originate
November 28, 1994
- 35 - trailer encapsulated packets without first
verifying, | using the mechanism described in [INTRO:2],
that the immediate destination of the packet is willing
and able to accept trailer-encapsulated packets. A
router SHOULD NOT agree (using these same mechanisms) to
accept trailer-encapsulated packets.
3.3.2 Address Resolution Protocol - ARP
Routers that implement ARP MUST be compliant and SHOULD |
be unconditionally compliant with the requirements in |
[INTRO:2].
The link layer MUST NOT report a Destination Unreachable
error to IP solely because there is no ARP cache entry |
for a destination. destination; it SHOULD queue up to a small number |
of datagrams breifly while performing the ARP |
request/reply sequence, and reply that the destination |
is unreachable to one of the queued datagrams only when |
this proves fruitless.
A router MUST not believe any ARP reply that claims that |
the Link Layer address of another host or router is a
broadcast or multicast address.
3.3.3 Ethernet and 802.3 Coexistence
Routers that can connect to 10Mb ten megabit Ethernets MUST
be | compliant and SHOULD be unconditionally compliant
with | the Ethernet requirements of [INTRO:2].
IETF Exp. 11 Sep. 1995 [Page 38]
Draft Requirements for IP Version 4 Routers March 1995
3.3.4 Maximum Transmission Unit - MTU
The MTU of each logical interface MUST be configurable. configurable |
within the range of legal MTUs for the interface.
Many Link Layer protocols define a maximum frame size
that may be sent. In such cases, a router MUST NOT
allow an MTU to be set which would allow sending of
frames larger than those allowed by the Link Layer
protocol. However, a router SHOULD be willing to
receive a packet as large as the maximum frame size even
if that is larger than the MTU.
DISCUSSION:
Note that this is a stricter requirement than imposed
on hosts by [INTRO:2], which requires that the MTU of
each physical interface be configurable.
If a network is using an MTU smaller than the maximum
frame size for the Link Layer, a router may receive |
packets larger than the MTU from misconfigured and |
incompletely initialized hosts. The Robustness |
November 28, 1994
- 36 -
Principle indicates that the router should |
successfully receive these packets if at all | possible.
3.3.5 Point-to-Point Protocol - PPP
Contrary to [INTRO:1], the Internet does have a standard
serial
point to point line protocol: the Point-to-Point
Protocol (PPP), | defined in [LINK:2], [LINK:3], [LINK:4],
and [LINK:5].
A serial line interface "point to point interface" is any interface that is |
designed to send data over a point to point interface. | line. Such
interfaces include telephone, leased, dedicated or |
direct lines (either 2 or 4 wire), and may use point to |
point channels or virtual circuits of multiplexed |
interfaces such as ISDN. They normally use a |
standardized modem or bit serial interface (such as RS- |
232, RS-449 or V.35), using either synchronous or
asynchronous clocking. Multiplexed interfaces often |
have special physical interfaces.
IETF Exp. 11 Sep. 1995 [Page 39]
Draft Requirements for IP Version 4 Routers March 1995
A general "general purpose serial interface is a serial line
interface that does not solely access line interface" uses the same
physical media as a point to point line, but supports
the use of link layer |
network. networks as well as point to point
connectivity. Link layer networks (such as X.25 or
Frame | Relay) use an alternative IP link layer
specification.
Routers that contain such implement point to point or general purpose
serial | interfaces MUST implement IMPLEMENT PPP. |
PPP MUST be supported on all general purpose serial
interfaces on a router. The router MAY allow the line
to be configured to use serial point to point line protocols
other than | PPP. All general purpose serial Point to point interfaces SHOULD | either
default to using PPP.
This section provides guidelines to router
implementors so that they can ensure interoperability
with other routers using PPP over either when enabled or require
configuration of the link layer protocol before being
enabled. General purpose serial interfaces SHOULD
require configuration of the link layer protocol before
being enabled.
3.3.5.1 Introduction
This section provides guidelines to router
implementors so that they can ensure interoperability
with other routers using PPP over either synchronous
or asynchronous links.
It is critical that an implementor understand the
semantics of the option negotiation mechanism.
Options are a means for a local device to indicate to
a remote peer what the local device will accept from |
November 28, 1994
- 37 -
the remote peer, not what it wishes to send. It is
up to the remote peer to decide what is most
convenient to send within the confines of the set of
options that the local device has stated that it can
accept. Therefore it is perfectly acceptable and
normal for a remote peer to ACK all the options
indicated in an LCP Configuration Request (CR) even
if the remote peer does not support any of those
options. Again, the options are simply a mechanism
for either device to indicate to its peer what it
will accept, not necessarily what it will send.
IETF Exp. 11 Sep. 1995 [Page 40]
Draft Requirements for IP Version 4 Routers March 1995
3.3.5.2 Link Control Protocol (LCP) Options
The PPP Link Control Protocol (LCP) offers a number
of options that may be negotiated. These options |
include (among others) address and control field
compression, protocol field compression, asynchronous
character map, Maximum Receive Unit (MRU), Link
Quality Monitoring (LQM), magic number (for loopback
detection), Password Authentication Protocol (PAP),
Challenge Handshake Authentication Protocol (CHAP),
and the 32-bit Frame Check Sequence (FCS).
A router MAY use address/control field compression on |
either synchronous or asynchronous links. A router |
MAY use protocol field compression on either |
synchronous or asynchronous links. A router that |
indicates that it can accept these compressions MUST |
be able to accept uncompressed PPP header information |
also.
DISCUSSION:
These options control the appearance of the PPP
header. Normally the PPP header consists of the |
address, the control field, and the protocol |
field. The address, on a serial point to point line, is
0xFF, | indicating "broadcast". The control field
is | 0x03, indicating "Unnumbered Information." The |
Protocol Identifier is a two byte value indicating |
the contents of the data area of the frame. If a
system negotiates address and control field
compression it indicates to its peer that it will
accept PPP frames that have or do not have these
fields at the front of the header. It does not
indicate that it will be sending frames with these
November 28, 1994
- 38 -
fields removed. |
Protocol field compression, when negotiated, |
indicates that the system is willing to receive |
protocol fields compressed to one byte when this |
is legal. There is no requirement that the sender |
actually
do so. |
Use of address/control field compression is |
inconsistent with the use of numbered mode |
IETF Exp. 11 Sep. 1995 [Page 41]
Draft Requirements for IP Version 4 Routers March 1995
(reliable) PPP.
IMPLEMENTATION:
Some hardware does not deal well with variable
length header information. In those cases it
makes most sense for the remote peer to send the
full PPP header. Implementations may ensure this
by not sending the address/control field and
protocol field compression options to the remote
peer. Even if the remote peer has indicated an
ability to receive compressed headers there is no
requirement for the local router to send
compressed headers.
A router MUST negotiate the Asynchronous Control |
Character Map (ACCM) for asynchronous PPP links, but |
SHOULD NOT negotiate the ACCM for synchronous links.
If a router receives an attempt to negotiate the ACCM
over a synchronous link, it MUST ACKnowledge the
option and then ignore it.
DISCUSSION:
There are implementations that offer both |
synchronous and asynchronous modes of operation |
and may use the same code to implement the option |
negotiation. In this situation it is possible
that one end or the other may send the ACCM option
on a synchronous link.
A router SHOULD properly negotiate the maximum |
receive unit (MRU). Even if a system negotiates an |
MRU smaller than 1,500 bytes, it MUST be able to
November 28, 1994
- 39 -
receive a 1,500 byte frame.
A router SHOULD negotiate and enable the link quality
monitoring (LQM) option.
DISCUSSION:
This memo does not specify a policy for deciding
whether the link's quality is adequate. However,
it is important (see Section [3.3.6]) that a
router disable failed links.
IETF Exp. 11 Sep. 1995 [Page 42]
Draft Requirements for IP Version 4 Routers March 1995
A router SHOULD implement and negotiate the magic
number option for loopback detection.
A router MAY support the authentication options (PAP
- Password Authentication Protocol, and/or CHAP - |
Challenge Handshake Authentication Protocol).
A router MUST support 16-bit CRC frame check sequence
(FCS) and MAY support the 32-bit CRC.
3.3.5.3 IP Control Protocol (IPCP) Options
A router MAY offer to perform IP address negotiation.
A router MUST accept a refusal (REJect) to perform IP
address negotiation from the peer.
Routers operating at link speeds of 19,200 BPS or |
less SHOULD implement and offer to perform Van |
Jacobson header compression. Routers that implement |
VJ compression SHOULD implement an administrative |
control enabling or disabling it.
3.3.6 Interface Testing
A router MUST have a mechanism to allow routing software
to determine whether a physical interface is available |
to send packets or not. not; on multiplexed interfaces where |
permanent virtual circuits are opened for limited sets |
of neighbors, the router must also be able to determine |
whether the virtual circuits are viable. A router
SHOULD have a mechanism to allow routing software to
judge the quality of a physical interface. A router
MUST have a mechanism for informing the routing software
when a physical interface becomes available or
unavailable to send packets because of administrative
action. A router MUST have a mechanism for informing
the routing software when it detects a Link level
interface has become available or unavailable, for any
reason.
November 28, 1994
- 40 -
DISCUSSION:
It is crucial that routers have workable mechanisms
IETF Exp. 11 Sep. 1995 [Page 43]
Draft Requirements for IP Version 4 Routers March 1995
for determining that their network connections are |
functioning properly. Failure to detect link loss, |
or failure to take the proper actions when a problem |
is detected, can lead to black holes.
The mechanisms available for detecting problems with
network connections vary considerably, depending on
the Link Layer protocols in use and also in some
cases on the interface hardware chosen by the router
manufacturer.
hardware. The intent is to maximize the capability
to detect failures within the Link-Layer constraints.
November 28, 1994
- 41
IETF Exp. 11 Sep. 1995 [Page 44]
Draft Requirements for IP Version 4 Routers March 1995
4. INTERNET LAYER - PROTOCOLS
4.1 INTRODUCTION
This chapter and chapter 5 discuss the protocols used at
the Internet Layer: IP, ICMP, and IGMP. Since forwarding
is obviously a crucial topic in a document discussing
routers, chapter 5 limits itself to the aspects of the |
protocols that directly relate to forwarding. The current
chapter contains the remainder of the discussion of the
Internet Layer protocols.
4.2 INTERNET PROTOCOL - IP
4.2.1 INTRODUCTION
Routers MUST implement the IP protocol, as defined by |
[INTERNET:1]. They MUST also implement its mandatory |
extensions: subnets (defined in [INTERNET:2]), IP |
broadcast (defined in [INTERNET:3]), and Classless |
Inter-Domain Routing (CIDR, defined in [INTERNET:15]).
Router implementors need not consider compliance with |
the section of [INTRO:2] entitled "Internet Protocol -- |
IP," as that section is entirely duplicated or |
superseded in this document. A router MUST be
compliant, and SHOULD be unconditionally compliant, with |
the requirements of the section entitled "SPECIFIC |
ISSUES" relating to IP in [INTRO:2].
In the following, the action specified in certain cases |
is to silently discard "silently discard" a received datagram. This
means | that the datagram will be discarded without
further | processing and that the router will not send any
ICMP | error message (see Section [4.3]) as a result.
However, | for diagnosis of problems a router SHOULD
provide the | capability of logging the error (see Section
[1.3.3]), | including the contents of the silently
discarded | datagram, and SHOULD count datagrams
IETF Exp. 11 Sep. 1995 [Page 45]
Draft Requirements for IP Version 4 Routers March 1995
discarded.
4.2.2 PROTOCOL WALK-THROUGH
RFC 791 [INTERNET:1] is the specification for the |
Internet Protocol. |
4.2.2.1 Options: RFC 791 Section 3.2
In datagrams received by the router itself, the IP |
layer MUST interpret IP options that it understands |
and preserve the rest unchanged for use by higher
layer protocols.
November 28, 1994
- 42 -
Higher layer protocols may require the ability to set
IP options in datagrams they send or examine IP
options in datagrams they receive. Later sections of
this document discuss specific IP option support
required by higher layer protocols.
DISCUSSION:
Neither this memo nor [INTRO:2] define the order
in which a receiver must process multiple options
in the same IP header. Hosts and routers
originating datagrams containing multiple options
must be aware that this introduces an ambiguity in
the meaning of certain options when combined with
a source-route option.
Here are the requirements for specific IP options:
(a) Security Option
Some environments require the Security option in
every packet originated or received. Routers
SHOULD IMPLEMENT the revised security option
described in [INTERNET:5].
DISCUSSION:
Note that the security options described in
[INTERNET:1] and RFC 1038 ([INTERNET:16]) are
obsolete.
IETF Exp. 11 Sep. 1995 [Page 46]
Draft Requirements for IP Version 4 Routers March 1995
(b) Stream Identifier Option
This option is obsolete; routers SHOULD NOT
place this option in a datagram that the router
originates. This option MUST be ignored in
datagrams received by the router.
(c) Source Route Options
A router MUST be able to act as the final
destination of a source route. If a router |
receives a packet containing a completed source |
route, the packet has reached its final |
destination. In such an option, the pointer
points beyond the last field and the destination
address in the IP header addresses the router. |
November 28, 1994
- 43 -
The option as received (the recorded route) MUST
be passed up to the transport layer (or to ICMP
message processing).
A
In the general case, a correct response to a source-routed datagrams |
source-routed datagram traverses the same route.
A router MUST provide | a means whereby transport
protocols and | applications can reverse the
source route in a | received datagram. This
reversed source route | MUST be inserted into
datagrams they originate | (see [INTRO:2] for details). |
details) when the router is unaware of policy |
constraints. However, if the router is policy |
aware, it MAY select another path.
Some applications in the router MAY require that
the user be able to enter a source route.
A router MUST NOT originate a datagram
containing multiple source route options. What
a router should do if asked to forward a packet
containing multiple source route options is
described in Section [5.2.4.1].
When a source route option is created, created (which
would happen when the router is originating a
source routed datagram or is inserting a source
route option as a result of a special filter),
IETF Exp. 11 Sep. 1995 [Page 47]
Draft Requirements for IP Version 4 Routers March 1995
it MUST be correctly formed even if it is being
created by reversing a recorded route that
erroneously includes the source host (see case
(B) in the discussion below).
DISCUSSION:
Suppose a source routed datagram is to be
routed from source S to destination D via
routers G1, G2, Gn. Source S constructs a
datagram with G1's IP address as its
destination address, and a source route
option to get the datagram the rest of the
way to its destination. However, there is an
ambiguity in the specification over whether
the source route option in a datagram sent
out by S should be (A) or (B):
(A): {>>G2, G3, ... Gn, D} <--- CORRECT
(B): {S, >>G2, G3, ... Gn, D} <---- WRONG
(where >> represents the pointer). If (A) is |
sent, the datagram received at D will contain
November 28, 1994
- 44 -
the option: {G1, G2, ... Gn >>}, with S and D
as the IP source and destination addresses.
If (B) were sent, the datagram received at D
would again contain S and D as the same IP
source and destination addresses, but the
option would be: {S, G1, ...Gn >>}; i.e., the
originating host would be the first hop in
the route.
(d) Record Route Option
Routers MAY support the Record Route option in
datagrams originated by the router.
(e) Timestamp Option
Routers MAY support the timestamp option in
datagrams originated by the router. The
following rules apply:
+ When originating a datagram containing a
IETF Exp. 11 Sep. 1995 [Page 48]
Draft Requirements for IP Version 4 Routers March 1995
Timestamp Option, a router MUST record a
timestamp in the option if
- Its Internet address fields are not pre-
specified or
- Its first pre-specified address is the IP
address of the logical interface over
which the datagram is being sent (or the
router's router-id if the datagram is
being sent over an unnumbered interface).
+ If the router itself receives a datagram |
containing a Timestamp Option, the router |
MUST insert the current time into the |
Timestamp Option (if there is space in the |
option to do so) before passing the option to
the transport layer or to ICMP for
processing.
+ A timestamp value MUST follow the rules |
defined in [INTRO:2].
IMPLEMENTATION:
To maximize the utility of the timestamps
November 28, 1994
- 45 -
contained in the timestamp option, the |
timestamp inserted should be, as nearly as
practical, the time at which the packet
arrived at the router. For datagrams
originated by the router, the timestamp
inserted should be, as nearly as practical,
the time at which the datagram was passed to
the Link Layer for transmission.
The timestamp option permits the use of a
non-standard time clock, but the use of a
non-synchronized clock limits the utility of
the time stamp. Therefore, routers are well
advised to implement the Network Time
Protocol for the purpose of synchronizing
their clocks.
IETF Exp. 11 Sep. 1995 [Page 49]
Draft Requirements for IP Version 4 Routers March 1995
4.2.2.2 Addresses in Options: RFC 791 Section 3.1
Routers are called upon to insert their address into |
Record Route, Strict Source and Record Route, Loose
Source and Record Route, or Timestamp Options. When |
a router inserts its address into such an option, it
MUST use the IP address of the logical interface on
which the packet is being sent. Where this rule
cannot be obeyed because the output interface has no
IP address (i.e., is an unnumbered interface), the
router MUST instead insert its router-id. "router-id". The |
router's router-id is one of the router's IP |
addresses; it
addresses. The Router ID may be specified on a
system basis or | on a per-link basis. Which of the
router's addresses is used as the router-id MUST NOT
change (even across reboots) unless changed by the
network manager. | Relevant management changes include
reconfiguration | of the router such that the IP
address used as the | router-id ceases to be one of the
router's IP | addresses. Routers with multiple
unnumbered interfaces MAY have multiple router-id's.
Each unnumbered interface MUST be associated with a
particular router-id. This association MUST NOT
change (even across reboots) without reconfiguration
of the router.
DISCUSSION:
This specification does not allow for routers that |
do not have at least one IP address. We do not
view this as a serious limitation, since a router
needs an IP address to meet the manageability
requirements of Chapter [8] even if the router is
connected only to point-to-point links.
IMPLEMENTATION:
November 28, 1994
- 46 -
One possible method of choosing the router-id that
fulfills this requirement is to use the
numerically smallest (or greatest) IP address
(treating the address as a 32-bit integer) that is
assigned to the router.
IETF Exp. 11 Sep. 1995 [Page 50]
Draft Requirements for IP Version 4 Routers March 1995
4.2.2.3 Unused IP Header Bits: RFC 791 Section 3.1
The IP header contains two reserved bits: one in the |
Type of Service byte and the other in the Flags
field. A router MUST NOT set either of these bits to
one in datagrams originated by the router. A router
MUST NOT drop (refuse to receive or forward) a packet
merely because one or more of these reserved bits has
a non-zero value. value; i.e., the router MUST NOT check the
values of thes bits.
DISCUSSION:
Future revisions to the IP protocol may make use
of these unused bits. These rules are intended to
ensure that these revisions can be deployed
without having to simultaneously upgrade all
routers in the Internet.
4.2.2.4 Type of Service: RFC 791 Section 3.1
The Type-of-Service "Type-of-Service" byte in the IP header is
divided | into three sections: the Precedence field
(high-order 3 bits), a field that is customarily
called Type "Type of
Service Service" or TOS "TOS" (next 4 bits), and
a reserved bit (the low order bit).
Rules governing the reserved bit were described in
Section [4.2.2.3].
A more extensive discussion of the TOS field and its
use can be found in [ROUTE:11].
The description of the IP Precedence field is
superseded by Section [5.3.3]. RFC 795, Service |
Mappings, "Service
Mappings", is obsolete and SHOULD NOT be implemented. |
4.2.2.5 Header Checksum: RFC 791 Section 3.1
As stated in Section [5.2.2], a router MUST verify |
the IP checksum of any packet that is received. The
router received, and |
MUST NOT provide a means to disable discard messages containing invalid checksums.
IETF Exp. 11 Sep. 1995 [Page 51]
Draft Requirements for IP Version 4 Routers March 1995
The router MUST NOT provide a means to disable this
November 28, 1994
- 47 -
checksum verification. |
A router MAY use incremental IP header checksum |
updating when the only change to the IP header is the |
time to live. This will reduce the possibility of |
undetected corruption of the IP header by the router. |
See [INTERNET:6] for a discussion of incrementally |
updating the checksum.
IMPLEMENTATION:
A more extensive description of the IP checksum,
including extensive implementation hints, can be
found in [INTERNET:6] and [INTERNET:7].
4.2.2.6 Unrecognized Header Options: RFC 791 Section 3.1
A router MUST ignore IP options which it does not |
recognize. A corollary of this requirement is that a
router MUST implement the End of Option List option
and the No Operation option, since neither contains
an explicit length.
DISCUSSION:
All future IP options will include an explicit
length.
4.2.2.7 Fragmentation: RFC 791 Section 3.2
Fragmentation, as described in [INTERNET:1], MUST be |
supported by a router.
When a router fragments an IP datagram, it SHOULD
minimize the number of fragments. When a router
fragments an IP datagram, it MUST SHOULD send the |
fragments in order. A fragmentation method that may
generate | one IP fragment that is significantly
smaller than the other MAY cause the first IP
fragment to be the smaller one.
IETF Exp. 11 Sep. 1995 [Page 52]
Draft Requirements for IP Version 4 Routers March 1995
DISCUSSION:
There are several fragmentation techniques in
common use in the Internet. One involves
splitting the IP datagram into IP fragments with
the first being MTU sized, and the others being
approximately the same size, smaller than the MTU.
The reason for this is twofold. The first IP
fragment in the sequence will be the effective MTU
of the current path between the hosts, and the |
following IP fragments are sized to minimize the |
further fragmentation of the IP datagram. Another
technique is to split the IP datagram into MTU
sized IP fragments, with the last fragment being
November 28, 1994
- 48 -
the only one smaller, as described in |
[INTERNET:1].
A common trick used by some implementations of
TCP/IP is to fragment an IP datagram into IP
fragments that are no larger than 576 bytes when
the IP datagram is to travel through a router. |
This is intended to allow the resulting IP |
fragments to pass the rest of the path without |
further fragmentation. This would, though, create
more of a load on the destination host, since it
would have a larger number of IP fragments to
reassemble into one IP datagram. It would also |
not be efficient on networks where the MTU only |
changes once and stays much larger than 576 bytes. |
Examples include LAN networks such as an IEEE |
802.5 network with a MTU of 2048 or an Ethernet |
network with an MTU of 1500).
One other fragmentation technique discussed was
splitting the IP datagram into approximately equal
sized IP fragments, with the size less than or |
equal to the next hop network's MTU. This is
intended to minimize the number of fragments that
would result from additional fragmentation further |
down the path, and assure equal delay for each |
fragment.
Routers SHOULD generate the least possible number |
of IP fragments.
IETF Exp. 11 Sep. 1995 [Page 53]
Draft Requirements for IP Version 4 Routers March 1995
Work with slow machines leads us to believe that
if it is necessary to fragment messages, sending |
the small IP fragment first maximizes the chance
of a host with a slow interface of receiving all
the fragments.
4.2.2.8 Reassembly: RFC 791 Section 3.2
As specified in the corresponding section of |
[INTRO:2], a router MUST support reassembly of |
datagrams that it delivers to itself. |
4.2.2.9 Time to Live: RFC 791 Section 3.2
Time to Live (TTL) handling for packets originated or
November 28, 1994
- 49 -
received by the router is governed by [INTRO:2]; this |
section changes none of its stipulations. However, |
since the remainder of the IP Protocol section of |
[INTRO:2] is rewritten, this section is as well. |
Note in particular that a router MUST NOT check the
TTL of a packet except when forwarding it. |
A router MUST NOT originate or forward a datagram |
with a Time-to-Live (TTL) value of zero. |
A router MUST NOT discard a datagram just because it |
was received with TTL less than 2; equal to zero or one; if it is
to the | router and otherwise valid, the router MUST
attempt | to receive it. |
On messages the router originates, the IP layer MUST |
provide a means for the transport layer to set the |
TTL field of every datagram that is sent. When a |
fixed TTL value is used, it MUST be configurable. |
The number SHOULD exceed the typical internet |
diameter, and current wisdom suggests that it should |
exceed twice the internet diameter to allow for |
growth. Current suggested value will be published values are normally posted |
in the |
"Assigned Numbers" Assigned Numbers RFC. The TTL field has two |
functions: limit the lifetime of TCP segments (see |
IETF Exp. 11 Sep. 1995 [Page 54]
Draft Requirements for IP Version 4 Routers March 1995
RFC 793 [TCP:1], p. 28), and terminate Internet |
routing loops. Although TTL is a time in seconds, it |
also has some attributes of a hop-count, since each |
router is required to reduce the TTL field by at |
least one. |
TTL expiration is intended to cause datagrams to be |
discarded by routers, but not by the destination |
host. Hosts that act as routers by forwarding |
datagrams must therefore follow the router's rules |
for TTL. |
A higher-layer protocol may want to set the TTL in |
order to implement an "expanding scope" search for |
some Internet resource. This is used by some |
diagnostic tools, and is expected to be useful for |
locating the "nearest" server of a given class using |
IP multicasting, for example. A particular transport |
protocol may also want to specify its own TTL bound |
on maximum datagram lifetime. |
A fixed default value must be at least big enough for
the |
November 28, 1994
- 50 - Internet "diameter," i.e., the longest possible
path. | A reasonable value is about twice the
diameter, to | allow for continued Internet growth. | As
of this writing, messages crossing the United States
frequently traverse 15 to 20 routers; this argues for
a default TTL value in excess of 40, and 64 is a
common value.
4.2.2.10 Multi-subnet Broadcasts: RFC 922
All-subnets broadcasts (called multi-subnet |
broadcasts "multi-subnet
broadcasts" in [INTERNET:3]) have been deprecated.
See Section [5.3.5.3]. |
There
4.2.2.11 Addressing: RFC 791 Section 3.2
As noted in 2.2.5.1, there are now five classes of IP
addresses: Class A through Class E. Class D
addresses are used for IP multicasting [INTERNET:4],
IETF Exp. 11 Sep. 1995 [Page 55]
Draft Requirements for IP Version 4 Routers March 1995
while Class E addresses are reserved for experimental
use.
A The distinction between Class A, B, and C
addresses is no longer important; they are used as
generalized unicast network prefixes with only
historical interest in their class.
An IP multicast (Class D) address is a 28-bit logical address
that stands for a group of hosts, and may be either
permanent or transient. Permanent multicast
addresses are allocated by the Internet Assigned
Number Authority [INTRO:7], while transient addresses |
may be allocated dynamically to transient groups.
Group membership is determined dynamically using IGMP
[INTERNET:4].
We now summarize the important special cases for |
Unicast (that is class A, B, and C)
general purpose unicast IP addresses, using the
following notation for an IP address:
{ <Network-prefix>, <Host-number> } |
and the notation -1 "-1" for a field that contains all 1 *
bits and the notation 0 "0" for a field that contains
all 0 bits. *
(a) { 0, 0 }
This host on this network. It MUST NOT be used
as a source address by routers, except the
router MAY use this as a source address as part
of an initialization procedure (e.g., if the
router is using BOOTP to load its configuration
information).
Incoming datagrams with a source address of { 0,
November 28, 1994
- 51 -
0 } which are received for local delivery (see |
Section [5.2.3]), MUST be accepted if the router |
implements the associated protocol and that |
protocol clearly defines appropriate action to |
be taken. Otherwise, a router MUST silently
discard any locally-delivered datagram whose
source address is { 0, 0 }.
DISCUSSION:
IETF Exp. 11 Sep. 1995 [Page 56]
Draft Requirements for IP Version 4 Routers March 1995
Some protocols define specific actions to
take in response to a received datagram whose
source address is { 0, 0 }. Two examples are
BOOTP and ICMP Mask Request. The proper
operation of these protocols often depends on
the ability to receive datagrams whose source
address is { 0, 0 }. For most protocols,
however, it is best to ignore datagrams
having a source address of { 0, 0 } since
they were probably generated by a
misconfigured host or router. Thus, if a |
router knows how to deal with a given |
datagram having a { 0, 0 } source address, |
the router MUST accept it. Otherwise, the
router MUST discard it.
See also Section [4.2.3.1] for a non-standard
use of { 0, 0 }.
(b) { 0, <Host-number> }
Specified host on this network. It MUST NOT be |
sent by routers except that the router MAY use |
this as a source address as part of an |
initialization procedure by which the it learns |
its own IP address.
(c) { -1, -1 }
Limited broadcast. It MUST NOT be used as a
source address.
A datagram with this destination address will be
received by every host and router on the
connected physical network, but will not be
forwarded outside that network.
November 28, 1994
- 52 -
(d) { <Network-prefix>, -1 } |
Directed Broadcast - a broadcast directed to the |
specified network prefix. It MUST NOT be used
as a source address. A router MAY originate
Network Directed Broadcast packets. A router
MUST receive Network Directed Broadcast packets;
IETF Exp. 11 Sep. 1995 [Page 57]
Draft Requirements for IP Version 4 Routers March 1995
however a router MAY have a configuration option
to prevent reception of these packets. Such an
option MUST default to allowing reception.
(e) { 127, <any> } *
Internal host loopback address. Addresses of
this form MUST NOT appear outside a host.
The <Network-prefix> is administratively assigned so |
that its value will be unique in the entire world. routing domain |
to which the device is connected.
IP addresses are not permitted to have the value 0 or |
-1 for the <Host-number> or <Network-prefix> fields |
except in the special cases listed above. This
implies that each of these fields will be at least
two bits long.
DISCUSSION: |
Previous versions of this document also noted that |
subnet numbers must be neither 0 nor -1, and must |
be at least two bits in length. In a CIDR world, |
the subnet number is clearly an extension of the |
network prefix and cannot be interpreted without |
the remainder of the prefix. This restriction of |
subnet numbers is therefore meaningless in view of |
CIDR and may be safely ignored. |
For further discussion of broadcast addresses, see |
Section [4.2.3.1].
When a router originates any datagram, the IP source *
address MUST be one of its own IP addresses (but not
a broadcast or multicast address). The only
exception is during initialization.
For most purposes, a datagram addressed to a
broadcast or multicast destination is processed as if
it had been addressed to one of the router's IP
addresses; that is to say:
IETF Exp. 11 Sep. 1995 [Page 58]
Draft Requirements for IP Version 4 Routers March 1995
+ A router MUST receive and process normally any |
packets with a broadcast destination address.
+ A router MUST receive and process normally any |
packets sent to a multicast destination address |
that the router has asked to receive.
November 28, 1994
- 53 -
The term specific-destination address "specific-destination address" means the
equivalent local IP address of the host. The
specific-destination address is defined to be the
destination address in the IP header unless the
header contains a broadcast or multicast address, in
which case the specific-destination is an IP address
assigned to the physical interface on which the
datagram arrived.
A router MUST silently discard any received datagram
containing an IP source address that is invalid by
the rules of this section. This validation could be
done either by the IP layer or (when appropriate) by
each protocol in the transport layer. As with any
datagram a router discards, the datagram discard
SHOULD be counted.
DISCUSSION:
A misaddressed datagram might be caused by a Link
Layer broadcast of a unicast datagram or by
another router or host that is confused or
misconfigured.
4.2.3 SPECIFIC ISSUES
4.2.3.1 IP Broadcast Addresses
For historical reasons, there are a number of IP |
addresses (some standard and some not) which are used |
to indicate that an IP packet is an IP broadcast. A
router
(1) MUST treat as IP broadcasts packets addressed to |
255.255.255.255 or { <Network-prefix>, -1 }.
(2) SHOULD silently
IETF Exp. 11 Sep. 1995 [Page 59]
Draft Requirements for IP Version 4 Routers March 1995
255.255.255.255 or { <Network-prefix>, -1 }.
(2) SHOULD silently discard on receipt (i.e., do not |
even deliver to applications in the router) any |
packet addressed to 0.0.0.0 or { <Network- |
prefix>, 0 }. If these packets are not silently |
discarded, they MUST be treated as IP broadcasts
(see Section [5.3.5]). There MAY be a
configuration option to allow receipt of these
packets. This option SHOULD default to
discarding them.
(3) SHOULD (by default) use the limited broadcast |
address (255.255.255.255) when originating an IP |
November 28, 1994
- 54 -
broadcast destined for a connected (sub)network |
(except when sending an ICMP Address Mask Reply,
as discussed in Section [4.3.3.9]). A router
MUST receive limited broadcasts.
(4) SHOULD NOT originate datagrams addressed to |
0.0.0.0 or { <Network-prefix>, 0 }. There MAY
be a configuration option to allow generation of
these packets (instead of using the relevant 1s
"1s" format broadcast). This option SHOULD
default to not generating them.
DISCUSSION:
In the second bullet, the router obviously cannot |
recognize addresses of the form { <Network- |
prefix>, 0 } if the router has no interface to |
that network prefix. In that case, the rules of
the second bullet do not apply because, from the
point of view of the router, the packet is not an
IP broadcast packet.
4.2.3.2 IP Multicasting
An IP router SHOULD satisfy the Host Requirements
with respect to IP multicasting, as specified in |
[INTRO:2]. An IP router SHOULD support local IP |
multicasting on all connected networks. When a |
mapping from Class D IP multicast addresses to link-layer |
IETF Exp. 11 Sep. 1995 [Page 60]
Draft Requirements for IP Version 4 Routers March 1995
addresses has been specified (see the various IP- |
over-xxx specifications), it SHOULD use that mapping, |
and MAY be configurable to use the data link | layer
broadcast instead. On point-to-point links and all |
other interfaces, multicasts are encapsulated as data | link
layer broadcasts. Support for local IP multicasting
includes originating multicast datagrams, joining
multicast groups and receiving multicast datagrams,
and leaving multicast groups. This implies support
for all of [INTERNET:4] including IGMP (see Section |
[4.4]).
DISCUSSION:
Although [INTERNET:4] is entitled Host Extensions
for IP Multicasting, it applies to all IP systems,
both hosts and routers. In particular, since
routers may join multicast groups, it is correct
November 28, 1994
- 55 -
for them to perform the host "host" part of IGMP,
reporting their group memberships to any multicast
routers that may be present on their attached
networks (whether or not they themselves are
multicast routers).
Some router protocols may specifically require
support for IP multicasting (e.g., OSPF
[ROUTE:1]), or may recommend it (e.g., ICMP Router
Discovery [INTERNET:13]).
In order to
4.2.3.3 Path MTU Discovery
To eliminate fragmentation or minimize it, it is
desirable to know what is the path MTU along the path
from the source to destination. The path MTU is the
minimum of the MTUs of each hop in the path.
[INTERNET:14] describes a technique for dynamically
discovering the maximum transmission unit (MTU) of an
arbitrary internet path. For a path that passes
through a router that does not support [INTERNET:14],
this technique might not discover the correct Path
MTU, but it will always choose a Path MTU as accurate
as, and in many cases more accurate than, the Path
MTU that would be chosen by older techniques or the
IETF Exp. 11 Sep. 1995 [Page 61]
Draft Requirements for IP Version 4 Routers March 1995
current practice.
When a router is originating an IP datagram, it
SHOULD use the scheme described in [INTERNET:14] to
limit the datagram's size. If the router's route to
the datagram's destination was learned from a routing
protocol that provides Path MTU information, the
scheme described in [INTERNET:14] is still used, but
the Path MTU information from the routing protocol
SHOULD be used as the initial guess as to the Path
MTU and also as an upper bound on the Path MTU.
4.2.3.4 Subnetting
Under certain circumstances, it may be desirable to
support subnets of a particular network being
interconnected only via through a path that is not part
of | the subnetted network. This is known as
discontiguous subnetwork support.
Routers MUST support discontiguous subnetworks.
November 28, 1994
- 56 -
IMPLEMENTATION:
In classical IP networks, this was very difficult |
to achieve; in CIDR networks, it is a natural by- |
product. Therefore, a router SHOULD NOT make |
assumptions about subnet architecture, but SHOULD |
treat each route as a generalized network prefix. |
DISCUSSION:
The Internet has been growing at a tremendous rate
of late. This has been placing severe strains on
the IP addressing technology. A major factor in
this strain is the strict IP Address class
boundaries. These make it difficult to |
efficiently size network prefixes to their |
networks and aggregate several network prefixes |
into a single route advertisement. By eliminating
the strict class boundaries of the IP address and
treating each route as a generalized network |
prefix, these strains may be greatly reduced.
IETF Exp. 11 Sep. 1995 [Page 62]
Draft Requirements for IP Version 4 Routers March 1995
The technology for currently doing this is |
Classless Inter Domain Routing (CIDR)
[INTERNET:15].
For similar reasons, an address block associated with |
a given network prefix could be subdivided into |
subblocks of different sizes, so that the network |
prefixes associated with the subblocks would have |
different length. For example, within a block whose |
network prefix is 8 bits long, one subblock may have |
a 16 bit network prefix, another may have an 18 bit |
network prefix, and a third a 14 bit network prefix.
Routers MUST support variable length network prefixes |
in both their interface configurations and their |
routing databases.
4.3 INTERNET CONTROL MESSAGE PROTOCOL - ICMP
4.3.1 INTRODUCTION
ICMP is an auxiliary protocol, which provides routing, |
diagnostic and error functionality for IP. It is
described in [INTERNET:8]. A router MUST support ICMP.
November 28, 1994
- 57 -
ICMP messages are grouped in two classes that are |
discussed in the following sections:
ICMP error messages:
Destination Unreachable Section 4.3.3.1
Redirect Section 4.3.3.2
Source Quench Section 4.3.3.3
Time Exceeded Section 4.3.3.4
Parameter Problem Section 4.3.3.5
ICMP query messages:
Echo Section 4.3.3.6
Information Section 4.3.3.7
Timestamp Section 4.3.3.8
Address Mask Section 4.3.3.9
IETF Exp. 11 Sep. 1995 [Page 63]
Draft Requirements for IP Version 4 Routers March 1995
Router Discovery Section 4.3.3.10
General ICMP requirements and discussion are in the next
section.
4.3.2 GENERAL ISSUES
4.3.2.1 Unknown Message Types
If an ICMP message of unknown type is received, it
MUST be passed to the ICMP user interface (if the
router has one) or silently discarded (if the router |
does not have one).
4.3.2.2 ICMP Message TTL
When originating an ICMP message, the router MUST
initialize the TTL. The TTL for ICMP responses must |
not be taken from the packet that triggered the
response.
Every
4.3.2.3 Original Message Header
Historically, every ICMP error message includes has included
the Internet header and at least the first 8 data
bytes of the datagram that triggered the error. More than 8 bytes MAY be
sent, but This
is no longer adequate, due to the use of IP-in-IP
tunneling and other technologies. Therefore, the resulting
ICMP datagram SHOULD have a contain as much of the original
datagram as possible without the length of less than or equal to the ICMP
datagram exceeding 576 bytes. The returned IP header
(and user data) MUST be identical to that which was
received, except that the router is not required to
undo any modifications to the IP
November 28, 1994
- 58 - header that are
normally performed in forwarding that were performed
before the error was detected (e.g., decrementing the
TTL, or updating options). Note | that the
requirements of Section [4.3.3.5] supersede this
IETF Exp. 11 Sep. 1995 [Page 64]
Draft Requirements for IP Version 4 Routers March 1995
requirement in some cases (i.e., for a Parameter
Problem message, if the problem is in a modified
field, the router must undo "undo" the modification). See
Section [4.3.3.5]) [4.3.3.5]).
4.3.2.4 ICMP Message Source Address
Except where this document specifies otherwise, the
IP source address in an ICMP message originated by
the router MUST be one of the IP addresses associated
with the physical interface over which the ICMP
message is transmitted. If the interface has no IP
addresses associated with it, the router's router-id
(see Section [5.2.5]) is used instead.
4.3.2.5 TOS and Precedence
ICMP error messages SHOULD have their TOS bits set to
the same value as the TOS bits in the packet which that
provoked the sending of the ICMP error message,
unless setting them to that value would cause the
ICMP error message to be immediately discarded
because it could not be routed to its destination.
Otherwise, ICMP error messages MUST be sent with a
normal (i.e. (i.e., zero) TOS. An ICMP reply message
SHOULD have its TOS bits set to the same value as the
TOS bits in the ICMP request that provoked the reply.
EDITOR'S COMMENTS:
The following paragraph originally read:
ICMP error messages MUST have their IP
Precedence field set to the same value as the
IP Precedence field in the packet which
provoked the sending of the ICMP error message,
except that the precedence value MUST be 6
(INTERNETWORK CONTROL) or 7 (NETWORK CONTROL),
SHOULD be 7, and MAY be settable for the
following types of ICMP error messages:
Unreachable, Redirect, Time Exceeded, and
Parameter Problem.
I believe that the following paragraph is
November 28, 1994
- 59 -
equivalent and easier for humans to parse (Source
Quench is the only other ICMP Error message).
Other interpretations of the original are sought.
ICMP Source Quench error messages messages, if sent at all,
MUST have their IP Precedence field set to the same
value as the IP Precedence field in the packet which that
provoked the sending of the ICMP Source Quench
message. All other ICMP error messages (Destination
Unreachable, Redirect, Time Exceeded, and Parameter
Problem) MUST SHOULD have their precedence value set to 6
(INTERNETWORK CONTROL) or 7 (NETWORK CONTROL), SHOULD be 7. CONTROL). The
IP Precedence value for these error messages MAY be
settable.
An ICMP reply message MUST have its IP Precedence
field set to the same value as the IP Precedence
field in the ICMP request that provoked the reply.
IETF Exp. 11 Sep. 1995 [Page 65]
Draft Requirements for IP Version 4 Routers March 1995
4.3.2.6 Source Route
If the packet which provokes the sending of an ICMP
error message contains a source route option, the
ICMP error message SHOULD also contain a source route
option of the same type (strict or loose), created by |
reversing the portion before the pointer of the route
recorded in the source route option of the original
packet UNLESS the ICMP error message is an ICMP
Parameter Problem complaining about a source route
option in the original packet. packet, or unless the router |
is aware of policy that would prevent the delivery of |
the ICMP error message.
DISCUSSION:
In environments which use the U.S. Department of
Defense security option (defined in [INTERNET:5]),
ICMP messages may need to include a security
option. Detailed information on this topic should
be available from the Defense Communications
Agency.
4.3.2.7 When Not to Send ICMP Errors
An ICMP error message MUST NOT be sent as the result
of receiving:
+ An ICMP error message, or
November 28, 1994
- 60 -
+ A packet which fails the IP header validation tests
described in Section [5.2.2] (except where that
section specifically permits the sending of an
ICMP error message), or
+ A packet destined to an IP broadcast or IP
multicast address, or
+ A packet sent as a Link Layer broadcast or
multicast, or
+ A packet whose source address has a network prefix |
of zero or is an invalid source address (as |
IETF Exp. 11 Sep. 1995 [Page 66]
Draft Requirements for IP Version 4 Routers March 1995
defined in Section [5.3.7]), or
+ Any fragment of a datagram other then the first |
fragment (i.e., a packet for which the fragment |
offset in the IP header is nonzero).
Furthermore, an ICMP error message MUST NOT be sent
in any case where this memo states that a packet is
to be silently discarded. "silently discarded".
NOTE: THESE RESTRICTIONS TAKE PRECEDENCE OVER ANY
REQUIREMENT ELSEWHERE IN THIS DOCUMENT FOR SENDING
ICMP ERROR MESSAGES.
DISCUSSION:
These rules aim to prevent the broadcast storms "broadcast storms"
that have resulted from routers or hosts returning
ICMP error messages in response to broadcast
packets. For example, a broadcast UDP packet to a
non-existent port could trigger a flood of ICMP
Destination Unreachable datagrams from all devices
that do not have a client for that destination
port. On a large Ethernet, the resulting
collisions can render the network useless for a
second or more.
Every packet that is broadcast on the connected
network should have a valid IP broadcast address
as its IP destination (see Section [5.3.4] and
[INTRO:2]). However, some devices violate this
rule. To be certain to detect broadcast packets,
therefore, routers are required to check for a
November 28, 1994
- 61 -
link-layer broadcast as well as an IP-layer
address.
IMPLEMENTATION:
This requires that the link layer inform the IP
layer when a link-layer broadcast packet has been
received; see Section [3.1].
IETF Exp. 11 Sep. 1995 [Page 67]
Draft Requirements for IP Version 4 Routers March 1995
4.3.2.8 Rate Limiting
A router which sends ICMP Source Quench messages MUST
be able to limit the rate at which the messages can
be generated. A router SHOULD also be able to limit
the rate at which it sends other sorts of ICMP error
messages (Destination Unreachable, Redirect, Time
Exceeded, Parameter Problem). The rate limit
parameters SHOULD be settable as part of the
configuration of the router. How the limits are
applied (e.g., per router or p... | per interface) is left
to the implementor's discretion.
DISCUSSION:
Two problems for a router sending ICMP error
message are:
(1) The consumption of bandwidth on the reverse
path, and
(2) The use of router resources (e.g., memory, CPU
time)
To help solve these problems a router can limit
the frequency with which it generates ICMP error
messages. For similar reasons, a router may limit
the frequency at which some other sorts of
messages, such as ICMP Echo Replies, are
generated.
IMPLEMENTATION:
Various mechanisms have been used or proposed for
limiting the rate at which ICMP messages are sent:
(1) Count-based - for example, send an ICMP error
message for every N dropped packets overall
or per given source host. This mechanism
might be appropriate for ICMP Source Quench,
November 28, 1994
- 62 -
if used, but probably not for other types of
ICMP messages.
(2) Timer-based - for example, send an ICMP error
message to a given source host or overall at
most once per T milliseconds.
IETF Exp. 11 Sep. 1995 [Page 68]
Draft Requirements for IP Version 4 Routers March 1995
(3) Bandwidth-based - for example, limit the rate
at which ICMP messages are sent over a
particular interface to some fraction of the
attached network's bandwidth.
4.3.3 SPECIFIC ISSUES
4.3.3.1 Destination Unreachable
If a route can not cannot forward a packet because it has no
routes at all (including no default route) to the
destination network specified in the packet packet, then the router
MUST generate a Destination Unreachable, Code 0
(Network Unreachable) ICMP message. If the router
does have routes to the destination network specified
in the packet but the TOS specified for the routes is
neither the default TOS (0000) nor the TOS of the
packet that the router is attempting to route, then
the router MUST generate a Destination Unreachable,
Code 11 (Network Unreachable for TOS) ICMP message.
If a packet is to be forwarded to a host on a network
that is directly connected to the router (i.e., the
router is the last-hop router) and the router has
ascertained that there is no path to the destination
host then the router MUST generate a Destination
Unreachable, Code 1 (Host Unreachable) ICMP message.
If a packet is to be forwarded to a host that is on a
network that is directly connected to the router and
the router cannot forward the packet because no route |
to the destination has a TOS that is either equal to |
the TOS requested in the packet or is the default TOS |
(0000) then the router MUST generate a Destination
Unreachable, Code 12 (Host Unreachable for TOS) ICMP
message.
DISCUSSION:
The intent is that a router generates the
November 28, 1994
- 63 -
"generic" host/network unreachable if it has no
path at all (including default routes) to the
IETF Exp. 11 Sep. 1995 [Page 69]
Draft Requirements for IP Version 4 Routers March 1995
destination. If the router has one or more paths
to the destination, but none of those paths have
an acceptable TOS, then the router generates the
"unreachable for TOS" message.
4.3.3.2 Redirect
The ICMP Redirect message is generated to inform a |
local host that it should use a different next hop |
router for certain traffic.
Contrary to [INTRO:2], a router MAY ignore ICMP |
Redirects when choosing a path for a packet
originated by the router if the router is running a
routing protocol or if forwarding is enabled on the
router and on the interface over which the packet is
being sent.
4.3.3.3 Source Quench
A router SHOULD NOT originate ICMP Source Quench
messages. As specified in Section [4.3.2], a router
which
that does originate Source Quench messages MUST be
able to limit the rate at which they are generated.
DISCUSSION:
Research seems to suggest that Source Quench
consumes network bandwidth but is an ineffective
(and unfair) antidote to congestion. See, for
example, [INTERNET:9] and [INTERNET:10]. Section
[5.3.6] discusses the current thinking on how
routers ought to deal with overload and network
congestion.
A router MAY ignore any ICMP Source Quench messages
it receives.
DISCUSSION:
A router itself may receive a Source Quench as the
result of originating a packet sent to another
router or host. Such datagrams might be, e.g., an
IETF Exp. 11 Sep. 1995 [Page 70]
Draft Requirements for IP Version 4 Routers March 1995
EGP update sent to another router, or a telnet
stream sent to a host. A mechanism has been
proposed ([INTERNET:11], [INTERNET:12]) to make
November 28, 1994
- 64 -
the IP layer respond directly to Source Quench by
controlling the rate at which packets are sent,
however, this proposal is currently experimental
and not currently recommended.
4.3.3.4 Time Exceeded
When a router is forwarding a packet and the TTL
field of the packet is reduced to 0, the requirements
of section [5.2.3.8] apply.
When the router is reassembling a packet that is
destined for the router, it is acting as an Internet |
host. [INTRO:2]'s reassembly requirements therefore |
apply.
When the router receives (i.e., is destined for the
router) a Time Exceeded message, it MUST comply with |
[INTRO:2].
4.3.3.5 Parameter Problem
A router MUST generate a Parameter Problem message
for any error not specifically covered by another
ICMP message. The IP header field or IP option
including the byte indicated by the pointer field
MUST be included unchanged in the IP header returned
with this ICMP message. Section [4.3.2] defines an
exception to this requirement.
A new variant of the Parameter Problem message was
defined in [INTRO:2]:
Code 1 = required option is missing.
DISCUSSION:
This variant is currently in use in the military
community for a missing security option.
A router MUST
IETF Exp. 11 Sep. 1995 [Page 71]
Draft Requirements for IP Version 4 Routers March 1995
4.3.3.6 Echo Request/Reply
A router MUST implement an ICMP Echo server function
that receives Echo Requests sent to the router, and
sends corresponding Echo Replies. A router MUST be
prepared to receive, reassemble and echo an ICMP Echo
Request datagram at least as large as the maximum of 576 and
the MTUs of all the connected networks.
November 28, 1994
- 65 -
The Echo server function MAY choose not to respond to
ICMP echo requests addressed to IP broadcast or IP
multicast addresses.
A router SHOULD have a configuration option which, that, if
enabled, causes the router to silently ignore all
ICMP echo requests; if provided, this option MUST
default to allowing responses.
DISCUSSION:
The neutral provision about responding to
broadcast and multicast Echo Requests derives from |
[INTRO:2]'s "Echo Request/Reply" section.
As stated in Section [10.3.3], a router MUST also
implement an a user/application-layer interface for
sending an Echo Request and receiving an Echo Reply,
for diagnostic purposes. All ICMP Echo Reply
messages MUST be passed to this interface.
The IP source address in an ICMP Echo Reply MUST be
the same as the specific-destination address of the
corresponding ICMP Echo Request message.
Data received in an ICMP Echo Request MUST be
entirely included in the resulting Echo Reply.
If a Record Route and/or Timestamp option is received
in an ICMP Echo Request, this option (these options)
SHOULD be updated to include the current router and
included in the IP header of the Echo Reply message,
without truncation. "truncation". Thus, the recorded route will
be for the entire round trip.
If a Source Route option is received in an ICMP Echo
IETF Exp. 11 Sep. 1995 [Page 72]
Draft Requirements for IP Version 4 Routers March 1995
Request, the return route MUST be reversed and used
as a Source Route option for the Echo Reply message, |
unless the router is aware of policy that would |
prevent the delivery of the message.
4.3.3.7 Information Request/Reply
A router SHOULD NOT originate or respond to these
messages.
DISCUSSION:
The Information Request/Reply pair was intended to
support self-configuring systems such as diskless
November 28, 1994
- 66 -
workstations, to allow them to discover their IP |
network prefixes at boot time. However, these
messages are now obsolete. The RARP and BOOTP
protocols provide better mechanisms for a host to
discover its own IP address.
4.3.3.8 Timestamp and Timestamp Reply
A router MAY implement Timestamp and Timestamp Reply.
If they are implemented then:
+ The ICMP Timestamp server function MUST return a
Timestamp Reply to every Timestamp message that is
received. It SHOULD be designed for minimum
variability in delay.
+ An ICMP Timestamp Request message to an IP
broadcast or IP multicast address MAY be silently
discarded.
+ The IP source address in an ICMP Timestamp Reply
MUST be the same as the specific-destination
address of the corresponding Timestamp Request
message.
+ If a Source Route option is received in an ICMP
Timestamp Request, the return route MUST be
reversed and used as a Source Route option for the |
IETF Exp. 11 Sep. 1995 [Page 73]
Draft Requirements for IP Version 4 Routers March 1995
Timestamp Reply message, unless the router is |
aware of policy that would prevent the delivery of |
the message.
+ If a Record Route and/or Timestamp option is
received in a Timestamp Request, this (these)
option(s) SHOULD be updated to include the current
router and included in the IP header of the
Timestamp Reply message.
+ If the router provides an application-layer
interface for sending Timestamp Request messages
then incoming Timestamp Reply messages MUST be
passed up to the ICMP user interface.
The preferred form for a timestamp value (the
standard value)
"standard value") is milliseconds since midnight,
Universal Time. However, it may be difficult to
provide this value with millisecond resolution. For
November 28, 1994
- 67 -
example, many systems use clocks that update only at
line frequency, 50 or 60 times per second.
Therefore, some latitude is allowed in a standard
value: "standard
value":
(a) A standard value "standard value" MUST be updated at least 16
times per second (i.e., at most the six low-
order bits of the value may be undefined).
(b) The accuracy of a standard value "standard value" MUST
approximate that of operator-set CPU clocks,
i.e., correct within a few minutes.
IMPLEMENTATION:
To meet the second condition, a router may need to
query some time server when the router is booted
or restarted. It is recommended that the UDP Time
Server Protocol be used for this purpose. A more
advanced implementation would use the Network Time
Protocol (NTP) to achieve nearly millisecond clock
synchronization; however, this is not required.
IETF Exp. 11 Sep. 1995 [Page 74]
Draft Requirements for IP Version 4 Routers March 1995
4.3.3.9 Address Mask Request/Reply
A router MUST implement support for receiving ICMP
Address Mask Request messages and responding with
ICMP Address Mask Reply messages. These messages are
defined in [INTERNET:2].
A router SHOULD have a configuration option for each
logical interface specifying whether the router is
allowed to answer Address Mask Requests for that
interface; this option MUST default to allowing
responses. A router MUST NOT respond to an Address
Mask Request before the router knows the correct |
address mask.
A router MUST NOT respond to an Address Mask Request
which
that has a source address of 0.0.0.0 and which
arrives on a physical interface which that has associated |
with it multiple logical interfaces and the address |
masks for those interfaces are not all the same.
A router SHOULD examine all ICMP Address Mask Replies
which
that it receives to determine whether the
November 28, 1994
- 68 - information
it contains matches the router's knowledge of the
address mask. If the ICMP Address | Mask Reply appears
to be in error, the router SHOULD | log the address
mask and the sender's IP address. A router MUST NOT
use the contents of an ICMP Address Mask Reply to
determine the correct address mask. |
Because hosts may not be able to learn the address |
mask if a router is down when the host boots up, a
router MAY broadcast a gratuitous ICMP Address Mask
Reply on each of its logical interfaces after it has |
configured its own address masks. However, this
feature can be dangerous in environments which that use
variable length address masks. Therefore, if this |
feature is implemented, gratuitous Address Mask
Replies MUST NOT be broadcast over any logical
interface(s) which either:
+ Are not configured to send gratuitous Address Mask
Replies. Each logical interface MUST have a
configuration parameter controlling this, and that
IETF Exp. 11 Sep. 1995 [Page 75]
Draft Requirements for IP Version 4 Routers March 1995
parameter MUST default to not sending the
gratuitous Address Mask Replies.
+ Share subsuming (but not identical) network |
prefixes and physical interface.
The { <Network-prefix>, -1 } form of the IP broadcast |
address MUST be used for broadcast Address Mask |
Replies.
DISCUSSION:
The ability to disable sending Address Mask
Replies by routers is required at a few sites |
which that
intentionally lie to their hosts about the | address
mask. The need for this is expected to go away as
more and more hosts become compliant with the Host
Requirements standards.
The reason for both the second bullet above and
the requirement about which IP broadcast address |
to use is to prevent problems when multiple IP |
network prefixes are in use on the same physical |
network.
November 28, 1994
- 69 -
4.3.3.10 Router Advertisement and Solicitations
An IP router MUST support the router part of the ICMP
Router Discovery Protocol [INTERNET:13] on all
connected networks on which the router supports
either IP multicast or IP broadcast addressing. The
implementation MUST include all of the configuration
variables specified for routers, with the specified
defaults.
DISCUSSION:
Routers are not required to implement the host
part of the ICMP Router Discovery Protocol, but
might find it useful for operation while IP
forwarding is disabled (i.e., when operating as a
host).
IETF Exp. 11 Sep. 1995 [Page 76]
Draft Requirements for IP Version 4 Routers March 1995
DISCUSSION:
We note that it is quite common for hosts to use
RIP as the router discovery "router discovery" protocol. Such
hosts listen to RIP traffic and use and use
information extracted from that traffic to
discover routers and to make decisions as to which
router to use as a first-hop router for a given
destination. While this behavior is discouraged,
it is still common and implementors should be
aware of it.
4.4 INTERNET GROUP MANAGEMENT PROTOCOL - IGMP
IGMP [INTERNET:4] is a protocol used between hosts and
multicast routers on a single physical network to establish
hosts' membership in particular multicast groups.
Multicast routers use this information, in conjunction with
a multicast routing protocol, to support IP multicast
forwarding across the Internet.
A router SHOULD implement the host part of IGMP.
November 28, 1994
- 70
IETF Exp. 11 Sep. 1995 [Page 77]
Draft Requirements for IP Version 4 Routers March 1995
5. INTERNET LAYER - FORWARDING
5.1 INTRODUCTION
This section describes the process of forwarding packets.
5.2 FORWARDING WALK-THROUGH
There is no separate specification of the forwarding
function in IP. Instead, forwarding is covered by the
protocol specifications for the internet layer protocols
([INTERNET:1], [INTERNET:2], [INTERNET:3], [INTERNET:8],
and [ROUTE:11]).
5.2.1 Forwarding Algorithm
Since none of the primary protocol documents describe
the forwarding algorithm in any detail, we present it
here. This is just a general outline, and omits
important details, such as handling of congestion, that
are dealt with in later sections.
It is not required that an implementation follow exactly
the algorithms given in sections [5.2.1.1], [5.2.1.2],
and [5.2.1.3]. Much of the challenge of writing router
software is to maximize the rate at which the router can
forward packets while still achieving the same effect of
the algorithm. Details of how to do that are beyond the
scope of this document, in part because they are heavily
dependent on the architecture of the router. Instead,
we merely point out the order dependencies among the
steps:
(1) A router MUST verify the IP header, as described in
section [5.2.2], before performing any actions
based on the contents of the header. This allows
the router to detect and discard bad packets before
the expenditure of other resources.
(2) Processing of certain IP options requires that the
IETF Exp. 11 Sep. 1995 [Page 78]
Draft Requirements for IP Version 4 Routers March 1995
router insert its IP address into the option. As
noted in Section [5.2.4], the address inserted MUST
be the address of the logical interface on which
the packet is sent or the router's router-id if the
packet is sent over an unnumbered interface. Thus,
processing of these options cannot be completed
until after the output interface is chosen.
(3) The router cannot check and decrement the TTL before
checking whether the packet should be delivered to
the router itself, for reasons mentioned in Section
November 28, 1994
- 71 -
[4.2.2.9].
(4) More generally, when a packet is delivered locally
to the router, its IP header MUST NOT be modified
in any way (except that a router may be required to
insert a timestamp into any Timestamp options in
the IP header). Thus, before the router determines
whether the packet is to be delivered locally to
the router, it cannot update the IP header in any
way that it is not prepared to undo.
5.2.1.1 General
This section covers the general forwarding algorithm.
This algorithm applies to all forms of packets to be
forwarded: unicast, multicast, and broadcast.
(1) The router receives the IP packet (plus
additional information about it, as described in
Section [3.1]) from the Link Layer.
(2) The router validates the IP header, as described
in Section [5.2.2]. Note that IP reassembly is
not done, except on IP fragments to be queued
for local delivery in step (4).
(3) The router performs most of the processing of any
IP options. As described in Section [5.2.4],
some IP options require additional processing
after the routing decision has been made.
IETF Exp. 11 Sep. 1995 [Page 79]
Draft Requirements for IP Version 4 Routers March 1995
(4) The router examines the destination IP address of
the IP datagram, as described in Section
[5.2.3], to determine how it should continue to
process the IP datagram. There are three
possibilities:
+ The IP datagram is destined for the router,
and should be queued for local delivery,
doing reassembly if needed.
+ The IP datagram is not destined for the
router, and should be queued for forwarding.
+ The IP datagram should be queued for
November 28, 1994
- 72 -
forwarding, but (a copy) must also be queued
for local delivery.
5.2.1.2 Unicast
Since the local delivery case is well-covered well covered by
[INTRO:2], the following assumes that the IP datagram
was queued for forwarding. If the destination is an
IP unicast address:
(5) The forwarder determines the next hop IP address
for the packet, usually by looking up the
packet's destination in the router's routing
table. This procedure is described in more
detail in Section [5.2.4]. This procedure also
decides which network interface should be used
to send the packet.
(6) The forwarder verifies that forwarding the packet
is permitted. The source and destination
addresses should be valid, as described in
Section [5.3.7] and Section [5.3.4] If the
router supports administrative constraints on
forwarding, such as those described in Section
[5.3.9], those constraints must be satisfied.
(7) The forwarder decrements (by at least one) and
checks the packet's TTL, as described in Section
[5.3.1].
IETF Exp. 11 Sep. 1995 [Page 80]
Draft Requirements for IP Version 4 Routers March 1995
(8) The forwarder performs any IP option processing
that could not be completed in step 3.
(9) The forwarder performs any necessary IP
fragmentation, as described in Section
[4.2.2.7]. Since this step occurs after
outbound interface selection (step 5), all
fragments of the same datagram will be
transmitted out the same interface.
(10) The forwarder determines the Link Layer address
of the packet's next hop. The mechanisms for
doing this are Link Layer-dependent (see chapter
3).
(11) The forwarder encapsulates the IP datagram (or
November 28, 1994
- 73 -
each of the fragments thereof) in an appropriate
Link Layer frame and queues it for output on the
interface selected in step 5.
(12) The forwarder sends an ICMP redirect if
necessary, as described in Section [4.3.3.2].
5.2.1.3 Multicast
If the destination is an IP multicast, the following
steps are taken.
Note that the main differences between the forwarding
of IP unicasts and the forwarding of IP multicasts
are
+ IP multicasts are usually forwarded based on both
the datagram's source and destination IP
addresses,
+ IP multicast uses an expanding ring search,
+ IP multicasts are forwarded as Link Level
multicasts, and
+ ICMP errors are never sent in response to IP
multicast datagrams.
IETF Exp. 11 Sep. 1995 [Page 81]
Draft Requirements for IP Version 4 Routers March 1995
Note that the forwarding of IP multicasts is still
somewhat experimental. As a result, the algorithm
presented below is not mandatory, and is provided as
an example only.
(5a) Based on the IP source and destination addresses
found in the datagram header, the router
determines whether the datagram has been
received on the proper interface for forwarding.
If not, the datagram is dropped silently. The
method for determining the proper receiving
interface depends on the multicast routing
algorithm(s) in use. In one of the simplest
algorithms, reverse path forwarding (RPF), the
proper interface is the one that would be used
to forward unicasts back to the datagram source.
(6a) Based on the IP source and destination addresses
November 28, 1994
- 74 -
found in the datagram header, the router
determines the datagram's outgoing interfaces.
In order to
To implement IP multicast's expanding ring
search (see [INTERNET:4]) a minimum TTL value is
specified for each outgoing interface. A copy
of the multicast datagram is forwarded out each
outgoing interface whose minimum TTL value is
less than or equal to the TTL value in the
datagram header, by separately applying the
remaining steps on each such interface.
(7a) The router decrements the packet's TTL by one.
(8a) The forwarder performs any IP option processing
that could not be completed in step (3).
(9a) The forwarder performs any necessary IP
fragmentation, as described in Section
[4.2.2.7].
(10a) The forwarder determines the Link Layer address
to use in the Link Level encapsulation. The
mechanisms for doing this are Link Layer-
dependent. On LANs a Link Level multicast or
broadcast is selected, as an algorithmic
translation of the datagrams' class D
destination IP multicast
IETF Exp. 11 Sep. 1995 [Page 82]
Draft Requirements for IP Version 4 Routers March 1995
address. See the various IP-over-
xxx IP-over-xxx
specifications for more details.
(11a) The forwarder encapsulates the packet (or each
of the fragments thereof) in an appropriate Link
Layer frame and queues it for output on the
appropriate interface.
5.2.2 IP Header Validation
Before a router can process any IP packet, it MUST
perform a the following basic validity checks on the
packet's IP header to ensure that the header is
meaningful. If the packet fails any of the following
tests, it MUST be silently discarded, and the error
SHOULD be logged.
(1) The packet length reported by the Link Layer must be
large enough to hold the minimum length legal IP
datagram (20 bytes).
November 28, 1994
- 75 -
(2) The IP checksum must be correct.
(3) The IP version number must be 4. If the version
number is not 4 then the packet may well be another
version of IP, such as IPng or ST-II.
(4) The IP header length field must be at least 5. large enough to |
hold the minimum length legal IP datagram (20 bytes |
= 5 words).
(5) The IP total header length field must be at least 4 * large enough to |
hold the IP datagram header, whose length is |
specified in the IP header length field.
A router MUST NOT have a configuration option which that
allows disabling any of these tests.
If the packet passes the second and third tests, the IP
header length field is at least 4, and both the IP total
length field and the packet length reported by the Link
Layer are at least 16 then, despite the above rule, the
router MAY respond with an ICMP Parameter Problem
IETF Exp. 11 Sep. 1995 [Page 83]
Draft Requirements for IP Version 4 Routers March 1995
message, whose pointer points at the IP header length
field (if it failed the fourth test) or the IP total
length field (if it failed the fifth test). However, it
still MUST discard the packet and still SHOULD log the
error.
These rules (and this entire document) apply only to
version 4 of the Internet Protocol. These rules should
not be construed as prohibiting routers from supporting
other versions of IP. Furthermore, if a router can
truly classify a packet as being some other version of
IP then it ought not treat that packet as an error
packet within the context of this memo.
IMPLEMENTATION:
It is desirable for purposes of error reporting,
though not always entirely possible, to determine why
a header was invalid. There are four possible
reasons:
+ The Link Layer truncated the IP header
+ The datagram is using a version of IP other than
the standard one (version 4).
+ The IP header has been corrupted in transit.
November 28, 1994
- 76 -
+ The sender generated an illegal IP header.
It is probably desirable to perform the checks in the
order listed, since we believe that this ordering is
most likely to correctly categorize the cause of the
error. For purposes of error reporting, it may also
be desirable to check if a packet which that fails these
tests has an IP version number equal to 6. If it
does, the packet is probably an ST-II datagram and indicating IPng or
ST-II; these should be treated as such. ST-II is described in
[FORWARD:1]. handled according to their
respective specifications.
Additionally, the router SHOULD verify that the packet
length reported by the Link Layer is at least as large
as the IP total length recorded in the packet's IP
header. If it appears that the packet has been
truncated, the packet MUST be discarded, the error
SHOULD be logged, and the router SHOULD respond with an
IETF Exp. 11 Sep. 1995 [Page 84]
Draft Requirements for IP Version 4 Routers March 1995
ICMP Parameter Problem message whose pointer points at
the IP total length field.
DISCUSSION:
Because any higher layer protocol which that concerns
itself with data corruption will detect truncation of
the packet data when it reaches its final
destination, it is not absolutely necessary for
routers to perform the check suggested above in order to
maintain protocol correctness. However, by making
this check a router can simplify considerably the
task of determining which hop in the path is
truncating the packets. It will also reduce the
expenditure of resources down-stream "down-stream" from the
router in that down-stream systems will not need to
deal with the packet.
Finally, if the destination address in the IP header is
not one of the addresses of the router, the router
SHOULD verify that the packet does not contain a Strict
Source and Record Route option. If a packet fails this
test, |
test (if it contains a strict source route option), the
router SHOULD log the error and SHOULD respond with an
ICMP Parameter Problem error with the pointer pointing
at the offending packet's IP destination address.
DISCUSSION:
November 28, 1994
- 77 -
Some people might suggest that the router should
respond with a Bad Source Route message instead of a
Parameter Problem message. However, when a packet
fails this test, it usually indicates a protocol
error by the previous hop router, whereas Bad Source
Route would suggest that the source host had
requested a nonexistent or broken path through the
network.
5.2.3 Local Delivery Decision
When a router receives an IP packet, it must decide
whether the packet is addressed to the router (and
should be delivered locally) or the packet is addressed
to another system (and should be handled by the
IETF Exp. 11 Sep. 1995 [Page 85]
Draft Requirements for IP Version 4 Routers March 1995
forwarder). There is also a hybrid case, where certain
IP broadcasts and IP multicasts are both delivered
locally and forwarded. A router MUST determine which of
the these three cases applies using the following rules. |
+ An unexpired source route option is one whose pointer
value does not point past the last entry in the
source route. If the packet contains an unexpired
source route option, the pointer in the option is
advanced until either the pointer does point past the
last address in the option or else the next address
is not one of the router's own addresses. In the
latter (normal) case, the packet is forwarded (and
not delivered locally) regardless of the rules below.
+ The packet is delivered locally and not considered for
forwarding in the following cases:
- The packet's destination address exactly matches
one of the router's IP addresses,
- The packet's destination address is a limited
broadcast address ({-1, -1}), and or |
- The packet's destination is an IP multicast address |
which is never forwarded (such as 224.0.0.1 or |
224.0.0.2) and (at least) one of the logical
interfaces associated with the physical interface
on which the packet arrived is a member of the
November 28, 1994
- 78 -
destination multicast group.
+ The packet is passed to the forwarder AND delivered
locally in the following cases:
- The packet's destination address is an IP broadcast
address that addresses at least one of the
router's logical interfaces but does not address
any of the logical interfaces associated with the
physical interface on which the packet arrived
- The packet's destination is an IP multicast address |
which is permitted to be forwarded (unlike |
224.0.0.1 and 224.0.0.2) and (at least) one of the |
IETF Exp. 11 Sep. 1995 [Page 86]
Draft Requirements for IP Version 4 Routers March 1995
logical interfaces associated with the physical |
interface on which the packet arrived is a member |
of the destination multicast group.
+ The packet is delivered locally if the packet's
destination address is an IP broadcast address (other
than a limited broadcast address) that addresses at
least one of the logical interfaces associated with
the physical interface on which the packet arrived.
The packet is ALSO passed to the forwarder unless the
link on which the packet arrived uses an IP
encapsulation that does not encapsulate broadcasts
differently than unicasts (e.g. (e.g., by using different
Link Layer destination addresses).
+ The packet is passed to the forwarder in all other
cases.
DISCUSSION:
The purpose of the requirement in the last sentence
of the fourth bullet is to deal with a directed |
broadcast to another network prefix on the same
physical cable. Normally, this works as expected:
the sender sends the broadcast to the router as a
Link Layer unicast. The router notes that it arrived
as a unicast, and therefore must be destined for a |
different network prefix than the sender sent it on.
Therefore, the router can safely send it as a Link |
Layer broadcast out the same (physical) interface
over which it arrived. However, if the router can't
tell whether the packet was received as a Link Layer
November 28, 1994
- 79 -
unicast, the sentence ensures that the router does
the safe but wrong thing rather than the unsafe but
right thing.
IMPLEMENTATION:
As described in Section [5.3.4], packets received as
Link Layer broadcasts are generally not forwarded.
It may be advantageous to avoid passing to the
forwarder packets it would later discard because of
the rules in that section.
Some Link Layers (either because of the hardware or
IETF Exp. 11 Sep. 1995 [Page 87]
Draft Requirements for IP Version 4 Routers March 1995
because of special code in the drivers) can deliver
to the router copies of all Link Layer broadcasts and
multicasts it transmits. Use of this feature can
simplify the implementation of cases where a packet
has to both be passed to the forwarder and delivered
locally, since forwarding the packet will
automatically cause the router to receive a copy of
the packet that it can then deliver locally. One
must use care in these circumstances in order to prevent
treating a received loop-back packet as a normal
packet that was received (and then being subject to
the rules of forwarding, etc etc). etc.).
Even in the absence of without such a Link Layer, it is of course
hardly necessary to make a copy of an entire packet in order
to queue it both for forwarding and for local
delivery, though care must be taken with fragments,
since reassembly is performed on locally delivered
packets but not on forwarded packets. One simple
scheme is to associate a flag with each packet on the
router's output queue which that indicates whether it
should be queued for local delivery after it has been
sent.
5.2.4 Determining the Next Hop Address
When a router is going to forward a packet, it must
determine whether it can send it directly to its
destination, or whether it needs to pass it through
another router. If the latter, it needs to determine
which router to use. This section explains how these
determinations are made.
November 28, 1994
- 80 -
This section makes use of the following definitions:
+ LSRR "LSRR" - IP Loose Source and Record Route option
+ SSRR "SSRR" - IP Strict Source and Record Route option
+ Source "Source Route Option Option" - an LSRR or an SSRR
+ Ultimate "Ultimate Destination Address Address" - where the packet is
being sent to: the last address in the source route
IETF Exp. 11 Sep. 1995 [Page 88]
Draft Requirements for IP Version 4 Routers March 1995
of a source-routed packet, or the destination address
in the IP header of a non-source-routed packet
+ Adjacent "Adjacent" - reachable without going through any IP
routers
+ Next "Next Hop Address Address" - the IP address of the adjacent
host or router to which the packet should be sent
next
+ IP "IP Destination Address Address" - the ultimate destination |
address, except in source routed packets, where it is
the next address specified in the source route
+ Immediate Destination - the node, system, System, router,
end-system, or whatever that is addressed by the IP |
Destination Address.
5.2.4.1 IP Destination Address
If : |
+ the destination address in the IP header is one of |
the addresses of the router and router, |
+ the packet contains a Source Route Option, and |
+ the pointer in the Source Route Option does not |
point past the end of the option, |
then the next IP Destination Address is | the address |
pointed at by the pointer in that option option. If : |
if
+ the destination address in the IP header is one of |
the addresses of the router, |
+ the packet contains a Source Route Option, and |
+ the pointer does not point in the Source Route Option points past |
the end of the option, |
option. Otherwise,
then the IP Destination Address message is addressed to the system analyzing |
same as the IP destination address in
the message. |
IETF Exp. 11 Sep. 1995 [Page 89]
Draft Requirements for IP header. Version 4 Routers March 1995
A router MUST use the IP Destination Address, not the |
Ultimate Destination Address, Address (the last address in the |
source route option), when determining how to handle
a packet.
It is an error for more than one source route option
to appear in a datagram. If it receives one, such a |
datagram, it SHOULD discard the packet and reply with
an ICMP Parameter Problem message whose pointer
points at the
November 28, 1994
- 81 - beginning of the second source route
option.
5.2.4.2 Local/Remote Decision
After it has been determined that the IP packet needs
to be forwarded in accordance with according to the rules | specified in
Section [5.2.3], the following algorithm | MUST be used
to determine if the Immediate | Destination is directly
accessible (see | [INTERNET:2]). |
(1) For each network interface that has not been |
assigned any IP address (the unnumbered lines "unnumbered lines"
as | described in Section [2.2.7]), compare the |
router-id of the other end of the line to the IP |
Destination Address. If they are exactly equal,
the packet can be transmitted through this
interface.
DISCUSSION:
In other words, the router or host at the
remote end of the line is the destination of
the packet or is the next step in the source
route of a source routed packet.
(2) If no network interface has been selected in the |
first step, for each IP address assigned to the
router:
(a) isolate the network prefix used by the |
interface.
IMPLEMENTATION:
The result of this operation will
usually have been computed and saved
IETF Exp. 11 Sep. 1995 [Page 90]
Draft Requirements for IP Version 4 Routers March 1995
during initialization.
(b) Isolate the corresponding set of bits from |
the IP Destination Address of the packet.
(c) Compare the resulting network prefixes. If |
they are equal to each other, the packet
can be transmitted through the
corresponding network interface.
(3) If the destination was not neither the router-id of a |
neighbor on an unnumbered interface and was nor a |
November 28, 1994
- 82 - member
of no a directly connected network prefix, | the IP
Destination is accessible only through | some
other router. The selection of the router | and
the next hop "next hop" IP address is described in |
Section [5.2.4.3]. In the case of a host that |
is not also a router, this may be the configured |
default router. | Ongoing work in the IETF
[ARCH:9, NRHP] | considers some cases such as when
multiple IP | (sub)networks are overlaid on the
same link | layer network. Barring policy
restrictions, | hosts and routers using a common
link layer | network can directly communicate even
if they | are not in the same IP (sub)network, if
there is | adequate information present. The Next
Hop | Routing Protocol (NHRP) enables IP entities
to | determine the "optimal" link layer address to
be | used to traverse such a link layer network |
towards a remote destination. |
(4) If the selected "next hop" is reachable through an |
interface configured to use NHRP, then the |
following additional steps apply: |
(a) Compare the IP Destination Address to the |
destination addresses in the NHRP cache. If |
the address is in the cache, then send the |
datagram to the corresponding cached link |
layer address. |
(b) If the address is not in the cache, then |
construct an NHRP request packet containing |
the IP Destination Address. This message is |
sent to the NHRP server configured for that |
interface. This may be a logically separate |
process or entity in the router itself. |
IETF Exp. 11 Sep. 1995 [Page 91]
Draft Requirements for IP Version 4 Routers March 1995
(c) The NHRP server will respond with the proper |
link layer address to use in order to transmit | the
datagram and subsequent datagrams to the | same
destination. The system MAY transmit the |
datagram(s) to the traditional "next hop" |
router while awaiting the NHRP reply.
5.2.4.3 Next Hop Address
EDITOR'S COMMENTS: |
November 28, 1994
- 83 -
Additional useful or interesting information from *
RoNH has been extracted and placed into an
appendix to this note.
The router applies the algorithm in the previous
section to determine if the IP Destination Address is |
adjacent. If so, the next hop address is the same as |
the IP Destination Address. Otherwise, the packet
must be forwarded through another router to reach its
Immediate Destination. The selection of this router
is the topic of this section.
If the packet contains an SSRR, the router MUST
discard the packet and reply with an ICMP Bad Source
Route error. Otherwise, the router looks up the IP |
Destination Address in its routing table to determine |
an appropriate next hop address.
DISCUSSION:
Per the IP specification, a Strict Source Route
must specify a sequence of nodes through which the
packet must traverse; the packet must go from one
node of the source route to the next, traversing
intermediate networks only. Thus, if the router
is not adjacent to the next step of the source
route, the source route can not be fulfilled.
Therefore, the router rejects such with an ICMP
Bad Source Route error.
The goal of the next-hop selection process is to
examine the entries in the router's Forwarding
Information Base (FIB) and select the best route (if
IETF Exp. 11 Sep. 1995 [Page 92]
Draft Requirements for IP Version 4 Routers March 1995
there is one) for the packet from those available in
the FIB.
Conceptually, any route lookup algorithm starts out
with a set of candidate routes which that consists of the
entire contents of the FIB. The algorithm consists
of a series of steps which that discard routes from the
set. These steps are referred to as Pruning Rules.
Normally, when the algorithm terminates there is
exactly one route remaining in the set. If the set
ever becomes empty, the packet is discarded because
the destination is unreachable. It is also possible
for the algorithm to terminate when more than one
route remains in the set. In this case, the router
November 28, 1994
- 84 -
may arbitrarily discard all but one of them, or may
perform "load-splitting" by choosing whichever of the
routes has been least recently used.
With the exception of rule 3 (Weak TOS), a router
MUST use the following Pruning Rules when selecting a
next hop for a packet. If a router does consider TOS
when making next-hop decisions, the Rule 3 must be
applied in the order indicated below. These rules
MUST be (conceptually) applied to the FIB in the
order that they are presented. (For some historical
perspective, additional pruning rules, and other
common algorithms in use, see Appendix E). E.)
DISCUSSION:
Rule 3 is optional in that Section [5.3.2] says
that a router only SHOULD consider TOS when making
forwarding decisions.
(1) Basic Match
This rule discards any routes to destinations |
other than the IP Destination Address of the |
packet. For example, if a packet's IP |
Destination Address is 36.144.2.5, this step |
would discard a route to net 128.12.0.0/16 but |
would retain any routes to the network prefixes |
36.0.0.0/8 and 36.144.0.0/16, and any default
routes.
IETF Exp. 11 Sep. 1995 [Page 93]
Draft Requirements for IP Version 4 Routers March 1995
More precisely, we assume that each route has a
destination attribute, called route.dest, and a |
corresponding prefix length, called |
route.length, to specify which bits of
route.dest are significant. The IP Destination |
Address of the packet being forwarded is |
ip.dest. This rule discards all routes from the
set of candidate routes candidates except those for which | the
most significant route.length bits of | route.dest
and ip.dest are equal.
For example, if a packet's IP Destination
Address is 36.144.2.5 and there are network
prefixes 36.144.1.0/24, 36.144.2.0/24, and
36.144.3.0/24, this rule would keep only
36.144.2.0/24; it is the only route whose prefix
has the same value as the corresponding bits in
the IP Destination Address of the packet.
(2) Longest Match
Longest Match is a refinement of Basic Match,
described above. After performing Basic Match pruning is
performed,
pruning, the algorithm examines the remaining
routes are examined to
November 28, 1994
- 85 - determine the maximum number of bits set in any |
of their route.mask attributes.The step then |
discards from the set of candidate routes any |
routes which among them have fewer than that maximum number |
of bits set in their route.mask attributes. the
largest route.length values. All except these
are discarded.
For example, if a packet's IP Destination |
Address is 36.144.2.5 and there are network |
prefixes 36.144.2.0/24, 36.144.0.0/16, and |
36.0.0.0/8, then this rule would keep only the |
first (36.144.2.0/24) because its prefix length |
is longest.
(3) Weak TOS
Each route has a type of service attribute,
called route.tos, whose possible values are
assumed to be identical to those used in the TOS
field of the IP header. Routing protocols which | that
distribute TOS information fill in route.tos |
appropriately in routes they add to the FIB;
routes from other routing protocols are treated
as if they have the default TOS (0000). The TOS |
field in the IP header of the packet being |
IETF Exp. 11 Sep. 1995 [Page 94]
Draft Requirements for IP Version 4 Routers March 1995
routed is called ip.tos.
The set of candidate routes is examined to
determine if it contains any routes for which
route.tos = ip.tos. If so, all routes except |
those for which route.tos = ip.tos are
discarded. If not, all routes except those for
which route.tos = 0000 are discarded from the
set of candidate routes.
Additional discussion of routing based on Weak |
TOS may be found in [ROUTE:11].
DISCUSSION:
The effect of this rule is to select only
those routes which that have a TOS that matches the
TOS requested in the packet. If no such
routes exist then routes with the default TOS
are considered. Routes with a non-default
TOS that is not the TOS requested in the
packet are never used, even if such routes
are the only available routes that go to the
November 28, 1994
- 86 -
packet's destination.
(4) Best Metric
Each route has a metric attribute, called
route.metric, and a routing domain identifier, |
called route.domain. Each member of the set of
candidate routes is compared with each other
member of the set. If route.domain is equal for
the two routes and route.metric is strictly
inferior
"inferior" for one when compared with the other,
then the one with the inferior "inferior" metric is
discarded from the set. The determination of
inferior
"inferior" is usually by a simple arithmetic
comparison, though some protocols may have
structured metrics requiring more complex
comparisons.
(5) Vendor Policy
Vendor Policy is sort of a catch-all to make up
for the fact that the previously listed rules
are often inadequate to chose choose from among the possible
routes. Vendor Policy pruning rules are
IETF Exp. 11 Sep. 1995 [Page 95]
Draft Requirements for IP Version 4 Routers March 1995
extremely vendor-specific. See section
[5.2.4.4].
This algorithm has two distinct disadvantages.
Presumably, a router implementor might develop
techniques to deal with these disadvantages and make
them a part of the Vendor Policy pruning rule.
(1) IS-IS and OSPF route classes are not directly
handled.
(2) Path properties other than type of service (e.g. (e.g.,
MTU) are ignored.
It is also worth noting a deficiency in the way that
TOS is supported: routing protocols which that support TOS
are implicitly preferred when forwarding packets
which that
have non-zero TOS values.
The Basic Match and Longest Match pruning rules
generalize the treatment of a number of particular
types of routes. These routes are selected in the
following, decreasing, order of preference:
November 28, 1994
- 87 -
(1) Host Route: This is a route to a specific end
system.
(2) Hierarchical Network Prefix Routes: This is a |
route to a particular network prefix. Note that |
the FIB may contain several routes to network |
prefixes that subsume each other (one prefix is |
the other prefix with additional bits). These |
are selected in order of decreasing prefix |
length.
(5) Default Route: This is a route to all networks |
for which there are no explicit routes. It is |
by definition the route whose prefix length is |
zero.
If, after application of the pruning rules, the set
of routes is empty (i.e., no routes were found), the
packet MUST be discarded and an appropriate ICMP
error generated (ICMP Bad Source Route if the IP |
IETF Exp. 11 Sep. 1995 [Page 96]
Draft Requirements for IP Version 4 Routers March 1995
Destination Address came from a source route option;
otherwise, whichever of ICMP Destination Host
Unreachable or Destination Network Unreachable is
appropriate, as described in Section [4.3.3.1]).
5.2.4.4 Administrative Preference
One suggested mechanism for the Vendor Policy Pruning
Rule is to use administrative preference. preference, which is a |
simple prioritization algorithm. The idea is to |
manually prioritize the routes that one might need to |
select among.
Each route has associated with it a preference value, | "preference
value", based on various attributes of the route
(specific | mechanisms for assignment of preference
values are | suggested below). This preference value
is an integer in the range [0..255], with zero being
the most preferred and 254 being the least preferred.
255 is a special value that means that the route
should never be used. The first step in the Vendor
Policy pruning rule discards all but the most
preferable routes (and always discards routes whose
preference value is 255).
This policy is not safe "safe" in that it can easily be
misused to create routing loops. Since no protocol
ensures that the preferences configured for a router
are
is consistent with the preferences configured in its
November 28, 1994
- 88 -
neighbors, network managers must exercise care in
configuring preferences.
+ Address Match
It is useful to be able to assign a single
preference value to all routes (learned from the
same routing domain) to any of a specified set of
destinations, where the set of destinations is all
destinations that match a specified network |
prefix.
+ Route Class
For routing protocols which maintain the
distinction, it is useful to be able to assign a
single preference value to all routes (learned
from
IETF Exp. 11 Sep. 1995 [Page 97]
Draft Requirements for IP Version 4 Routers March 1995
single preference value to all routes (learned
from the same routing domain) which have a
particular route class (intra-area, inter-area,
external with internal metrics, or external with
external metrics).
+ Interface
It is useful to be able to assign a single
preference value to all routes (learned from a
particular routing domain) that would cause
packets to be routed out a particular logical
interface on the router (logical interfaces
generally map one-to-one onto the router's network
interfaces, except that any network interface
which that
has multiple IP addresses will have multiple
logical interfaces associated with it).
+ Source router
It is useful to be able to assign a single
preference value to all routes (learned from the
same routing domain) which that were learned from any of
a set of routers, where the set of routers are
those whose updates have a source address which | that
match a specified network prefix.
+ Originating AS
For routing protocols which provide the
information, it is useful to be able to assign a
single preference value to all routes (learned
from a particular routing domain) which originated
in another particular routing domain. For BGP
November 28, 1994
- 89 -
routes, the originating AS is the first AS listed
in the route's AS_PATH attribute. For OSPF
external routes, the originating AS may be
considered to be the low order 16 bits of the
route's external route tag if the tag's Automatic
bit is set and the tag's PathLength Path Length is not equal
to 3.
+ External route tag
It is useful to be able to assign a single
preference value to all OSPF external routes
(learned from the same routing domain) whose
external route tags match any of a list of
IETF Exp. 11 Sep. 1995 [Page 98]
Draft Requirements for IP Version 4 Routers March 1995
specified values. Because the external route tag
may contain a structured value, it may be useful
to provide the ability to match particular
subfields of the tag.
+ AS path
It may be useful to be able to assign a single
preference value to all BGP routes (learned from
the same routing domain) whose AS path "matches"
any of a set of specified values. It is not yet
clear exactly what kinds of matches are most
useful. A simple option would be to allow
matching of all routes for which a particular AS
number appears (or alternatively, does not appear)
anywhere in the route's AS_PATH attribute. A more
general but somewhat more difficult alternative
would be to allow matching all routes for which
the AS path matches a specified regular
expression.
5.2.4.6 Load Splitting
At the end of the Next-hop selection process,
multiple routes may still remain. A router has
several options when this occurs. It may arbitrarily
discard some of the routes. It may reduce the number
of candidate routes by comparing metrics of routes
from routing domains which that are not considered
equivalent. It may retain more than one route and
employ a load-splitting "load-splitting" mechanism to divide traffic
among them. Perhaps the only thing that can be said
about the relative merits of the options is that
load-splitting is useful in some situations but not
November 28, 1994
- 90 -
in others, so a wise implementor who implements
load-splitting will also provide a way for the
network manager to disable it.
5.2.5 Unused IP Header Bits: RFC-791 Section 3.1
The IP header contains several reserved bits, in the
Type of Service field and in the Flags field. Routers
MUST NOT drop packets merely because one or more of
IETF Exp. 11 Sep. 1995 [Page 99]
Draft Requirements for IP Version 4 Routers March 1995
these reserved bits has a non-zero value.
Routers MUST ignore and MUST pass through unchanged the
values of these reserved bits. If a router fragments a
packet, it MUST copy these bits into each fragment.
DISCUSSION:
Future revisions to the IP protocol may make use of
these unused bits. These rules are intended to
ensure that these revisions can be deployed without
having to simultaneously upgrade all routers in the
Internet.
5.2.6 Fragmentation and Reassembly: RFC-791 Section 3.2
As was discussed in Section [4.2.2.7], a router MUST
support IP fragmentation.
A router MUST NOT reassemble any datagram before
forwarding it. |
DISCUSSION:
A few people have suggested that there might be some
topologies where reassembly of transit datagrams by
routers might improve performance. In general,
however, the The fact that
fragments may take different paths to the destination
precludes safe use of such a feature.
Nothing in this section should be construed to
control or limit fragmentation or reassembly
performed as a link layer function by the router.
Similarly, if an IP datagram is encapsulated in
another IP datagram (e.g., it is tunnelled), that
datagram is in turn fragmented, the fragments must be
reassembled in order to forward the original
datagram. This section does not preclude this.
IETF Exp. 11 Sep. 1995 [Page 100]
Draft Requirements for IP Version 4 Routers March 1995
5.2.7 Internet Control Message Protocol - ICMP
General requirements for ICMP were discussed in Section
[4.3]. This section discusses ICMP messages which that are
November 28, 1994
- 91 -
sent only by routers.
5.2.7.1 Destination Unreachable
The ICMP Destination Unreachable message is sent by a
router in response to a packet which it cannot
forward because the destination (or next hop) is |
unreachable or a service is unavailable unavailable. Examples of |
such cases include a message addressed to a host |
which is not there and therefore does not respond to |
ARP requests, and messages addressed to network |
prefixes for which the router has no valid route.
A router MUST be able to generate ICMP Destination
Unreachable messages and SHOULD choose a response
code that most closely matches the reason why the message
is being generated.
The following codes are defined in [INTERNET:8] and
[INTRO:2]:
0 = Network Unreachable - generated by a router if a
forwarding path (route) to the destination
network is not available;
1 = Host Unreachable - generated by a router if a
forwarding path (route) to the destination host |
on a directly connected network is not
available; available |
(does not respond to ARP);
2 = Protocol Unreachable - generated if the transport
protocol designated in a datagram is not
supported in the transport layer of the final
destination;
3 = Port Unreachable - generated if the designated
transport protocol (e.g. (e.g., UDP) is unable to
demultiplex the datagram in the transport layer
of the final destination but has no protocol
IETF Exp. 11 Sep. 1995 [Page 101]
Draft Requirements for IP Version 4 Routers March 1995
mechanism to inform the sender;
4 = Fragmentation Needed and DF Set - generated if a
router needs to fragment a datagram but cannot
since the DF flag is set;
5 = Source Route Failed - generated if a router
cannot forward a packet to the next hop in a
source route option;
6 = Destination Network Unknown - This code SHOULD
November 28, 1994
- 92 -
NOT be generated since it would imply on the
part of the router that the destination network
does not exist (net unreachable code 0 SHOULD be
used in place of code 6);
7 = Destination Host Unknown - generated only when a
router can determine (from link layer advice)
that the destination host does not exist;
11 = Network Unreachable For Type Of Service -
generated by a router if a forwarding path
(route) to the destination network with the
requested or default TOS is not available;
12 = Host Unreachable For Type Of Service - generated
if a router cannot forward a packet because its
route(s) to the destination do not match either
the TOS requested in the datagram or the default
TOS (0).
The following additional codes are hereby defined:
13 = Communication Administratively Prohibited -
generated if a router cannot forward a packet
due to administrative filtering;
14 = Host Precedence Violation. Sent by the first
hop router to a host to indicate that a
requested precedence is not permitted for the
particular combination of source/destination
host or network, upper layer protocol, and
source/destination port;
IETF Exp. 11 Sep. 1995 [Page 102]
Draft Requirements for IP Version 4 Routers March 1995
15 = Precedence cutoff in effect. The network
operators have imposed a minimum level of
precedence required for operation, the datagram
was sent with a precedence below this level;
NOTE: [INTRO:2] defined Code 8 for source "source host
isolated.
isolated". Routers SHOULD NOT generate Code 8;
whichever of Codes 0 (Network Unreachable) and 1
(Host Unreachable) is appropriate SHOULD be used
instead. [INTRO:2] also defined Code 9 for
communication with destination network
administratively prohibited and Code 10 for
November 28, 1994
- 93 -
communication with destination host administratively
prohibited. These codes were intended for use by
end-to-end encryption devices used by U.S military
agencies. Routers SHOULD use the newly defined Code
13 (Communication Administratively Prohibited) if
they administratively filter packets.
Routers MAY have a configuration option that causes
Code 13 (Communication Administratively Prohibited)
messages not to be generated. When this option is
enabled, no ICMP error message is sent in response to
a packet which that is dropped because its forwarding is
administratively prohibited.
Similarly, routers MAY have a configuration option
that causes Code 14 (Host Precedence Violation) and
Code 15 (Precedence Cutoff in Effect) messages not to
be generated. When this option is enabled, no ICMP
error message is sent in response to a packet which that is
dropped because of a precedence violation.
Routers MUST use Host Unreachable or Destination Host
Unknown codes whenever other hosts on the same
destination network might be reachable; otherwise,
the source host may erroneously conclude that all
hosts on the network are unreachable, and that may
not be the case.
[INTERNET:14] describes a slight modification the
form of Destination Unreachable messages containing
Code 4 (Fragmentation needed and DF set). A router
MUST use this modified form when originating Code 4
IETF Exp. 11 Sep. 1995 [Page 103]
Draft Requirements for IP Version 4 Routers March 1995
Destination Unreachable messages.
5.2.7.2 Redirect
The ICMP Redirect message is generated to inform a |
local host the it should use a different next hop |
router for a certain class of traffic.
Routers MUST NOT generate the Redirect for Network or
Redirect for Network and Type of Service messages |
(Codes 0 and 2) specified in [INTERNET:8]. Routers |
MUST be able to generate the Redirect for Host |
message (Code 1) and SHOULD be able to generate the |
Redirect for Type of Service and Host message (Code |
November 28, 1994
- 94 -
3) specified in [INTERNET:8].
DISCUSSION:
If the directly-connected directly connected network is not subnetted |
(in the classical sense), a router can normally
generate a network Redirect which that applies to all
hosts on a specified remote network. Using a
network rather than a host Redirect may economize
slightly on network traffic and on host routing
table storage. However, the savings are not
significant, and subnets create an ambiguity about
the subnet mask to be used to interpret a network
Redirect. In a CIDR environment, it is difficult |
to specify precisely the cases in which network
Redirects can be used. Therefore, routers must |
send only host (or host and type of service)
Redirects.
A Code 3 (Redirect for Host and Type of Service)
message is generated when the packet provoking the
redirect has a destination for which the path chosen
by the router would depend (in part) on the TOS
requested.
Routers which that can generate Code 3 redirects (Host and
Type of Service) MUST have a configuration option
(which defaults to on) to enable Code 1 (Host)
redirects to be substituted for Code 3 redirects. A
router MUST send a Code 1 Redirect in place of a Code
IETF Exp. 11 Sep. 1995 [Page 104]
Draft Requirements for IP Version 4 Routers March 1995
3 Redirect if it has been configured to do so.
If a router is not able to generate Code 3 Redirects
then it MUST generate Code 1 Redirects in situations
where a Code 3 Redirect is called for.
Routers MUST NOT generate a Redirect Message unless
all of the following conditions are met:
+ The packet is being forwarded out the same physical
interface that it was received from,
+ The IP source address in the packet is on the same
Logical IP (sub)network as the next-hop IP
address, and
November 28, 1994
- 95 -
+ The packet does not contain an IP source route
option.
The source address used in the ICMP Redirect MUST
belong to the same logical (sub)net as the
destination address.
A router using a routing protocol (other than static
routes) MUST NOT consider paths learned from ICMP
Redirects when forwarding a packet. If a router is
not using a routing protocol, a router MAY have a
configuration which, that, if set, allows the router to
consider routes learned via through ICMP Redirects when
forwarding packets.
DISCUSSION:
ICMP Redirect is a mechanism for routers to convey
routing information to hosts. Routers use other
mechanisms to learn routing information, and
therefore have no reason to obey redirects.
Believing a redirect which contradicted the
router's other information would likely create
routing loops.
On the other hand, when a router is not acting as
a router, it MUST comply with the behavior
required of a host.
IETF Exp. 11 Sep. 1995 [Page 105]
Draft Requirements for IP Version 4 Routers March 1995
5.2.7.3 Time Exceeded
A router MUST generate a Time Exceeded message Code 0
(In Transit) when it discards a packet due to an
expired TTL field. A router MAY have a per-interface
option to disable origination of these messages on
that interface, but that option MUST default to
allowing the messages to be originated.
5.2.8 INTERNET GROUP MANAGEMENT PROTOCOL - IGMP
IGMP [INTERNET:4] is a protocol used between hosts and
multicast routers on a single physical network to
establish hosts' membership in particular multicast
groups. Multicast routers use this information, in
conjunction with a multicast routing protocol, to
support IP multicast forwarding across the Internet.
November 28, 1994
- 96 -
A router SHOULD implement the multicast router part of
IGMP.
5.3 SPECIFIC ISSUES
5.3.1 Time to Live (TTL)
The Time-to-Live (TTL) field of the IP header is defined
to be a timer limiting the lifetime of a datagram. It
is an 8-bit field and the units are seconds. Each
router (or other module) that handles a packet MUST
decrement the TTL by at least one, even if the elapsed
time was much less than a second. Since this is very
often the case, the TTL is effectively a hop count limit
on how far a datagram can propagate through the
Internet.
When a router forwards a packet, it MUST reduce the TTL
by at least one. If it holds a packet for more than one
second, it MAY decrement the TTL by one for each second.
If the TTL is reduced to zero (or less), the packet MUST
IETF Exp. 11 Sep. 1995 [Page 106]
Draft Requirements for IP Version 4 Routers March 1995
be discarded, and if the destination is not a multicast
address the router MUST send an ICMP Time Exceeded
message, Code 0 (TTL Exceeded in Transit) message to the
source. Note that a router MUST NOT discard an IP
unicast or broadcast packet with a non-zero TTL merely
because it can predict that another router on the path
to the packet's final destination will decrement the TTL
to zero. However, a router MAY do so for IP multicasts,
in order to more efficiently implement IP multicast's
expanding ring search algorithm (see [INTERNET:4]).
DISCUSSION:
The IP TTL is used, somewhat schizophrenically, as
both a hop count limit and a time limit. Its hop
count function is critical to ensuring that routing
problems can't melt down the network by causing
packets to loop infinitely in the network. The time
limit function is used by transport protocols such as
TCP to ensure reliable data transfer. Many current
implementations treat TTL as a pure hop count, and in
parts of the Internet community there is a strong
sentiment that the time limit function should instead
be performed by the transport protocols that need it.
November 28, 1994
- 97 -
In this specification, we have reluctantly decided to
follow the strong belief among the router vendors
that the time limit function should be optional.
They argued that implementation of the time limit
function is difficult enough that it is currently not
generally done. They further pointed to the lack of
documented cases where this shortcut has caused TCP
to corrupt data (of course, we would expect the
problems created to be rare and difficult to
reproduce, so the lack of documented cases provides
little reassurance that there haven't been a number
of undocumented cases).
IP multicast notions such as the expanding ring
search may not work as expected unless the TTL is
treated as a pure hop count. The same thing is
somewhat true of traceroute.
ICMP Time Exceeded messages are required because the
traceroute diagnostic tool depends on them.
IETF Exp. 11 Sep. 1995 [Page 107]
Draft Requirements for IP Version 4 Routers March 1995
Thus, the tradeoff is between severely crippling, if
not eliminating, two very useful tools vs. and avoiding a
very rare and transient data transport problem (which that
may not occur at all). all. We have chosen to preserve the |
tools.
5.3.2 Type of Service (TOS)
The Type-of-Service "Type-of-Service" byte in the IP header is divided
into three sections: the Precedence field (high-order 3
bits), a field that is customarily called Type "Type of
Service
Service" or "TOS "TOS" (next 4 bits), and a reserved bit (the
low order bit). Rules governing the reserved bit were
described in Section [4.2.2.3]. The Precedence field
will be discussed in Section [5.3.3]. A more extensive
discussion of the TOS field and its use can be found in
[ROUTE:11].
A router SHOULD consider the TOS field in a packet's IP
header when deciding how to forward it. The remainder
of this section describes the rules that apply to
routers that conform to this requirement.
A router MUST maintain a TOS value for each route in its
routing table. Routes learned via through a routing
protocol
November 28, 1994
- 98 -
which that does not support TOS MUST be assigned a
TOS of zero (the default TOS).
To choose a route to a destination, a router MUST use an
algorithm equivalent to the following:
(1) The router locates in its routing table all
available routes to the destination (see Section
[5.2.4]).
(2) If there are none, the router drops the packet
because the destination is unreachable. See
section [5.2.4].
(3) If one or more of those routes have a TOS that
exactly matches the TOS specified in the packet,
the router chooses the route with the best metric.
IETF Exp. 11 Sep. 1995 [Page 108]
Draft Requirements for IP Version 4 Routers March 1995
(4) Otherwise, the router repeats the above step, except
looking at routes whose TOS is zero.
(5) If no route was chosen above, the router drops the
packet because the destination is unreachable. The
router returns an ICMP Destination Unreachable
error specifying the appropriate code: either
Network Unreachable with Type of Service (code 11)
or Host Unreachable with Type of Service (code 12).
DISCUSSION:
Although TOS has been little used in the past, its
use by hosts is now mandated by the Requirements for
Internet Hosts RFCs ([INTRO:2] and [INTRO:3]).
Support for TOS in routers may become a MUST in the
future, but is a SHOULD for now until we get more
experience with it and can better judge both its
benefits and its costs.
Various people have proposed that TOS should affect
other aspects of the forwarding function. For
example:
(1) A router could place packets which that have the Low
Delay "Low
Delay" bit set ahead of other packets in its
output queues.
November 28, 1994
- 99 -
(2) a router is forced to discard packets, it could
try to avoid discarding those which have the
High Reliability
"High Reliability" bit set.
These ideas have been explored in more detail in
[INTERNET:17] but we don't yet have enough experience
with such schemes to make requirements in this area.
5.3.3 IP Precedence
This section specifies requirements and guidelines for
appropriate processing of the IP Precedence field in
routers. Precedence is a scheme for allocating
resources in the network based on the relative
importance of different traffic flows. The IP
IETF Exp. 11 Sep. 1995 [Page 109]
Draft Requirements for IP Version 4 Routers March 1995
specification defines specific values to be used in this
field for various types of traffic.
The basic mechanisms for precedence processing in a
router are preferential resource allocation, including
both precedence-ordered queue service and precedence-
based congestion control, and selection of Link Layer
priority features. The router also selects the IP
precedence for routing, management and control traffic
it originates. For a more extensive discussion of IP
Precedence and its implementation see [FORWARD:6].
Precedence-ordered queue service, as discussed in this
section, includes but is not limited to the queue for
the forwarding process and queues for outgoing links.
It is intended that a router supporting precedence
should also use the precedence indication at whatever
points in its processing are concerned with allocation
of finite resources, such as packet buffers or Link
Layer connections. The set of such points is
implementation-dependent.
DISCUSSION:
Although the Precedence field was originally provided
for use in DOD systems where large traffic surges or
major damage to the network are viewed as inherent
threats, it has useful applications for many non-
military IP networks. Although the traffic handling
capacity of networks has grown greatly in recent
years, the traffic generating ability of the users
November 28, 1994
- 100 -
has also grown, and network overload conditions still
occur at times. Since IP-based routing and
management protocols have become more critical to the
successful operation of the Internet, overloads
present two additional risks to the network:
(1) High delays may result in routing protocol
packets being lost. This may cause the routing |
protocol to falsely deduce a topology change and
propagate this false information to other
routers. Not only can this cause routes to
oscillate, but an extra processing burden may be
placed on other routers.
IETF Exp. 11 Sep. 1995 [Page 110]
Draft Requirements for IP Version 4 Routers March 1995
(2) High delays may interfere with the use of network
management tools to analyze and perhaps correct
or relieve the problem in the network that
caused the overload condition to occur.
Implementation and appropriate use of the Precedence
mechanism alleviates both of these problems.
5.3.3.1 Precedence-Ordered Queue Service
Routers SHOULD implement precedence-ordered queue
service. Precedence-ordered queue service means that
when a packet is selected for output on a (logical)
link, the packet of highest precedence that has been
queued for that link is sent. Routers that implement
precedence-ordered queue service MUST also have a
configuration option to suppress precedence-ordered
queue service in the Internet Layer.
Any router MAY implement other policy-based
throughput management procedures that result in other
than strict precedence ordering, but it MUST be
configurable to suppress them (i.e., use strict
ordering).
As detailed in Section [5.3.6], routers that
implement precedence-ordered queue service discard
low precedence packets before discarding high
precedence packets for congestion control purposes.
Preemption (interruption of processing or
transmission of a packet) is not envisioned as a
function of the Internet Layer. Some protocols at
other layers may provide preemption features.
November 28, 1994
- 101 -
5.3.3.2 Lower Layer Precedence Mappings
Routers that implement precedence-ordered queueing queuing
MUST IMPLEMENT, and other routers SHOULD IMPLEMENT,
Lower Layer Precedence Mapping.
IETF Exp. 11 Sep. 1995 [Page 111]
Draft Requirements for IP Version 4 Routers March 1995
A router which that implements Lower Layer Precedence
Mapping:
+ MUST be able to map IP Precedence to Link Layer
priority mechanisms for link layers that have such
a feature defined.
+ MUST have a configuration option to select the Link
Layer's default priority treatment for all IP
traffic
+ SHOULD be able to configure specific nonstandard
mappings of IP precedence values to Link Layer
priority values for each interface.
DISCUSSION:
Some research questions the workability of the
priority features of some Link Layer protocols,
and some networks may have faulty implementations
of the link layer priority mechanism. It seems
prudent to provide an escape mechanism in case
such problems show up in a network.
On the other hand, there are proposals to use
novel queueing queuing strategies to implement special
services such as multimedia bandwidth reservation
or low-delay service. Special services and queueing
queuing strategies to support them
need further are current
research subjects and experimentation before
they are put into widespread use in the Internet. process of
standardization.
Implementors may wish to consider that correct
link layer mapping of IP precedence is required by
DOD policy for TCP/IP systems used on DOD
networks. Since these requirements are intended
to encourage (but not force) the use of precedence
features in the hope of providing better Internet
service to all users, routers supporting
precedence-ordered queue service should default to
maintaining strict precedence ordering regardless
of the type of service requested.
Implementors may wish to consider that correct
link layer mapping of IP precedence is required by
DOD policy
IETF Exp. 11 Sep. 1995 [Page 112]
Draft Requirements for TCP/IP systems used on DOD
networks.
November 28, 1994
- 102 - IP Version 4 Routers March 1995
5.3.3.3 Precedence Handling For All Routers
A router (whether or not it employs precedence-
ordered queue service):
(1) MUST accept and process incoming traffic of all
precedence levels normally, unless it has been
administratively configured to do otherwise.
(2) MAY implement a validation filter to
administratively restrict the use of precedence
levels by particular traffic sources. If
provided, this filter MUST NOT filter out or cut
off the following sorts of ICMP error messages:
Destination Unreachable, Redirect, Time
Exceeded, and Parameter Problem. If this filter
is provided, the procedures required for packet
filtering by addresses are required for this
filter also.
DISCUSSION:
Precedence filtering should be applicable to
specific source/destination IP Address pairs,
specific protocols, specific ports, and so
on.
An ICMP Destination Unreachable message with
code 14 SHOULD be sent when a packet is dropped
by the validation filter, unless this has been
suppressed by configuration choice.
(3) MAY implement a cutoff function which that allows the
router to be set to refuse or drop traffic with
precedence below a specified level. This
function may be activated by management actions
or by some implementation dependent heuristics,
but there MUST be a configuration option to
disable any heuristic mechanism that operates
without human intervention. An ICMP Destination
Unreachable message with code 15 SHOULD be sent
when a packet is dropped by the cutoff function,
unless this has been suppressed by configuration
choice.
IETF Exp. 11 Sep. 1995 [Page 113]
Draft Requirements for IP Version 4 Routers March 1995
A router MUST NOT refuse to forward datagrams
with IP precedence of 6 (Internetwork Control)
or 7 (Network Control) solely due to precedence
November 28, 1994
- 103 -
cutoff. However, other criteria may be used in
conjunction with precedence cutoff to filter
high precedence traffic.
DISCUSSION:
Unrestricted precedence cutoff could result
in an unintentional cutoff of routing and
control traffic. In general, the general case, host
traffic should be restricted to a value of 5
(CRITIC/ECP) or below although below; this is not a
requirement and may not be valid correct in certain
systems.
(4) MUST NOT change precedence settings on packets it
did not originate.
(5) SHOULD be able to configure distinct precedence
values to be used for each routing or management
protocol supported (except for those protocols,
such as OSPF, which specify which precedence
value must be used).
(6) MAY be able to configure routing or management
traffic precedence values independently for each
peer address.
(7) MUST respond appropriately to Link Layer
precedence-related error indications where
provided. An ICMP Destination Unreachable
message with code 15 SHOULD be sent when a
packet is dropped because a link cannot accept
it due to a precedence-related condition, unless
this has been suppressed by configuration
choice.
DISCUSSION:
The precedence cutoff mechanism described in
(3) is somewhat controversial. Depending on
the topological location of the area affected
by the cutoff, transit traffic may be
IETF Exp. 11 Sep. 1995 [Page 114]
Draft Requirements for IP Version 4 Routers March 1995
directed by routing protocols into the area
of the cutoff, where it will be dropped.
This is only a problem if another path which that
is unaffected by the cutoff exists between
November 28, 1994
- 104 -
the communicating points. Proposed ways of
avoiding this problem include providing some
minimum bandwidth to all precedence levels
even under overload conditions, or
propagating cutoff information in routing
protocols. In the absence of a widely
accepted (and implemented) solution to this
problem, great caution is recommended in
activating cutoff mechanisms in transit
networks.
A transport layer relay could legitimately
provide the function prohibited by (4) above.
Changing precedence levels may cause subtle
interactions with TCP and perhaps other
protocols; a correct design is a non-trivial
task.
The intent of (5) and (6) (and the discussion
of IP Precedence in ICMP messages in Section
[4.3.2]) is that the IP precedence bits
should be appropriately set, whether or not
this router acts upon those bits in any other
way. We expect that in the future
specifications for routing protocols and
network management protocols will specify how
the IP Precedence should be set for messages
sent by those protocols.
The appropriate response for (7) depends on
the link layer protocol in use. Typically,
the router should stop trying to send
offensive
"offensive" traffic to that destination for
some period of time, and should return an
ICMP Destination Unreachable message with
code 15 (service not available for precedence
requested) to the traffic source. It also
should not try to reestablish a preempted
Link Layer connection for some period of time.
IETF Exp. 11 Sep. 1995 [Page 115]
Draft Requirements for IP Version 4 Routers March 1995
5.3.4 Forwarding of Link Layer Broadcasts
The encapsulation of IP packets in most Link Layer
protocols (except PPP) allows a receiver to distinguish
November 28, 1994
- 105 -
broadcasts and multicasts from unicasts simply by
examining the Link Layer protocol headers (most
commonly, the Link Layer destination address). The
rules in this section which that refer to Link "Link Layer
broadcasts
broadcasts" apply only to Link Layer protocols which that
allow broadcasts to be distinguished; likewise, the
rules which that refer to Link "Link Layer multicasts multicasts" apply only
to Link Layer protocols which that allow multicasts to be
distinguished.
A router MUST NOT forward any packet which that the router
received as a Link Layer broadcast, unless it is |
directed to an IP Multicast address. In this latter |
case, one would presume that link layer broadcast was |
used due to the lack of an effective multicast service. |
A router MUST NOT forward any packet which the router
received as a Link Layer multicast unless the packet's
destination address is an IP multicast address.
A router SHOULD silently discard a packet that is
received via a Link Layer broadcast but does not specify
an IP multicast or IP broadcast destination address.
When a router sends a packet as a Link Layer broadcast,
the IP destination address MUST be a legal IP broadcast
or IP multicast address.
5.3.5 Forwarding of Internet Layer Broadcasts
There are two major types of IP broadcast addresses;
limited broadcast and directed broadcast. In addition,
there are three subtypes of directed broadcast; broadcast: a |
broadcast directed to a specified network prefix, a
broadcast directed to a specified subnetwork, and a
broadcast directed to all subnets of a specified
network. Classification by a router of a broadcast into
one of these categories depends on the broadcast address
and on the router's understanding (if any) of the subnet
IETF Exp. 11 Sep. 1995 [Page 116]
Draft Requirements for IP Version 4 Routers March 1995
structure of the destination network. The same
broadcast will be classified differently by different
routers.
A limited IP broadcast address is defined to be all-
ones: { -1, -1 } or 255.255.255.255.
A net-directed or subnet-directed network-prefix-directed broadcast is composed |
November 28, 1994
- 106 - of the |
network prefix of the IP address with a local | part of
all-ones or { <Network-prefix>, -1 }. For example, a
Class A net broadcast address is | net.255.255.255, a
Class B net broadcast address is net.net.255.255 and a
Class C net broadcast address is net.net.net.255 where net
"net" is a byte of the network address.
The all-subnets-directed-broadcast is not well defined |
in a CIDR environment, and was deprecated in version 1 |
of this memo.
As was described in Section [4.2.3.1], a router may *
encounter certain non-standard IP broadcast addresses:
+ 0.0.0.0 is an obsolete form of the limited broadcast
address
+ { <Network-prefix>, 0 } is an obsolete form of a |
net-directed
network-prefix-directed broadcast address.
As was described in that section, packets addressed to
any of these addresses SHOULD be silently discarded, but
if they are not, they MUST be treated in accordance with according to the
same rules that apply to packets addressed to the
non-obsolete non-
obsolete forms of the broadcast addresses described
above. These rules are described in the next few
sections.
5.3.5.1 Limited Broadcasts
Limited broadcasts MUST NOT be forwarded. Limited
broadcasts MUST NOT be discarded. Limited broadcasts
MAY be sent and SHOULD be sent instead of directed
broadcasts where limited broadcasts will suffice.
IETF Exp. 11 Sep. 1995 [Page 117]
Draft Requirements for IP Version 4 Routers March 1995
DISCUSSION:
Some routers contain UDP servers which function by
resending the requests (as unicasts or directed
broadcasts) to other servers. This requirement
should not be interpreted as prohibiting such
servers. Note, however, that such servers can
easily cause packet looping if misconfigured.
Thus, providers of such servers would probably be
well-advised
well advised to document their setup carefully and
to consider carefully the TTL on packets which that are
November 28, 1994
- 107 -
sent.
5.3.5.2 Directed Broadcasts
A router MUST classify as net-directed network-prefix-directed |
broadcasts all |
valid, valid directed broadcasts destined for
a remote network or an attached nonsubnetted network. A |
Note that in view of CIDR, such appear to be host |
addresses within the network prefix; we preclude |
inspection of the host part of such network prefixes. |
Given a route and no overriding policy, then, a |
router MUST forward net-directed network-prefix-directed |
broadcasts. Net-
directed Network-Prefix-Directed broadcasts MAY |
be sent.
A router MAY have an option to disable receiving
net-directed |
network-prefix-directed broadcasts on an interface |
and MUST have an option to disable forwarding net-directed |
network-prefix-directed broadcasts. These options |
MUST default to permit receiving and forwarding net-directed |
network-prefix-directed broadcasts.
DISCUSSION:
There has been some debate about forwarding or not
forwarding directed broadcasts. In this memo we
have made the forwarding decision depend on the
router's knowledge of the destination network |
prefix. In general, routers Routers cannot determine that | a message
is unicast or directed broadcast apart | from this
knowledge. The decision to forward or | not forward
the message is by definition only | possible in the
last hop router.
IETF Exp. 11 Sep. 1995 [Page 118]
Draft Requirements for IP Version 4 Routers March 1995
5.3.5.3 All-subnets-directed Broadcasts
The first version of this memo described an algorithm |
for distributing a directed broadcast to all of the |
subnets of a classical network number. This |
algorithm was stated to be "broken," and certain |
failure cases were specified.
In a CIDR routing domain, wherein classical IP |
network numbers are meaningless, the concept of an |
all-subnets-directed-broadcast is also meaningless. |
To the knowledge of the working group, the facility |
was never implemented or deployed, and is now |
relegated to the dustbin of history. * |
5.3.5.4 Network-Prefix-Directed Broadcasts |
The first version of this memo spelled out procedures |
for dealing with subnet-directed-broadcasts. network-prefix-directed-broadcasts. |
In a |
November 28, 1994
- 108 - CIDR routing domain, these are indistinguishable from |
net-drected-broadcasts.
from network-prefix-directed-broadcasts. The two are
therefore | treated togeth together in section [5.3.5.2
Directed | Broadcasts].
5.3.6 Congestion Control
Congestion in a network is loosely defined as a
condition where demand for resources (usually bandwidth
or CPU time) exceeds capacity. Congestion avoidance
tries to prevent demand from exceeding capacity, while
congestion recovery tries to restore an operative state.
It is possible for a router to contribute to both of
these mechanisms. A great deal of effort has been spent
studying the problem. The reader is encouraged to read |
[FORWARD:2] for a survey of the work. Important papers |
on the subject include [FORWARD:3], [FORWARD:4],
[FORWARD:5], [FORWARD:10], [FORWARD:11], [FORWARD:12], |
[FORWARD:13], [FORWARD:14], and [INTERNET:10], among
others.
The amount of storage that router should have available
to handle peak instantaneous demand when hosts use
IETF Exp. 11 Sep. 1995 [Page 119]
Draft Requirements for IP Version 4 Routers March 1995
reasonable congestion policies, such as described in
[FORWARD:5], is a function of the product of the
bandwidth of the link times the path delay of the flows
using the link, and therefore storage should increase as
this Bandwidth*Delay product increases. The exact
function relating storage capacity to probability of
discard is not known.
When a router receives a packet beyond its storage
capacity it must (by definition, not by decree) discard
it or some other packet or packets. Which packet to
discard is the subject of much study but, unfortunately,
little agreement so far. The best wisdom to date
suggests discarding a packet from the data stream most
heavily using the link. However, a number of additional
factors may be relevant, including the precedence of the
traffic, active bandwidth reservation, and the
complexity associated with selecting that packet.
A router MAY discard the packet it has just received;
this is the simplest but not the best policy. Ideally, |
the router should select a packet from one of the |
sessions most heavily abusing the link, given that the |
applicable Quality of Service policy permits this. A |
recommended policy in datagram environments using FIFO
queues is to | discard a packet randomly selected from the
queue (see [FORWARD:5]). An equivalent algorithm in
routers using fair queues is to discard from the longest |
queue, that using the greatest virtual time (see |
[FORWARD:2]).
[FORWARD:13]), or. A router MAY use this Random Drop
algorithm these algorithms to
determine which packet to discard.
November 28, 1994
- 109 -
If a router implements a discard policy (such as Random
Drop) under which it chooses a packet to discard from
among a
pool of eligible packets:
+ If precedence-ordered queue service (described in |
Section [5.3.3.1]) is implemented and enabled, the |
router MUST NOT discard a packet whose IP precedence |
is higher than that of a packet which that is not |
discarded.
+ A router MAY protect packets whose IP headers request |
the maximize reliability "maximize reliability" TOS, except where doing so |
IETF Exp. 11 Sep. 1995 [Page 120]
Draft Requirements for IP Version 4 Routers March 1995
would be in violation of the previous rule.
+ A router MAY protect fragmented IP packets, on the |
theory that dropping a fragment of a datagram may |
increase congestion by causing all fragments of the |
datagram to be retransmitted by the source.
+ To help prevent routing perturbations or disruption | of
management functions, the router MAY protect packets
used for routing control, link control, or network
management from being discarded. Dedicated routers (i.e..
(i.e., routers which that are not also general purpose
hosts, terminal servers, etc.) can achieve an
approximation of this rule by protecting packets
whose source or destination is the router itself.
Advanced methods of congestion control include a notion
of fairness, so that the 'user' that is penalized by
losing a packet is the one that contributed the most to
the congestion. No matter what mechanism is implemented
to deal with bandwidth congestion control, it is
important that the CPU effort expended be sufficiently
small that the router is not driven into CPU congestion
also.
As described in Section [4.3.3.3], this document |
recommends that a router SHOULD NOT send a Source Quench
to the sender of the packet that it is discarding. ICMP
Source Quench is a very weak mechanism, so it is not
necessary for a router to send it, and host software
should not use it exclusively as an indicator of
congestion.
November 28, 1994
- 110 -
5.3.7 Martian Address Filtering
An IP source address is invalid if it is an a special IP broadcast
address
address, as defined in 4.2.2.11 or 5.3.7, or is not a class A, B, or C
unicast address.
An IP destination address is invalid if it is not a
class A, B, C, among
those defined as illegal destinations in 4.2.3.1, or D address. is
a Class E address (except 255.255.255.255).
IETF Exp. 11 Sep. 1995 [Page 121]
Draft Requirements for IP Version 4 Routers March 1995
A router SHOULD NOT forward any packet which that has an
invalid IP source address or a source address on network
0. A router SHOULD NOT forward, except over a loopback
interface, any packet which that has a source address on
network 127. A router MAY have a switch which that allows the
network manager to disable these checks. If such a
switch is provided, it MUST default to performing the
checks.
A router SHOULD NOT forward any packet which that has an
invalid IP destination address or a destination address
on network 0. A router SHOULD NOT forward, except over
a loopback interface, any packet which that has a destination
address on network 127. A router MAY have a switch
which that
allows the network manager to disable these checks. If
such a switch is provided, it MUST default to performing
the checks.
If a router discards a packet because of these rules, it
SHOULD log at least the IP source address, the IP
destination address, and, if the problem was with the
source address, the physical interface on which the
packet was received and the Link Layer address of the
host or router from which the packet was received.
5.3.8 Source Address Validation
A router SHOULD IMPLEMENT the ability to filter traffic
based on a comparison of the source address of a packet
and the forwarding table for a logical interface on
which the packet was received. If this filtering is
enabled, the router MUST silently discard a packet if
the interface on which the packet was received is not
the interface on which a packet would be forwarded to
reach the address contained in the source address. In
simpler terms, if a router wouldn't route a packet
containing this address through a particular interface,
it shouldn't believe the address if it appears as a
source address in a packet read from this interface.
November 28, 1994
- 111 -
If this feature is implemented, it MUST be disabled by
default.
IETF Exp. 11 Sep. 1995 [Page 122]
Draft Requirements for IP Version 4 Routers March 1995
DISCUSSION:
This feature can provide useful security improvements
in some situations, but can erroneously discard valid
packets in situations where paths are asymmetric.
5.3.9 Packet Filtering and Access Lists
As a means of providing security and/or limiting traffic
through portions of a network a router SHOULD provide
the ability to selectively forward (or filter) packets.
If this capability is provided, filtering of packets
MUST |
SHOULD be configurable either to forward all packets or to |
to selectively forward them based upon the source and |
destination prefixes. prefixes, and MAY filter on other message |
attributes. Each source and destination address SHOULD
allow specification of an arbitrary | prefix length.
If supported, a router MUST be configurable to allow one
of an
+ Include list - specification of
DISCUSSION: |
This feature can provide a list measure of network privacy, where |
prefix pairs to be forwarded, or an
+ Exclude list - specification of
systems outside a list of network boundary are not permitted to |
prefix pairs
exchange certain protocols with systems inside the |
boundary, or are limited as to which systems they may |
communicate with. It can also help prevent certain |
classes of security breach, wherein a system outside |
a boundary masquerades as a system inside the |
boundary and mimics a session with it. |
If supported, a router SHOULD be configurable to allow |
one of an
+ Include list - specification of a list of message
definitions to be forwarded, or an
+ Exclude list - specification of a list of message
definitions NOT to be forwarded.
A "message definition", in this context, specifies the
source and destination network prefix, and may include
other identifying information such as IP Protocol Type
or TCP port number.
IETF Exp. 11 Sep. 1995 [Page 123]
Draft Requirements for IP Version 4 Routers March 1995
A router MAY provide a configuration switch which that allows
a choice between specifying an include or an exclude |
list, or other equivalent controls.
A value matching any address (e.g. (e.g., a keyword any, "any", an |
address with a mask of all 0's, or a network prefix |
whose length is zero) MUST be allowed as a source and/or
destination address.
In addition to address pairs, the router MAY allow any
combination of transport and/or application protocol and
source and destination ports to be specified.
The router MUST allow packets to be silently discarded
(i.e..
(i.e., discarded without an ICMP error message being
November 28, 1994
- 112 -
sent).
The router SHOULD allow an appropriate ICMP unreachable
message to be sent when a packet is discarded. The ICMP
message SHOULD specify Communication Administratively
Prohibited (code 13) as the reason for the destination
being unreachable.
The router SHOULD allow the sending of ICMP destination
unreachable messages (code 13) to be configured for each
combination of address pairs, protocol types, and ports
it allows to be specified.
The router SHOULD count and SHOULD allow selective
logging of packets not forwarded.
5.3.10 Multicast Routing
An IP router SHOULD support forwarding of IP multicast
packets, based either on static multicast routes or on
routes dynamically determined by a multicast routing
protocol (e.g., DVMRP [ROUTE:9]). A router that
forwards IP multicast packets is called a multicast
router.
IETF Exp. 11 Sep. 1995 [Page 124]
Draft Requirements for IP Version 4 Routers March 1995
5.3.11 Controls on Forwarding
For each physical interface, a router SHOULD have a
configuration option which that specifies whether forwarding
is enabled on that interface. When forwarding on an
interface is disabled, the router:
+ MUST silently discard any packets which are received
on that interface but are not addressed to the router
+ MUST NOT send packets out that interface, except for
datagrams originated by the router
+ MUST NOT announce via any routing protocols the
availability of paths through the interface
DISCUSSION:
This feature allows the network manager to
essentially turn off an interface but leaves it
accessible for network management.
Ideally, this control would apply to logical rather
November 28, 1994
- 113 -
than physical interfaces, but cannot interfaces. It cannot, because there
is no known way for a router to determine which
logical interface a packet arrived on when there is not absent a
one-to-one one-to-
one correspondence between logical and physical
interfaces.
5.3.12 State Changes
During the course of router operation, interfaces may fail or be
manually disabled, or may become available for use by
the router. Similarly, forwarding may be disabled for a
particular interface or for the entire router or may be
(re)enabled. While such transitions are (usually)
uncommon, it is important that routers handle them
correctly.
IETF Exp. 11 Sep. 1995 [Page 125]
Draft Requirements for IP Version 4 Routers March 1995
5.3.12.1 When a Router Ceases Forwarding
When a router ceases forwarding it MUST stop
advertising all routes, except for third party
routes. It MAY continue to receive and use routes
from other routers in its routing domains. If the
forwarding database is retained, the router MUST NOT
cease timing the routes in the forwarding database.
If routes that have been received from other routers
are remembered, the router MUST NOT cease timing the
routes which that it has remembered. It MUST discard any
routes whose timers expire while forwarding is
disabled, just as it would do if forwarding were
enabled.
DISCUSSION:
When a router ceases forwarding, it essentially
ceases being a router. It is still a host, and
must follow all of the requirements of Host
Requirements [INTRO: 2]. [INTRO:2]. The router may still be a
passive member of one or more routing domains,
however. As such, it is allowed to maintain its
forwarding database by listening to other routers
in its routing domain. It may not, however,
advertise any of the routes in its forwarding
database, since it itself is doing no forwarding.
The only exception to this rule is when the router
is advertising a route which that uses only some other
router, but which this router has been asked to
advertise.
November 28, 1994
- 114 -
A router MAY send ICMP destination unreachable (host
unreachable) messages to the senders of packets that
it is unable to forward. It SHOULD NOT send ICMP
redirect messages.
DISCUSSION:
Note that sending an ICMP destination unreachable
(host unreachable) is a router action. This
message should not be sent by hosts. This
exception to the rules for hosts is allowed so
that packets may be rerouted in the shortest
possible time, and so that black holes "black holes" are
avoided.
IETF Exp. 11 Sep. 1995 [Page 126]
Draft Requirements for IP Version 4 Routers March 1995
5.3.12.2 When a Router Starts Forwarding
When a router begins forwarding, it SHOULD expedite
the sending of new routing information to all routers
with which it normally exchanges routing information.
5.3.12.3 When an Interface Fails or is Disabled
If an interface fails or is disabled a router MUST
remove and stop advertising all routes in its
forwarding database which that make use of that interface.
It MUST disable all static routes which that make use of
that interface. If other routes to the same
destination and TOS are learned or remembered by the
router, the router MUST choose the best alternate,
and add it to its forwarding database. The router
SHOULD send ICMP destination unreachable or ICMP
redirect messages, as appropriate, in reply to all
packets which that it is unable to forward due to the
interface being unavailable.
5.3.12.4 When an Interface is Enabled
If an interface which that had not been available becomes
available, a router MUST reenable any static routes
which
that use that interface. If routes which that would use
that interface are learned by the router, then these
routes MUST be evaluated along with all of the other
learned routes, and the router MUST make a decision
as to which routes should be placed in the forwarding
database. The implementor is referred to Chapter
[7], Application "Application Layer - Routing Protocols Protocols" for
further information on how this decision is made.
November 28, 1994
- 115 -
A router SHOULD expedite the sending of new routing
information to all routers with which it normally
exchanges routing information.
IETF Exp. 11 Sep. 1995 [Page 127]
Draft Requirements for IP Version 4 Routers March 1995
5.3.13 IP Options
Several options, such as Record Route and Timestamp,
contain slots "slots" into which a router inserts its address
when forwarding the packet. However, each such option
has a finite number of slots, and therefore a router may
find that there is not free slot into which it can
insert its address. No requirement listed below should
be construed as requiring a router to insert its address
into an option that has no remaining slot to insert it
into. Section [5.2.5] discusses how a router must
choose which of its addresses to insert into an option.
5.3.13.1 Unrecognized Options
Unrecognized IP options in forwarded packets MUST be
passed through unchanged.
5.3.13.2 Security Option
Some environments require the Security option in
every packet; such a requirement is outside the scope
of this document and the IP standard specification.
Note, however, that the security options described in
[INTERNET:1] and [INTERNET:16] are obsolete. Routers
SHOULD IMPLEMENT the revised security option
described in [INTERNET:5]. |
DISCUSSION: |
Routers intended for use in networks with multiple |
security levels should support packet filtering |
based on IPSO (RFC-1108) labels. To implement |
this support, the router would need to permit the |
router administrator to configure both a lower |
sensitivity limit (e.g. Unclassified) and an upper |
sensitivity limit (e.g. Secret) on each interface. |
It is commonly but not always the case that the |
two limits are the same (e.g. a single-level |
interface). Packets caught by an IPSO filter as |
being out of range should be silently dropped and |
a counter should note the number of packets |
IETF Exp. 11 Sep. 1995 [Page 128]
Draft Requirements for IP Version 4 Routers March 1995
dropped because of out of range IPSO labels. |
5.3.13.3 Stream Identifier Option
This option is obsolete. If the Stream Identifier
option is present in a packet forwarded by the
router, the option MUST be ignored and passed through
unchanged.
5.3.13.4 Source Route Options
A router MUST implement support for source route
options in forwarded packets. A router MAY implement
a configuration option which, that, when enabled, causes all
source-routed packets to be discarded. However, such
an option MUST NOT be enabled by default.
DISCUSSION:
The ability to source route datagrams through the
Internet is important to various network
November 28, 1994
- 116 -
diagnostic tools. However, in a few rare cases, source routing may be
used to bypass administrative and security
controls within a network. Specifically, those
cases where manipulation of routing tables is used
to provide administrative separation in lieu of
other methods such as packet filtering may be
vulnerable through source routed packets.
EDITOR'S COMMENTS:
Packet filtering can be defeated by source
routing as well, if it is applied in any router
except one on the final leg of the source
routed path. Neither route nor packet filters
constitute a complete solution for security.
5.3.13.5 Record Route Option
Routers MUST support the Record Route option in
forwarded packets.
IETF Exp. 11 Sep. 1995 [Page 129]
Draft Requirements for IP Version 4 Routers March 1995
A router MAY provide a configuration option which, that, if
enabled, will cause the router to ignore (i.e. (i.e., pass
through unchanged) Record Route options in forwarded
packets. If provided, such an option MUST default to
enabling the record-route. This option does should not |
affect the processing of Record Route options in |
datagrams received by the router itself (in |
particular, Record Route options in ICMP echo |
requests will still be processed in accordance with according to Section |
[4.3.3.6]).
DISCUSSION:
There are some people who believe that Record
Route is a security problem because it discloses
information about the topology of the network.
Thus, this document allows it to be disabled.
5.3.13.6 Timestamp Option
Routers MUST support the timestamp option in
forwarded packets. A timestamp value MUST follow the |
rules given [INTRO:2].
If the flags field = 3 (timestamp and prespecified
address), the router MUST add its timestamp if the
next prespecified address matches any of the router's
IP addresses. It is not necessary that the
prespecified address be either the address of the
interface on which the packet arrived or the address
of the interface over which it will be sent.
November 28, 1994
- 117 -
IMPLEMENTATION:
To maximize the utility of the timestamps
contained in the timestamp option, it is suggested
that the timestamp inserted be, as nearly as
practical, the time at which the packet arrived at
the router. For datagrams originated by the
router, the timestamp inserted should be, as
nearly as practical, the time at which the
datagram was passed to the network layer for
transmission.
IETF Exp. 11 Sep. 1995 [Page 130]
Draft Requirements for IP Version 4 Routers March 1995
A router MAY provide a configuration option which, if
enabled, will cause the router to ignore (i.e. (i.e., pass
through unchanged) Timestamp options in forwarded
datagrams when the flag word is set to zero
(timestamps only) or one (timestamp and registering
IP address). If provided, such an option MUST
default to off (that is, the router does not ignore
the timestamp). This option does should not affect the |
processing of Timestamp options in datagrams received
by the router itself (in particular, a router will
insert timestamps into Timestamp options in datagrams
received by the router, and Timestamp options in ICMP
echo requests will still be processed in accordance
with according to
Section [4.3.3.6]).
DISCUSSION:
Like the Record Route option, the Timestamp option
can reveal information about a network's topology.
Some people consider this to be a security
concern.
November 28, 1994
- 118 -
IETF Exp. 11 Sep. 1995 [Page 131]
Draft Requirements for IP Version 4 Routers March 1995
6. TRANSPORT LAYER
A router is not required to implement any Transport Layer
protocols except those required to support Application Layer
protocols supported by the router. In practice, this means
that most routers implement both the Transmission Control
Protocol (TCP) and the User Datagram Protocol (UDP).
6.1 USER DATAGRAM PROTOCOL - UDP
The User Datagram Protocol (UDP) is specified in [TRANS:1].
A router which that implements UDP MUST be compliant, and SHOULD
be unconditionally compliant, with the requirements of |
[INTRO:2], except that:
+ This specification does not specify the interfaces |
between the various protocol layers. Thus, a router's |
interfaces need not comply with [INTRO:2], except where |
compliance is required for proper functioning of |
Application Layer protocols supported by the router.
+ Contrary to [INTRO:2], an application SHOULD NOT disable |
generation of UDP checksums. |
DISCUSSION:
Although a particular application protocol may require
that UDP datagrams it receives must contain a UDP
checksum, there is no general requirement that received
UDP datagrams contain UDP checksums. Of course, if a
UDP checksum is present in a received datagram, the
checksum must be verified and the datagram discarded if
the checksum is incorrect.
The Transmission Control
6.2 TRANSMISSION CONTROL PROTOCOL - TCP
The Transmission Control Protocol (TCP) is specified in
[TRANS:2].
A router which that implements TCP MUST be compliant, and SHOULD
IETF Exp. 11 Sep. 1995 [Page 132]
Draft Requirements for IP Version 4 Routers March 1995
be unconditionally compliant, with the requirements of |
[INTRO:2], except that:
+ This specification does not specify the interfaces
between the various protocol layers. Thus, a router
need not comply with the following requirements of
November 28, 1994
- 119 -
[INTRO:2] (except of course where compliance is required
for proper functioning of Application Layer protocols
supported by the router):
Use of Push: RFC-793 Section 4.2.2.2:
Passing 2.8:
"Passing a received PSH flag to the application
layer is now OPTIONAL. OPTIONAL."
Urgent Pointer: RFC-793 Section 4.2.2.4:
A 3.1:
"A TCP MUST inform the application layer
asynchronously whenever it receives an Urgent
pointer and there was previously no pending urgent
data, or whenever the Urgent pointer advances in
the data stream. There MUST be a way for the
application to learn how much urgent data remains
to be read from the connection, or at least to
determine whether or not more urgent data remains
to be read.
Section 4.2.3.5:
An read."
TCP Connection Failures:
"An application MUST be able to set the value for
R2 for a particular connection. For example, an
interactive application might set R2 to
``infinity,'' giving the user control over when to
disconnect.
Section 4.2.3.7:
If
disconnect."
TCP Multihoming:
"If an application on a multihomed host does not
specify the local IP address when actively opening
a TCP connection, then the TCP MUST ask the IP
layer to select a local IP address before sending
the (first) SYN. See the function GET_SRCADDR() in
Section 3.4.
Section 4.2.3.8:
An 3.4."
IP Options:
"An application MUST be able to specify a source
route when it actively opens a TCP connection, and
this MUST take precedence over a source route
IETF Exp. 11 Sep. 1995 [Page 133]
Draft Requirements for IP Version 4 Routers March 1995
received in a datagram. datagram."
+ For similar reasons, a router need not comply with any of
the requirements of [INTRO:2]. |
+ The requirements of section 4.2.2.6 of concerning the Maximum Segment Size
Option in [INTRO:2] are amended as follows: a router which
that implements the host
November 28, 1994
- 120 - portion of MTU discovery
(discussed in Section [4.2.3.3] of this memo) uses 536
as the default value of SendMSS only if the path MTU is
unknown; if the path MTU is known, the default value for
SendMSS is the path MTU - 40.
+ The requirements of section 4.2.2.6 of concerning the Maximum Segment Size
Option in [INTRO:2] are amended as follows: ICMP
Destination Unreachable codes 11 and 12 are additional
soft error conditions. Therefore, these message MUST
NOT cause TCP to abort a connection.
DISCUSSION:
It should particularly be noted that a TCP
implementation in a router must conform to the following
requirements of [INTRO:2]:
+ Providing a configurable TTL. [4.2.2.1] [Time to Live: RFC-793
Section 3.9]
+ Providing an interface to configure keep-alive
behavior, if keep-alives are used at all. [4.2.3.6] [TCP
Keep-Alives]
+ Providing an error reporting mechanism, and the
ability to manage it. [4.2.4.1] [Asynchronous Reports]
+ Specifying type of service. [4.2.4.2] [Type-of-Service]
The general paradigm applied is that if a particular
interface is visible outside the router, then all
requirements for the interface must be followed. For
example, if a router provides a telnet function, then it
will be generating traffic, likely to be routed in the
external networks. Therefore, it must be able to set
the type of service correctly or else the telnet traffic
may not get through.
November 28, 1994
- 121
IETF Exp. 11 Sep. 1995 [Page 134]
Draft Requirements for IP Version 4 Routers March 1995
7. APPLICATION LAYER - ROUTING PROTOCOLS
7.1 INTRODUCTION
An Autonomous System (AS) is defined as a set of routers
all belonging under the same authority and all subject to a
consistent set of routing policies. Interior gateway
protocols (IGPs) are used to distribute routing information
inside of an AS (i.e. (i.e., intra-AS routing). Exterior gateway
protocols are used to exchange routing information between
ASs (i.e. (i.e., inter-AS routing).
7.1.1 Routing Security Considerations
Routing is one of the few places where the Robustness
Principle (be ("be liberal in what you accept) accept") does not
apply. Routers should be relatively suspicious in
accepting routing data from other routing systems.
A router SHOULD provide the ability to rank routing
information sources from most trustworthy "most trustworthy" to least
trustworthy "least
trustworthy" and to accept routing information about any
particular destination from the most trustworthy sources
first. This was implicit in the original core/stub
autonomous system routing model using EGP and various
interior routing protocols. It is even more important
with the demise of a central, trusted "trusted" core.
A router SHOULD provide a mechanism to filter out
obviously invalid
"obviously invalid" routes (such as those for net 127).
Routers MUST NOT by default redistribute routing data
they do not themselves use, trust or otherwise consider
invalid.
valid. In rare cases, it may be necessary to
redistribute suspicious information, but this should
only happen under direct intercession by some human
agency.
In general, routers
Routers must be at least a little paranoid about
accepting routing data from anyone, and must be
especially careful when they distribute routing
IETF Exp. 11 Sep. 1995 [Page 135]
Draft Requirements for IP Version 4 Routers March 1995
information provided to them by another party. See
below for specific guidelines.
Routers SHOULD IMPLEMENT peer-to-peer authentication for
those routing protocols that support them. *
7.1.2 Precedence
Except where the specification for a particular routing
protocol specifies otherwise, a router SHOULD set the IP
November 28, 1994
- 122 -
Precedence value for IP datagrams carrying routing
traffic it originates to 6 (INTERNETWORK CONTROL).
DISCUSSION:
Routing traffic with VERY FEW exceptions should be
the highest precedence traffic on any network. If a
system's routing traffic can't get through, chances
are nothing else will.
7.1.3 Message Validation |
Peer-to-peer authentication involves several tests. The |
application of message passwords and explicit acceptable |
neighbor lists has in the past improved the robustness |
of the route database. Routers SHOULD IMPLEMENT |
management controls that enable explicit listing of |
valid routing neighbors. Routers SHOULD IMPLEMENT |
peer-to-peer authentication for those routing protocols |
that support them. |
Routers SHOULD validate routing neighbors based on their |
source address and the interface a message is received |
on; neighbors in a directly attached subnet SHOULD be |
restricted to communicate with the router via the |
interface that subnet is posited on or via unnumbered |
interfaces. Messages received on other interfaces |
SHOULD be silently discarded. |
DISCUSSION: |
Security breaches and numerous routing problems are |
avoided by this basic testing. |
IETF Exp. 11 Sep. 1995 [Page 136]
Draft Requirements for IP Version 4 Routers March 1995
7.2 INTERIOR GATEWAY PROTOCOLS
7.2.1 INTRODUCTION
An Interior Gateway Protocol (IGP) is used to distribute
routing information between the various routers in a
particular AS. Independent of the algorithm used to
implement a particular IGP, it should perform the
following functions:
(1) Respond quickly to changes in the internal topology
of an AS
(2) Provide a mechanism such that circuit flapping does
not cause continuous routing updates
(3) Provide quick convergence to loop-free routing
(4) Utilize minimal bandwidth
(5) Provide equal cost "equal cost" routes to enable load-splitting "load-
splitting"
(6) Provide a means for authentication of routing
updates
Current IGPs used in the internet today are
characterized as either being being based on a distance-vector
or a link-state algorithm.
Several IGPs are detailed in this section, including
those most commonly used and some recently developed
protocols which that may be widely used in the future.
Numerous other protocols intended for use in intra-AS
routing exist in the Internet community.
A router which that implements any routing protocol (other
November 28, 1994
- 123 -
than static routes) MUST IMPLEMENT OSPF (see Section
[7.2.2]) and MUST IMPLEMENT RIP (see Section [7.2.4]).
[7.2.2]). A router MAY implement additional IGPs.
IETF Exp. 11 Sep. 1995 [Page 137]
Draft Requirements for IP Version 4 Routers March 1995
7.2.2 OPEN SHORTEST PATH FIRST - OSPF
Shortest Path First (SPF) based routing protocols are a *
class of link-state algorithms which that are based on the
shortest-path algorithm of Dijkstra. Although SPF based
algorithms have been around since the inception of the
ARPANet,
ARPANET, it is only recently that they have achieved
popularity both inside both the IP and the OSI
communities. In an SPF based system, each router
obtains an exact replica of the entire topology database
via through a process
known as flooding. Flooding insures a reliable transfer
of the information. Each individual router then runs the SPF
algorithm on its database to build the IP routing table.
The OSPF routing protocol is an implementation of an SPF
algorithm. The current version, OSPF version 2, is
specified in [ROUTE:1]. Note that RFC-1131, which
describes OSPF version 1, is obsolete.
Note that to comply with Section [8.3] of this memo, a |
router which that implements OSPF is forced to MUST implement the | OSPF MIB
[MGT:14]. *
7.2.3 INTERMEDIATE SYSTEM TO INTERMEDIATE SYSTEM - DUAL IS-
IS
The American National Standards Institute (ANSI) X3S3.3
committee has defined an intra-domain routing protocol.
This protocol is titled Intermediate "Intermediate System to
Intermediate System Routeing Exchange Protocol. Protocol".
Its application to an IP network has been defined in
[ROUTE:2], and is referred to as Dual IS-IS (or
sometimes as Integrated IS-IS). IS-IS is based on a
link-state (SPF) routing algorithm and shares all the
advantages for this class of protocols.
RIP |
7.3 EXTERIOR GATEWAY PROTOCOLS |
IETF Exp. 11 Sep. 1995 [Page 138]
Draft Requirements for IP Version 4 Routers March 1995
7.3.1 INTRODUCTION |
Exterior Gateway Protocols are utilized for inter- |
Autonomous System routing to exchange reachability |
information for a set of networks internal to a |
particular autonomous system to a neighboring autonomous |
system. |
The area of inter-AS routing is specified a current topic of |
research inside the Internet Engineering Task Force. |
The Exterior Gateway Protocol (EGP) described in [ROUTE:3]. Although RIP Section |
[Appendix F.1] has traditionally been the inter-AS |
protocol of choice, but is still
quite important in now historical. The Border |
Gateway Protocol (BGP) eliminates many of the Internet, it |
restrictions and limitations of EGP, and is being replaced therefore |
growing rapidly in sophisticated applications by more modern IGPs
such as the ones described above.
November 28, 1994
- 124 -
Another common use for RIP popularity. A router is as not required |
to implement any inter-AS routing protocol. However, if |
a router discovery
protocol. Section [4.3.3.10] briefly touches upon
this subject.
Dealing with changes in topology: [ROUTE:3], pp. 11
An implementation of RIP does implement EGP it also MUST provide a means IMPLEMENT BGP. |
Although it was not designed as an exterior gateway |
protocol, RIP (described in Section [7.2.4]) is |
sometimes used for inter-AS routing.
7.3.2 BORDER GATEWAY PROTOCOL - BGP
7.3.2.1 Introduction
The Border Gateway Protocol (BGP-4) is an inter-AS
routing protocol that exchanges network reachability
information with other BGP speakers. The information
for timing out routes. Since messages are
occasionally lost, implementations MUST NOT
invalidate a route based on a single missed
update.
Implementations MUST by default wait six times network includes the update interval before invalidating a route.
A router MAY have configuration options complete list of ASs that
traffic must transit to alter
this value.
DISCUSSION:
It reach that network. This
information can then be used to insure loop-free
paths. This information is important sufficient to construct a
graph of AS connectivity from which routing stability that all
routers loops may
be pruned and some policy decisions at the AS level
may be enforced.
BGP is defined by [ROUTE:4]. [ROUTE:5] specifies the
proper usage of BGP in a RIP autonomous system use
similar timeout value the Internet, and provides
some useful implementation hints and guidelines.
IETF Exp. 11 Sep. 1995 [Page 139]
Draft Requirements for invalidating
routes, IP Version 4 Routers March 1995
[ROUTE:12] and therefore it [ROUTE:13] provide additional useful
information.
To comply with Section [8.3] of this memo, a router
that implements BGP is important required to implement the BGP
MIB [MGT:15].
To characterize the set of policy decisions that can
be enforced using BGP, one must focus on the rule
that an
implementation default AS advertises to its neighbor ASs only those
routes that it itself uses. This rule reflects the timeout value
specified in
"hop-by-hop" routing paradigm generally used
throughout the RIP specification. However, current Internet. Note that timeout value is overly conservative in
environments where packet loss is reasonably
rare. In some
policies cannot be supported by the "hop-by-hop"
routing paradigm and thus require techniques such an environment, a network
manager may wish as
source routing to be able enforce. For example, BGP does not
enable one AS to decrease the
timeout period in order send traffic to promote faster
recovery from failures.
IMPLEMENTATION:
There is a very simple mechanism which neighbor AS
intending that traffic take a
router may use to meet different route from
that taken by traffic originating in the requirement to
invalidate routes promptly after they time
out. Whenever neighbor AS.
On the router scans other hand, BGP can support any policy
conforming to the "hop-by-hop" routing
table paradigm.
Implementors of BGP are strongly encouraged to follow
the recommendations outlined in Section 6 of
[ROUTE:5].
7.3.2.2 Protocol Walk-through
While BGP provides support for quite complex routing
policies (as an example see if any routes have timed out, Section 4.2 in
[ROUTE:5]), it
also notes the age is not required for all BGP
implementors to support such policies. At a minimum,
however, a BGP implementation:
(1) SHOULD allow an AS to control announcements of
the BGP learned routes to adjacent AS's.
Implementations SHOULD support such control with
at least recently
updated route which has not yet timed out.
Subtracting this age from the timeout period
gives granularity of a single network.
Implementations SHOULD also support such control
with the amount granularity of time until an autonomous system,
where the router
again needs to scan autonomous system may be either the table for timed out
November 28, 1994
- 125 -
routes.
Split Horizon: [ROUTE:3], pp. 14-15
An implementation of RIP MUST implement split
horizon, a scheme used
autonomous system that originated the route, or
the autonomous system that advertised the route
IETF Exp. 11 Sep. 1995 [Page 140]
Draft Requirements for avoiding problems
caused by including routes in updates sent IP Version 4 Routers March 1995
to the router from which they were learned.
An implementation of RIP local system (adjacent autonomous
system).
(2) SHOULD implement Split
horizon with poisoned reverse, a variant of
split horizon which includes routes learned from
a router sent allow an AS to that router, but sets their
metric prefer a particular path to infinity. Because of the routing
overhead which may
a destination (when more than one path is
available). Such function SHOULD be incurred implemented
by implementing
split horizon with poisoned reverse,
implementations MAY include an option allowing system administrator to assign
"weights" to Autonomous Systems, and making
route selection process to select
whether poisoned reverse is in effect. An
implementation SHOULD limit a route with
the period lowest "weight" (where "weight" of time a route
is defined as a sum of "weights" of all AS's in which it sends reverse routes at
the AS_PATH path attribute associated with that
route).
(3) SHOULD allow an infinite
metric.
IMPLEMENTATION:
Each of AS to ignore routes with certain
AS's in the following algorithms AS_PATH path attribute. Such
function can be used
to limit the period of time implemented by using technique
outlined in (2), and by assigning "infinity" as
"weights" for which
poisoned reverse is applied to a route. such AS's. The
first algorithm is more complex but does a
more complete job of limiting poisoned
reverse route selection
process must ignore routes that have "weight"
equal to only those cases where it "infinity".
7.3.3 INTER-AS ROUTING WITHOUT AN EXTERIOR PROTOCOL
It is
necessary. possible to exchange routing information between
two autonomous systems or routing domains without using
a standard exterior routing protocol between two
separate, standard interior routing protocols. The goal most
common way of both algorithms doing this is to ensure that
poison reverse is done for any destination
whose route has changed run both interior
protocols independently in one of the last Route
Lifetime (typically 180 seconds), unless it
can be sure that the previous border routers
with an exchange of route used information between the
same output interface. The Route Lifetime is
used because that is two
processes.
As with the amount exchange of time RIP
will keep around information from an old route before
declaring it stale.
The time intervals (and derived variables)
used in the following algorithms are as
follows:
November 28, 1994
- 126 -
Tu The Update Timer; the number EGP to an
IGP, without appropriate controls these exchanges of seconds
routing information between RIP updates. This typically
defaults to 30 seconds.
Rl The Route Lifetime, two IGPs in seconds. This is
the amount of time that a route is
presumed to be good, without requiring
an update. This typically defaults single router
are subject to
180 seconds.
Ul The Update Loss; the number creation of
consecutive updates that have to be lost
or fail to mention routing loops.
7.4 STATIC ROUTING
Static routing provides a route before RIP
deletes means of explicitly defining the route. Ul is calculated to
be (Rl/Tu)+1. The +1 is to account
next hop from a router for
the fact that the first time the
ifcounter is decremented will be less
than Tu seconds after it is initialized.
Typically, Ul will be 7: (180/30)+1.
In The value to set ifcounter to when a
destination is newly learned. This
value is Ul-4, where the particular destination. A
IETF Exp. 11 Sep. 1995 [Page 141]
Draft Requirements for IP Version 4 is RIP's
garbage collection timer/30
The first algorithm is:
- Associated with each destination is Routers March 1995
router SHOULD provide a
counter, called the ifcounter below.
Poison reverse is done means for any route whose
destination's ifcounter is greater than
zero.
- After a regular (not triggered or in
response to a request) update is sent, all
of the non-zero ifcounters are decremented
by one.
- When defining a static route
to a destination is created,
its ifcounter is set as follows:
- If the new route is superseding a valid
route, and the old route used a
different (logical) output interface,
November 28, 1994
- 127 -
then the ifcounter is set to Ul.
- If destination, where the new route destination is superseding defined by a stale
route, and the old route used
network prefix. The mechanism SHOULD also allow for a
different (logical) output interface,
then the ifcounter is set
metric to MAX(0, Ul
- INT(seconds be specified for each static route.
A router that the route has been
stale/Ut).
- If there was no previous route supports a dynamic routing protocol MUST
allow static routes to be defined with any metric valid for
the
destination, routing protocol used. The router MUST provide the ifcounter is set to
In.
- Otherwise,
ability for the ifcounter is set user to zero
- RIP also maintains specify a timer, called the
resettimer below. Poison reverse is done
on all list of static routes whenever resettimer has
that may or may not
expired (regardless be propagated through the routing
protocol. In addition, a router SHOULD support the
following additional information if it supports a routing
protocol that could make use of the ifcounter
values).
- When RIP is started, restarted, reset, information. They are:
+ TOS,
+ Subnet Mask, or
otherwise has its
+ Prefix Length, or
+ A metric specific to a given routing table cleared,
it sets protocol that can
import the resettimer route.
DISCUSSION:
We intend that one needs to go off in Rl
seconds.
The second algorithm is identical support only the things
useful to the
first except that:
- given routing protocol. The rules which set need for TOS
should not require the ifcounter to non-
zero values are changed to always set it vendor to Rl/Tu, and
- The resettimer is eliminated.
Triggered updates: [ROUTE:3], pp. 15-16; pp. 29
Triggered updates (also called flash updates) implement the other
parts if they are not used.
Whether a mechanism for immediately notifying a
router's neighbors when the router adds or
deletes routes or changes their metrics. A router MUST send prefers a triggered update when
routes are deleted static route over a dynamic
route (or vice versa) or their whether the associated metrics are
increased.
used to choose between conflicting static and dynamic
routes SHOULD be configurable for each static route.
A router MAY send a triggered
update when routes are added or their metrics
November 28, 1994
- 128 -
decreased.
Since triggered updates can cause excessive
routing overhead, implementations MUST use
the following mechanism to limit the
frequency of triggered updates:
(1) When a router sends a triggered update,
it sets allow a timer metric to be assigned to a random time between
one and five seconds in the future. The
router must not generate additional
triggered updates before this timer
expires.
(2) If the router would generate a triggered
update during this interval it sets a
flag indicating that a triggered update
is desired. The router also logs the
desired triggered update.
(3) When the triggered update timer expires,
the router checks the triggered update
flag. If the flag is set then the
router sends a single triggered update
which includes all of the changes static
route for each routing domain that
were logged. The router then clears the
flag and, since a triggered update was
sent, restarts this algorithm.
(4) The flag is also cleared whenever it supports. Each such
metric MUST be explicitly assigned to a
regular update is sent.
Triggered updates SHOULD include all specific routing
domain. For example:
route 36.0.0.0/8 via 192.19.200.3 rip metric 3
route 36.21.0.0/16 via 192.19.200.4 ospf inter-area
metric 27
IETF Exp. 11 Sep. 1995 [Page 142]
Draft Requirements for IP Version 4 Routers March 1995
route 36.22.0.0/16 via 192.19.200.5 egp 123 metric 99 *
DISCUSSION:
It has been suggested that, ideally, static routes
that
should have changed since the most recent
regular (non-triggered) update. Triggered
updates MUST NOT include preference values rather than metrics (since
metrics can only be compared with metrics of other
routes that have not
changed since the most recent regular update.
DISCUSSION:
Sending all routes, whether they have
changed recently or not, is unacceptable in triggered updates because the
tremendous size of many Internet same routing
tables domain, the metric of a
static route could otherwise result in
considerable bandwidth being wasted on
November 28, 1994
- 129 -
triggered updates.
Use only be compared with metrics of UDP: [ROUTE:3], pp. 18-19.
RIP packets sent
other static routes). This is contrary to an IP broadcast address
SHOULD some current
implementations, where static routes really do have their initial TTL set
metrics, and those metrics are used to one.
Note that determine whether
a particular dynamic route overrides the static route to comply with Section [6.1] of
the same destination. Thus, this memo, document uses the term
metric rather than preference.
This technique essentially makes the static route into a router SHOULD use UDP checksums |
in RIP packets which it originates, MUST
discard RIP packets received with invalid UDP
checksums, but MUST NOT discard received RIP |
packets simply because they do not contain
UDP checksums.
Addressing Considerations: [ROUTE:3], pp. 22
A
RIP implementation SHOULD support host
routes. If it does not, it MUST (as
described route, or an OSPF route (or whatever, depending on page 27
the domain of [ROUTE:3]) ignore
host routes in received updates. A router
MAY log ignored hosts routes.
The special address 0.0.0.0 is used to
describe a default route. A default route is
used as the metric). Thus, the route lookup
algorithm of last resort (i.e. when that domain applies. However, this is NOT
route leaking, in that coercing a static route to the specific net into a
dynamic routing domain does not exist in authorize the routing table). The router MUST be able to create a RIP entry for the address
0.0.0.0.
Input Processing - Response: [ROUTE:3], pp. 26
When processing an update,
redistribute the following
validity checks MUST be performed:
+ The response MUST be from UDP port 520.
+ The source address MUST be on a directly |
connected subnet (or on a directly |
connected, non-subnetted network) to be
considered valid.
+ The source address MUST NOT be one of route into the |
router's addresses.
November 28, 1994
- 130 -
DISCUSSION:
Some networks, media, and interfaces
allow a sending node to receive packets
that it broadcasts. A router must not
accept its own packets as valid dynamic routing
updates and process them. The last
requirement prevents domain.
For static routes not put into a router from
accepting its own specific routing updates and
processing them (on the assumption that
they were sent by some other router on
domain, the network).
An implementation MUST NOT replace an
existing route if the lookup algorithm is:
(1) Basic match
(2) Longest match
(3) Weak TOS (if TOS supported)
(4) Best metric received is
equal to the existing (where metric except are implementation-
defined)
The last step may not be necessary, but it's useful in
accordance with
the following heuristic.
An implementation MAY choose to implement the
following heuristic to deal with the above
situation. Normally, it is useless to change
the route case where you want to have a network from primary static route
over one router interface and a secondary static route over an
alternate interface, with failover to
another the alternate path
if both are advertised at the same
metric. However, interface for the primary route being advertised
by one fails.
IETF Exp. 11 Sep. 1995 [Page 143]
Draft Requirements for IP Version 4 Routers March 1995
7.5 FILTERING OF ROUTING INFORMATION
Each router within a network makes forwarding decisions
based upon information contained within its forwarding
database. In a simple network the contents of the routers database
may be in configured statically. As the process
of timing out. Instead of waiting network grows more
complex, the need for dynamic updating of the
route forwarding
database becomes critical to timeout, the new route can be used
after a specified amount efficient operation of time has elapsed. the
network.
If this heuristic the data flow through a network is implemented, it MUST
wait at least halfway to the expiration point
before the new route be as efficient as
possible, it is installed.
RIP Shutdown
An implementation of RIP SHOULD necessary to provide for a
graceful shutdown using mechanism for
controlling the following steps:
(1) Input processing is terminated,
(2) Four updates are generated at random
intervals propagation of between two and four seconds,
These updates contain all routes that were
previously announced, but with some metric
changes. Routes that were being announced
November 28, 1994
- 131 -
at the information a metric of infinity should continue router
uses to
use this metric. Routes that had been
announced with a non-infinite metric build its forwarding database. This control takes
the form of choosing which sources of routing information
should be announced with a metric trusted and selecting which pieces of 15 (infinity
- 1).
DISCUSSION:
The metric used for the above really
ought to be 16 (infinity); setting it
information to
15 believe. The resulting forwarding database
is a kludge to avoid breaking certain
old hosts which wiretap filtered version of the RIP
protocol. Such a host will
(erroneously) abort a TCP connection if
it tries to send a datagram on the
connection while the host has no route
to the destination (even if the period
when the host has no route lasts only a
few seconds while RIP chooses an
alternate path available routing information.
In addition to efficiency, controlling the destination).
RIP Split Horizon and Static Routes
Split horizon SHOULD be applied to static routes propagation of
routing information can reduce instability by default. An implementation SHOULD provide a
way to specify, per static route, preventing
the spread of incorrect or bad routing information.
In some cases local policy may require that split
horizon should complete
routing information not be applied widely propagated.
These filtering requirements apply only to this route.
The Gateway non-SPF-based
protocols (and therefore not at all to Gateway protocol is considered obsolete
and routers which don't
implement any distance vector protocols).
7.5.1 Route Validation
A router SHOULD NOT be implemented.
Exterior Gateway Protocols are utilized for inter-
Autonomous System routing to exchange reachability
information for a set of networks internal to a
particular autonomous system to a neighboring autonomous
system.
The area of inter-AS log as an error any routing is update
advertising a current topic of
research inside route that violates the Internet Engineering Task Force.
The Exterior Gateway Protocol (EGP) described in Section
[7.3.3] has traditionally been specifications of
this memo, unless the inter-AS routing protocol of
choice. The Border Gateway Protocol (BGP-4) eliminates |
November 28, 1994
- 132 -
many of from which the restrictions and limitations of EGP, and is
therefore growing rapidly in popularity. A router is
not required
update was received uses those values to implement any inter-AS encode special
routes (such as default routes).
7.5.2 Basic Route Filtering
Filtering of routing protocol.
However, if information allows control of paths
used by a router does implement any inter-AS |
protocol, it SHOULD implement BGP.
Although to forward packets it was not designed as an exterior gateway
protocol, RIP (described in Section [7.2.4]) is
sometimes used receives. A
IETF Exp. 11 Sep. 1995 [Page 144]
Draft Requirements for inter-AS routing.
The Border Gateway Protocol (BGP-4) is an inter-AS |
routing protocol IP Version 4 Routers March 1995
router should be selective in which exchanges network reachability
information with other BGP speakers. The sources of routing
information
for it listens to and what routes it believes.
Therefore, a network includes router MUST provide the complete list of ASs that
traffic must transit ability to reach that network. This specify:
+ On which logical interfaces routing information can then will
be used to insure loop-free
paths. This information accepted and which routes will be accepted from
each logical interface.
+ Whether all routes or only a default route is sufficient to construct
advertised on a
graph logical interface.
Some routing protocols do not recognize logical
interfaces as a source of AS connectivity routing information. In such
cases the router MUST provide the ability to specify
+ from which other routers routing loops may
be pruned and some policy decisions at the AS level
may information will be enforced.
BGP is defined by [ROUTE:4]. [ROUTE:5] specifies
accepted.
For example, assume a router connecting one or more leaf
networks to the
proper usage main portion or backbone of a larger
network. Since each of BGP in the Internet, and provides
some useful implementation hints and guidelines.
[ROUTE:12] leaf networks has only one
path in and [ROUTE:13] provide additional useful
information.
To comply with Section [8.3] of this memo, a out, the router |
which implements BGP is forced can simply send a default
route to implement them. It advertises the BGP |
MIB [MGT:15].
To characterize leaf networks to the set
main network.
7.5.3 Advanced Route Filtering
As the topology of policy decisions that can
be enforced using BGP, one must focus on a network grows more complex, the rule
that an AS advertises to its neighbor ASs only those
routes that it itself uses. This rule reflects
need for more complex route filtering arises.
Therefore, a router SHOULD provide the
hop-by-hop ability to
specify independently for each routing paradigm generally used throughout
the current Internet. Note that some policies cannot
be supported by the hop-by-hop protocol:
+ Which logical interfaces or routers routing paradigm
information (routes) will be accepted from and
thus require techniques such as source routing to
enforce. For example, BGP does not enable one AS to
send traffic to a neighbor AS intending that that
traffic take a different route which
routes will be believed from that taken by
November 28, 1994
- 133 -
traffic originating in the neighbor AS. On the each other
hand, BGP can support any policy conforming to the
hop-by-hop router or
logical interface,
+ Which routes will be sent via which logical
interface(s), and
+ Which routers routing paradigm.
Implementors of BGP are strongly encouraged to follow information will be sent to, if
this is supported by the recommendations outlined in Section 6 of
[ROUTE:5].
While BGP provides support for quite complex routing
policies (as an example see Section 4.2 protocol in
[ROUTE:5]), use.
IETF Exp. 11 Sep. 1995 [Page 145]
Draft Requirements for IP Version 4 Routers March 1995
In many situations it is not required for all BGP
implementors desirable to support such policies. At a minimum,
however, assign a BGP implementation:
(1) SHOULD allow an AS to control announcements of
the BGP learned routes
reliability ordering to adjacent AS's.
Implementations SHOULD support such control with
at least the granularity of a single network.
Implementations SHOULD also support such control
with the granularity routing information received
from another router instead of an autonomous system,
where the autonomous system may be either the
autonomous system that originated the route, simple believe or
don't believe choice listed in the autonomous system that advertised the route
to first bullet above.
A router MAY provide the local system (adjacent autonomous
system).
(2) SHOULD allow an AS ability to prefer a particular path specify:
+ A reliability or preference to
a destination (when more than one path is
available). Such function SHOULD be implemented
by allowing system administrator to assign
weights assigned to Autonomous Systems, and making each
route
selection process to select a received. A route with the
lowest weight (where weight of a route is
defined as a sum of weights higher reliability will
be chosen over one with lower reliability regardless
of all AS's in the
AS_PATH path attribute routing metric associated with that
route).
(3) SHOULD allow an AS to ignore each route.
If a router supports assignment of preferences, the
router MUST NOT propagate any routes with certain
AS's in it does not prefer
as first party information. If the AS_PATH path attribute. Such
function can be implemented by using technique
outlined in (2), and by assigning infinity as
weights for such AS's. The route selection
process must ignore routes that have weight
equal to infinity.
November 28, 1994
- 134 -
The Exterior Gateway Protocol (EGP) specifies an EGP
which is used to exchange reachability information
between routers of the same or differing autonomous
systems. EGP is not considered a routing protocol
since there is no standard interpretation (i.e.
metric) for the distance fields in the EGP update
message, so distances are comparable only among
routers of the same AS. It is however designed to
provide high-quality reachability information, both
about neighbor routers and about routes to non-
neighbor routers.
EGP is defined by [ROUTE:6]. An implementor almost
certainly wants to read [ROUTE:7] and [ROUTE:8] as
well, for they contain useful explanations and
background material.
DISCUSSION:
The present EGP specification has serious
limitations, most importantly a restriction which
limits routers
being used to advertising only those networks
which are reachable from within propagate the router's
autonomous system. This restriction against
propagating third party EGP information is to
prevent long-lived routing loops. This
effectively limits EGP to a two-level hierarchy.
RFC-975 is routes does not a part of the EGP specification,
and should be ignored.
Indirect Neighbors: RFC-888, pp. 26
An implementation of EGP MUST include indirect
neighbor support.
Polling Intervals: RFC-904, pp. 10
The interval support
distinguishing between Hello command retransmissions first and third party
information, the interval between Poll retransmissions
SHOULD be configurable but there router MUST be NOT propagate any routes it
does not prefer.
DISCUSSION:
For example, assume a minimum
value defined.
November 28, 1994
- 135 -
The interval at which an implementation will
respond router receives a route to Hello commands
network C from router R and Poll commands SHOULD
be configurable but there MUST be a minimum value
defined.
Network Reachability: RFC-904, pp. 15
An implementation MUST default route to not providing
the external list of routers in other autonomous
systems; only the internal list of routers
together with the nets which are reachable via
those routers should same
network from router S. If router R is considered
more reliable than router S traffic destined for
network C will be included in an Update
Response/Indication packet. However, an
implementation MAY elect to provide a
configuration option enabling the external list forwarded to
be provided. An implementation MUST NOT include
in router R regardless of
the external list routers route received from router S.
Routing information for routes which were learned
via the external list provided by a router does not
use (router S in
another autonomous system. An implementation the above example) MUST NOT send a network back be passed
to the autonomous system
from which it is learned, i.e. it any other router.
7.6 INTER-ROUTING-PROTOCOL INFORMATION EXCHANGE
Routers MUST do split-
horizon on an autonomous system level.
If more than 255 internal or 255 external routers
need to be specified able to exchange routing information
between separate IP interior routing protocols, if
independent IP routing processes can run in a Network Reachability
update, the networks reachable from routers that
can not be listed same
router. Routers MUST be merged into the list provide some mechanism for
one avoiding
routing loops when routers are configured for bi-
directional exchange of the listed routers. Which of the listed
routers is chosen routing information between two
separate interior routing processes. Routers MUST provide
some priority mechanism for this purpose SHOULD be user
configurable, but choosing routes from
independent routing processes. Routers SHOULD default to the source
address provide
administrative control of the EGP update being generated.
An EGP update contains IGP-IGP exchange when used across
IETF Exp. 11 Sep. 1995 [Page 146]
Draft Requirements for IP Version 4 Routers March 1995
administrative boundaries.
Routers SHOULD provide some mechanism for translating or
transforming metrics on a series of blocks of |
classful per network prefixes, where each block |
contains a list basis. Routers (or
routing protocols) MAY allow for global preference of network prefixes reachable at a |
particular distance via a particular router. If
more than 255 networks are reachable at a
particular distance via a particular router, they
are split
exterior routes imported into multiple blocks (all an IGP.
DISCUSSION:
Different IGPs use different metrics, requiring some
translation technique when introducing information from
one protocol into another protocol with a different form
of which have metric. Some IGPs can run multiple instances within
the same distance). Similarly, if more than 255
blocks router or set of routers. In this case metric
information can be preserved exactly or translated.
There are required to list at least two techniques for translation
between different routing processes. The static (or
reachability) approach uses the networks reachable
via existence of a particular router, the router's address is
listed as many times as necessary route
advertisement in one IGP to include all
of the blocks generate a route
advertisement in the update.
Unsolicited Updates: RFC-904, pp. 16
November 28, 1994
- 136 -
If a network is shared other IGP with a given metric. The
translation or tabular approach uses the peer, an
implementation MUST send an unsolicited update
upon entry metric in one
IGP to create a metric in the Up state assuming that the
source network is the shared network.
Neighbor Reachability: RFC-904, pp. 6, 13-15
The other IGP through use of
either a function (such as adding a constant) or a table on page 6 which describes the values
lookup.
Bi-directional exchange of
j and k (the neighbor up and down thresholds) routing information is
incorrect. It
dangerous without control mechanisms to limit feedback.
This is reproduced correctly here:
Name Active Passive Description
-----------------------------------------------
j 3 1 neighbor-up threshold k 1 0 neighbor-down threshold
The value for k in passive mode also specified
incorrectly in RFC-904, pp. 14 The values in
parenthesis should read:
(j = 1, k = 0, the same problem that distance vector routing
protocols must address with the split horizon technique
and T3/T1 = 4)
As an optimization, an implementation that EGP addresses with the third-party rule.
Routing loops can refrain
from sending be avoided explicitly through use of
tables or lists of permitted/denied routes or implicitly
through use of a Hello command when split horizon rule, a Poll is due.
If an implementation does so, it SHOULD provide no-third-party
rule, or a
user configurable option route tagging mechanism. Vendors are
encouraged to disable this
optimization.
Abort timer: RFC-904, pp. 6, 12, 13
An EGP implementation MUST include support use implicit techniques where possible to
make administration easier for the
abort timer (as documented in section 4.1.4 of
RFC-904). An implementation SHOULD use the abort
timer in the Idle state to automatically issue a
Start event to restart the protocol machine.
Recommended values are P4 for a critical error
(Administratively prohibited, Protocol Violation
and Parameter Problem) and P5 network operators.
IETF Exp. 11 Sep. 1995 [Page 147]
Draft Requirements for all others. IP Version 4 Routers March 1995
8. APPLICATION LAYER - NETWORK MANAGEMENT PROTOCOLS
Note that this chapter supersedes any requirements stated
under "REMOTE MANAGEMENT" in [INTRO:3].
8.1 The
abort timer SHOULD NOT Simple Network Management Protocol - SNMP
8.1.1 SNMP Protocol Elements
Routers MUST be started when a Stop
event was manually initiated (such manageable by SNMP [MGT:3]. The SNMP
MUST operate using UDP/IP as via a its transport and network
protocols. Others MAY be supported (e.g., see [MGT:25,
MGT:26, MGT:27, and MGT:28]). SNMP management protocol).
Cease command received in Idle state: RFC-904, pp.
13
When
operations MUST operate as if the EGP state machine is in SNMP was implemented
on the Idle state,
November 28, 1994
- 137 -
it router itself. Specifically, management
operations MUST reply be effected by sending SNMP management
requests to Cease commands with a Cease-ack
response.
Hello Polling Mode: RFC-904, pp. 11
An EGP implementation MUST include support for
both active and passive polling modes.
Neighbor Acquisition Messages: RFC-904, pp. 18
As noted any of the Hello and Poll Intervals should only IP addresses assigned to any of
the router's interfaces. The actual management
operation may be present in Request and Confirm messages.
Therefore performed either by the length of an EGP Neighbor
Acquisition Message is 14 bytes for a Request router or
Confirm message and 10 bytes for by a Refuse, Cease
or Cease-ack message. Implementations MUST NOT
send 14 bytes
proxy for Refuse, Cease or Cease-ack
messages but MUST the router.
DISCUSSION:
This wording is intended to allow for implementations management either
by proxy, where the proxy device responds to SNMP
packets that
send 14 bytes for these messages.
Sequence Numbers: RFC-904, pp. 10
Response or indication have one of the router's IP addresses in
the packets received with a
sequence number not equal to S MUST be discarded.
The send sequence number S MUST be incremented
just before destination address field, or the time a Poll command SNMP is sent
implemented directly in the router itself and at
no other times.
It is possible
receives packets and responds to exchange routing information between
two autonomous systems or routing domains without using
a standard exterior routing protocol between two
separate, standard interior routing protocols. The most
common way of doing this them in the proper
manner.
It is important that management operations can be
sent to run both interior
protocols independently in one of the border routers
with an exchange of route information between router's IP Addresses. In
diagnosing network problems the two
processes.
As with only thing
identifying the exchange of information from an EGP to an
IGP, without appropriate controls these exchanges of
routing information between two IGPs in a single router
are subject to creation that is available may be one
of the router's IP address; obtained perhaps by
looking through another router's routing loops.
Static routing provides table.
All SNMP operations (get, get-next, get-response, set,
and trap) MUST be implemented.
Routers MUST provide a means of explicitly defining mechanism for rate-limiting the
November 28, 1994
- 138 -
next hop from a router
IETF Exp. 11 Sep. 1995 [Page 148]
Draft Requirements for a particular destination. A
router SHOULD IP Version 4 Routers March 1995
generation of SNMP trap messages. Routers MAY provide a means
this mechanism through the algorithms for defining a static route asynchronous
alert management described in [MGT:5].
DISCUSSION:
Although there is general agreement about the need to a destination, where
rate-limit traps, there is not yet consensus on how
this is best achieved. The reference cited is
considered experimental.
8.2 Community Table
For the destination purposes of this specification, we assume that
there is defined by an |
network prefix. The mechanism SHOULD also allow abstract `community table' in the router. This
table contains several entries, each entry for a
metric specific
community and containing the parameters necessary to be specified for each static route.
completely define the attributes of that community. The
actual implementation method of the abstract community
table is, of course, implementation specific.
A router which supports a dynamic routing protocol router's community table MUST allow static routes to be defined with any metric valid for
the routing protocol used. The router MUST provide the
ability at least one
entry and SHOULD allow for at least two entries.
DISCUSSION:
A community table with zero capacity is useless. It
means that the user to specify a list of static routes
which may or may router will not recognize any communities
and, therefore, all SNMP operations will be propagated via the routing
protocol. In addition, a router SHOULD support rejected.
Therefore, one entry is the
following additional information if it supports a routing
protocol that could make use minimal useful size of the information. They are:
+ TOS,
+ Subnet Mask, or |
+ Prefix Length, or |
+ A metric specific
table. Having two entries allows one entry to a given routing protocol that can |
import be
limited to read-only access while the route.
DISCUSSION:
We intend that one needs other would have
write capabilities.
Routers MUST allow the user to support only manually (i.e., without
using SNMP) examine, add, delete and change entries in the things
useful
SNMP community table. The user MUST be able to set the given routing protocol.
community name or construct a MIB view. The need user MUST be
able to configure communities as read-only (i.e., they do
not allow SETs) or read-write (i.e., they do allow SETs).
The user MUST be able to define at least one IP address to
which notifications are sent for TOS |
should not}
Whether a router prefers a static route over a dynamic
route (or vice versa) each community or whether the associated metrics MIB
IETF Exp. 11 Sep. 1995 [Page 149]
Draft Requirements for IP Version 4 Routers March 1995
view, if traps are
used to choose between conflicting static and dynamic
routes used. These addresses SHOULD be configurable for each static route.
A router MUST allow
definable on a metric to community or MIB view basis. It SHOULD be assigned
possible to enable or disable notifications on a static
route for each routing domain that it supports. Each such
metric MUST be explicitly assigned community
or MIB view basis.
A router SHOULD provide the ability to specify a specific routing
domain. For example:
route 36.0.0.0 255.0.0.0 via 192.19.200.3 rip metric 3
route 36.21.0.0 255.255.0.0 via 192.19.200.4 ospf
inter-area metric 27
route 36.22.0.0 255.255.0.0 via 192.19.200.5 egp 123
November 28, 1994
- 139 -
metric 99
route 36.23.0.0 255.255.0.0 via 192.19.200.6 igrp 47
metric 1 2 3 4 5
DISCUSSION:
It has been suggested that, ideally, static routes
should have preference values rather than metrics (since
metrics can only be compared with metrics of other
routes in the same routing domain, the metric of a
static route could only be compared with metrics list of
other static routes). This is contrary to some current
implementations, where static routes really do have
metrics, and those metrics are used to determine whether
a
valid network managers for any particular dynamic route overrides the static route to
the same destination. Thus, this document uses the term
metric rather than preference.
This technique essentially makes the static route into community. If
enabled, a
RIP route, or an OSPF route (or whatever, depending on router MUST validate the domain source address of the metric). Thus,
SNMP datagram against the route lookup
algorithm of that domain applies. However, this is NOT
route leaking, in that coercing a static route into a
dynamic routing domain list and MUST discard the
datagram if its address does not authorize appear. If the datagram
is discarded the router MUST take all actions appropriate
to
redistribute the route into the dynamic routing domain.
For static routes not put into an SNMP authentication failure.
DISCUSSION:
This is a specific routing
domain, the route lookup algorithm is:
(1) Basic match
(2) Longest match
(3) Weak TOS (if TOS supported)
(4) Best metric (where metric are implementation-
defined)
The last step rather limited authentication system, but
coupled with various forms of packet filtering may not
provide some small measure of increased security.
The community table MUST be necessary, but it's useful saved in non-volatile storage.
The initial state of the case where you want to have a primary static route
over community table SHOULD contain one interface and a secondary static route over an
alternate interface,
entry, with failover to the alternate path
if the interface for the primary route fails.
November 28, 1994
- 140 -
Each router within a network makes forwarding decisions
based upon information contained within its forwarding
database. In a simple network the contents community name string "public" and read-
only access. The default state of this entry MUST NOT send
traps. If it is implemented, then this entry MUST remain
in the database
may be statically configured. As the network grows more
complex, the need for dynamic updating of community table until the forwarding
database becomes critical administrator changes it
or deletes it.
DISCUSSION:
By default, traps are not sent to this community. Trap
PDUs are sent to unicast IP addresses. This address
must be configured into the efficient operation of the
network.
If router in some manner.
Before the data flow through a network configuration occurs, there is no such
address, so to whom should the trap be as efficient as
possible, it is necessary sent? Therefore
trap sending to provide a mechanism for
controlling the propagation of the information a router
uses "public" community defaults to build its forwarding database. be
disabled. This control takes
the form of choosing which sources can, of routing information
should course, be trusted and selecting which pieces of changed by an
administrative operation once the
information to believe. The resulting forwarding database router is a filtered version of the available routing information.
In addition operational.
8.3 Standard MIBS
All MIBS relevant to efficiency, controlling the propagation of
routing information can reduce instability by preventing
the spread a router's configuration are to be
implemented. To wit:
IETF Exp. 11 Sep. 1995 [Page 150]
Draft Requirements for IP Version 4 Routers March 1995
+ The System, Interface, IP, ICMP, and UDP groups of incorrect or bad routing information.
In some cases local policy may require that complete
routing information not MIB-II
[MGT:2] MUST be widely propagated.
These filtering requirements apply only to non-SPF-based
protocols (and therefore not at all to routers which don't
implement any distance vector protocols).
A implemented.
+ The Interface Extensions MIB [MGT:18] MUST be
implemented.
+ The IP Forwarding Table MIB [MGT:20] MUST be implemented.
+ If the router SHOULD log as an error any routing update
advertising a route that vioolates implements TCP (e.g., for Telnet) then the specifications
TCP group of |
this memo, unless MIB-II [MGT:2] MUST be implemented.
+ If the routing protocol from which router implements EGP then the
update was received uses those values to encode special
routes (such as default routes).
Filtering of routing information allows control EGP group of paths
used by a router to forward packets it receives. A
router should MIB-II
[MGT:2] MUST be selective in which sources of routing
information it listens to and what routes it believes.
Therefore, a implemented.
+ If the router MUST provide supports OSPF then the ability to specify:
+ On which logical interfaces routing information will |
be accepted and which routes will OSPF MIB [MGT:14]
MUST be accepted from |
each logical interface.
November 28, 1994
- 141 - implemented.
+ Whether all routes or only a default route is |
advertised on a logical interface.
Some routing protocols do not recognize logical
interfaces as a source of routing information. In such
cases If the router MUST provide supports BGP then the ability to specify
+ from which other routers routing information will BGP MIB [MGT:15] MUST
be
accepted.
For example, assume a implemented.
+ If the router connecting one has Ethernet, 802.3, or more leaf
networks to StarLan interfaces
then the main portion or backbone of a larger
network. Since each of Ethernet-Like MIB [MGT:6] MUST be implemented.
+ If the leaf networks router has only one
path in and out, 802.4 interfaces then the 802.4 MIB
[MGT:7] MUST be implemented.
+ If the router can simply send a default
route to them. It advertises has 802.5 interfaces then the leaf networks to 802.5 MIB
[MGT:8] MUST be implemented.
+ If the
main network.
As router has FDDI interfaces that implement ANSI SMT
7.3 then the topology of a network grows more complex, FDDI MIB [MGT:9] MUST be implemented.
+ If the
need for more complex route filtering arises.
Therefore, a router SHOULD provide has FDDI interfaces that implement ANSI SMT
6.2 then the ability to
specify independently for each routing protocol: FDDI MIB [MGT:29] MUST be implemented.
+ Which logical If the router has RS-232 interfaces or routers routing
information (routes) will be accepted from and which
routes will then the RS-232
[MGT:10] MIB MUST be believed from each other router or
logical interface, implemented.
+ Which routes will If the router has T1/DS1 interfaces then the T1/DS1 MIB
[MGT:16] MUST be sent via which logical
interface(s), and implemented.
+ Which routers routing information will be sent to, if
this is supported by If the routing protocol in use.
In many situations it is desirable to assign a
reliability ordering to routing information received
from another router instead of has T3/DS3 interfaces then the simple believe or
don't believe choice listed in T3/DS3 MIB
[MGT:17] MUST be implemented.
IETF Exp. 11 Sep. 1995 [Page 151]
Draft Requirements for IP Version 4 Routers March 1995
+ If the first bullet above.
A router MAY provide has SMDS interfaces then the ability to specify:
+ A reliability or preference to be assigned to each
route received. A route with higher reliability will SMDS Interface
Protocol MIB [MGT:19] MUST be chosen implemented.
+ If the router supports PPP over one with lower reliability regardless any of its interfaces
then the routing metric associated with each route.
November 28, 1994
- 142 - PPP MIBs [MGT:11], [MGT:12], and [MGT:13] MUST
be implemented.
+ If a the router supports assignment of preferences, RIP Version 2 then the
router RIP Version
2 MIB [MGT:21] MUST NOT propagate any routes it does not prefer
as first party information. be implemented.
+ If the routing protocol
being used to propagate router supports X.25 over any of its interfaces
then the routes does X.25 MIBs [MGT:22, MGT:23 and MGT:24] MUST be
implemented.
8.4 Vendor Specific MIBS
The Internet Standard and Experimental MIBs do not support
distinguishing between first cover
the entire range of statistical, state, configuration and third party
information,
control information that may be available in a network
element. This information is, nevertheless, extremely
useful. Vendors of routers (and other network devices)
generally have developed MIB extensions that cover this
information. These MIB extensions are called Vendor
Specific MIBs.
The Vendor Specific MIB for the router MUST NOT propagate any routes it
does provide access
to all statistical, state, configuration, and control
information that is not prefer. available through the Standard and
Experimental MIBs that have been implemented. This
information MUST be available for both monitoring and
control operations.
DISCUSSION:
For example, assume a router receives a route
The intent of this requirement is to
network C from router R and a route provide the ability
to do anything on the same
network from router S. If router R through SNMP that can be |
done through a console, and vice versa. A certain
minimal amount of configuration is considered
more reliable than necessary before SNMP
can operate (e.g., the router S traffic destined for
network C will must have an IP address).
This initial configuration can not be forwarded done through SNMP.
However, once the initial configuration is done, full
capabilities ought to router R regardless of be available through network
management.
IETF Exp. 11 Sep. 1995 [Page 152]
Draft Requirements for IP Version 4 Routers March 1995
The vendor SHOULD make available the route received from router S.
Routing information specifications for routes which all
Vendor Specific MIB variables. These specifications MUST
conform to the router does not
use (router S in SMI [MGT:1] and the above example) descriptions MUST NOT be passed in
the form specified in [MGT:4].
DISCUSSION:
Making the Vendor Specific MIB available to any other router.
Routers MUST the user is
necessary. Without this information the users would not
be able to exchange routing information
between separate IP interior routing protocols, if
independent IP routing processes can run in configure their network management systems to
be able to access the same
router. Routers MUST provide some mechanism for avoiding
routing loops when routers are configured for bi-
directional exchange of routing information between two
separate interior routing processes. Routers MUST provide
some priority mechanism for choosing routes from among
independent routing processes. Routers SHOULD provide
administrative control Vendor Specific parameters. These
parameters would then be useless.
The format of IGP-IGP exchange when used across
administrative boundaries.
Routers SHOULD provide some mechanism the MIB specification is also specified.
Parsers that read MIB specifications and generate the
needed tables for translating or
transforming metrics on a per the network basis. Routers (or
routing protocols) management station are
available. These parsers generally understand only the
standard MIB specification format.
8.5 Saving Changes
Parameters altered by SNMP MAY allow for global preference of
exterior routes imported into an IGP. be saved to non-volatile
storage.
DISCUSSION:
Different IGPs use different metrics, requiring some
translation technique when introducing information from
one protocol into another protocol with a different form
of metric. Some IGPs can run multiple instances within
the same router or set of routers. In
Reasons why this case metric
information can be preserved exactly or translated.
November 28, 1994
- 143 -
There are at least two techniques for translation
between different routing processes. "requirement" is a MAY:
+ The static (or
reachability) approach uses the existence exact physical nature of a route
advertisement non-volatile storage is
not specified in one IGP to generate a route
advertisement this document. Hence, parameters
may be saved in the other IGP with a given metric. The
translation NVRAM/EEPROM, local floppy or hard
disk, or tabular approach uses the metric in one
IGP to create a metric in the other IGP through use of
either a function (such as adding a constant) some TFTP file server or a table
lookup.
Bi-directional exchange of routing BOOTP server,
etc. Suppose that this information is
dangerous without control mechanisms to limit feedback.
This is the same problem that distance vector routing
protocols must address with the split horizon technique
and in a file that EGP addresses with the third-party rule.
Routing loops can be avoided explicitly through use of
tables or lists of permitted/denied routes or implicitly
is retrieved through use of a split horizon rule, a no-third-party
rule, or TFTP. In that case, a route tagging mechanism. Vendors are
encouraged to use implicit techniques where possible change
made to
make administration easier for network operators.
November 28, 1994
- 144 -
Note that this chapter supersedes any requirements stated in
section 6.3 of [INTRO:3].
Routers MUST be manageable by SNMP [MGT:3]. The SNMP
MUST operate using UDP/IP as its transport and network
protocols. Others MAY be supported (e.g., see [MGT:25,
MGT:26, MGT:27, and MGT:28]). SNMP management
operations MUST operate as if the SNMP was implemented a configuration parameter on the router itself. Specifically, management
operations MUST would
need to be effected by sending SNMP management
requests propagated back to any of the IP addresses assigned to any of file server holding
the router's interfaces. The actual management configuration file. Alternatively, the SNMP
operation may would need to be performed either by directed to the router or by a
proxy for file
server, and then the router.
DISCUSSION:
This wording is intended change somehow propagated to allow management either
by proxy, where the proxy device responds
router. The answer to SNMP
packets which have one of the router's IP addresses
in the packets destination address field, or the SNMP
is implemented directly in this problem does not seem
obvious.
This also places more requirements on the router itself and
receives packets and responds to them in host
holding the proper
manner.
It is important configuration information than just
IETF Exp. 11 Sep. 1995 [Page 153]
Draft Requirements for IP Version 4 Routers March 1995
having an available TFTP server, so much more that management operations can be
sent
its probably unsafe for a vendor to one assume that any
potential customer will have a suitable host
available.
+ The timing of the router's IP Addresses. In
diagnosing network problems the committing changed parameters to non-
volatile storage is still an issue for debate. Some
prefer to commit all changes immediately. Others
prefer to commit changes to non-volatile storage only thing
identifying
upon an explicit command.
IETF Exp. 11 Sep. 1995 [Page 154]
Draft Requirements for IP Version 4 Routers March 1995
9. APPLICATION LAYER - MISCELLANEOUS PROTOCOLS
For all additional application protocols that a router
implements, the router that is available may MUST be one
of the router's IP address; obtained perhaps by
looking through another router's routing table.
All SNMP operations (get, get-next, get-response, set, compliant and trap) MUST SHOULD be implemented.
Routers MUST provide a mechanism for rate-limiting
unconditionally compliant with the
generation relevant requirements of SNMP trap messages. Routers MAY provide
this mechanism via the algorithms for asynchronous alert
management described in [MGT:5].
DISCUSSION:
Although there is general agreement about the need to
rate-limit traps, there is not yet consensus on how
November 28, 1994
- 145 -
this is best achieved.
[INTRO:3].
9.1 BOOTP
9.1.1 Introduction
The reference cited Bootstrap Protocol (BOOTP) is
considered experimental.
For the purposes of this specification, we assume a UDP/IP-based
protocol that
there is an abstract `community table' in the router. This
table contains several entries, each entry for allows a specific
community booting host to configure itself
dynamically and containing the parameters necessary without user supervision. BOOTP
provides a means to
completely define the attributes of that community. The
actual implementation method notify a host of its assigned IP
address, the abstract community
table is, IP address of course, implementation specific.
A router's community table MUST allow for at least one
entry a boot server host, and SHOULD allow for at least two entries.
DISCUSSION:
A community table with zero capacity is useless. It
means that the router will not recognize any communities
and, therefore, all SNMP operations will be rejected.
Therefore, one entry is the minimal useful size
name of the
table. Having two entries allows one entry a file to be
limited to read-only access while loaded into memory and executed
([APPL:1]). Other configuration information such as the other would have
write capabilities.
Routers MUST allow
local prefix length or subnet mask, the user to manually (i.e., without
using SNMP) examine, add, delete local time
offset, the addresses of default routers, and change entries in the
SNMP community table. The user MUST
addresses of various Internet servers can also be able
communicated to set a host using BOOTP ([APPL:2]).
9.1.2 BOOTP Relay Agents
In many cases, BOOTP clients and their associated BOOTP
server(s) do not reside on the
community name. The user MUST be able same IP (sub)network. In
such cases, a third-party agent is required to transfer
BOOTP messages between clients and servers. Such an
agent was originally referred to configure
communities as read-only (i.e., they do not allow SETs) or
read-write (i.e., they do allow SETs).
The user MUST be able a "BOOTP forwarding
agent." However, to define at least one avoid confusion with the IP address to
which traps are sent for each community. These addresses
MUST be definable on a per-community basis. Traps MUST be
enablable or disablable on
forwarding function of a per-community basis. router, the name "BOOTP relay
agent" has been adopted instead.
DISCUSSION:
A BOOTP relay agent performs a task that is distinct
from a router's normal IP forwarding function. While
a router SHOULD provide the ability to specify normally switches IP datagrams between
networks more-or-less transparently, a list of
valid network managers BOOTP relay
agent may more properly be thought to receive BOOTP
IETF Exp. 11 Sep. 1995 [Page 155]
Draft Requirements for any particular community. If
enabled, IP Version 4 Routers March 1995
messages as a router MUST validate final destination and then generate new
BOOTP messages as a result. One should resist the source address
notion of simply forwarding a BOOTP message "straight
through like a regular packet."
This relay-agent functionality is most conveniently
located in the
SNMP datagram against routers that interconnect the list clients and MUST discard the
datagram if its address does not appear. If the datagram
servers (although it may alternatively be located in a
host that is discarded directly connected to the client (sub)net).
A router MAY provide BOOTP relay-agent capability. If
it does, it MUST take all actions appropriate conform to an SNMP authentication failure.
November 28, 1994
- 146 -
DISCUSSION:
This is the specifications in
[APPL:3].
Section [5.2.3] discussed the circumstances under which
a rather limited authentication system, but
coupled with various forms of packet filtering may
provide some small measure of increased security.
The community table MUST be saved in non-volatile storage.
The initial state of is delivered locally (to the community table SHOULD contain one
entry, with router). All
locally delivered UDP messages whose UDP destination
port number is BOOTPS (67) are considered for special
processing by the community name string public router's logical BOOTP relay agent.
Sections [4.2.2.11] and read-only
access. The default state of this entry MUST NOT send
traps. If it [5.3.7] discussed invalid IP
source addresses. According to these rules, a router
must not forward any received datagram whose IP source
address is implemented, then this entry 0.0.0.0. However, routers that support a
BOOTP relay agent MUST remain
in accept for local delivery to the community table until
relay agent BOOTREQUEST messages whose IP source address
is 0.0.0.0.
IETF Exp. 11 Sep. 1995 [Page 156]
Draft Requirements for IP Version 4 Routers March 1995
10. OPERATIONS AND MAINTENANCE
This chapter supersedes any requirements of [INTRO:3] relating
to "Extensions to the administrator changes it
or deletes it.
DISCUSSION:
By default, traps are IP Module."
Facilities to support operation and maintenance (O&M)
activities form an essential part of any router
implementation. Although these functions do not sent seem to this community. Trap
PDUs
relate directly to interoperability, they are sent essential to unicast IP addresses. This address the
network manager who must be configured into make the router in interoperate and must
track down problems when it doesn't. This chapter also
includes some manner.
Before the configuration occurs, there is no such
address, so to whom should the trap be sent? Therefore
trap sending to the public community defaults to be
disabled. This can, discussion of course, be changed by an
administrative operation once the router is operational.
All MIBS relevant to a router's configuration are to be
implemented. To wit:
+ The System, Interface, IP, ICMP, initialization and UDP groups of MIB-
II [MGT:2] MUST be implemented.
+ The Interface Extensions MIB [MGT:18] MUST be
implemented.
+ The IP Forwarding Table MIB [MGT:20] MUST be
implemented.
+ If the router implements TCP (e.g.
facilities to assist network managers in securing and
accounting for Telnet) then the
TCP group of MIB-II [MGT:2] MUST be implemented.
+ If the router implements EGP then the EGP group their networks.
10.1 Introduction
The following kinds of MIB-
II [MGT:2] MUST be implemented.
+ If the router supports OSPF then the OSPF MIB [MGT:14]
November 28, 1994
- 147 -
MUST be implemented.
+ If the activities are included under router supports BGP then the BGP MIB [MGT:15]
MUST be implemented.
O&M:
+ If Diagnosing hardware problems in the router has Ethernet, 802.3, router's processor,
in its network interfaces, or StarLan interfaces
then the Ethernet-Like MIB [MGT:6] MUST be implemented.
+ If the router has 802.4 interfaces then the 802.4 MIB
[MGT:7] MAY be implemented.
+ If the router has 802.5 interfaces then the 802.5 MIB
[MGT:8] MUST be implemented. in its connected networks,
modems, or communication lines.
+ If the router has FDDI interfaces that implement ANSI
SMT 7.3 then the FDDI MIB [MGT:9] MUST be implemented. Installing new hardware
+ If the router has FDDI interfaces that implement ANSI
SMT 6.2 then the FDDI MIB [MGT:29] MUST be implemented. Installing new software.
+ If Restarting or rebooting the router has RS-232 interfaces then the RS-232
[MGT:10] MIB MUST be implemented. after a crash.
+ If the router has T1/DS1 interfaces then Configuring (or reconfiguring) the T1/DS1 MIB
[MGT:16] MUST be implemented. router.
+ If the router has T3/DS3 interfaces then the T3/DS3 MIB
[MGT:17] MUST be implemented. Detecting and diagnosing Internet problems such as
congestion, routing loops, bad IP addresses, black
holes, packet avalanches, and misbehaved hosts.
+ If the router has SMDS interfaces then the SMDS
Interface Protocol MIB [MGT:19] MUST be implemented. Changing network topology, either temporarily (e.g., to
bypass a communication line problem) or permanently.
+ If Monitoring the router supports PPP over any status and performance of its interfaces
then the PPP MIBs [MGT:11], [MGT:12], routers and [MGT:13] MUST
be implemented.
+ If the router supports RIP Version 2 then
the RIP connected networks.
+ Collecting traffic statistics for use in (Inter-)network
IETF Exp. 11 Sep. 1995 [Page 157]
Draft Requirements for IP Version 2 MIB [MGT:21] MUST be implemented. 4 Routers March 1995
planning.
+ If the router supports X.25 over any of its interfaces
then Coordinating the X.25 MIBs [MGT:22, MGT:23 and MGT:24] MUST be
implemented.
The Internet Standard above activities with appropriate
vendors and Experimental MIBs do not cover
November 28, 1994
- 148 -
the entire range of statistical, state, configuration telecommunications specialists.
Routers and
control information that may be available in their connected communication lines are often
operated as a network
element. system by a centralized O&M organization.
This information is, never the less, extremely
useful. Vendors of routers (and other network devices)
generally have developed MIB extensions that cover this
information. These MIB extensions are called Vendor
Specific MIBs.
The Vendor Specific MIB for the router MUST provide access organization may maintain a (Inter-)network operation
center, or NOC, to all statistical, state, configuration, and control
information that carry out its O&M functions. It is not available
essential that routers support remote control and
monitoring from such a NOC through an Internet path, since
routers might not be connected to the Standard and
Experimental MIBs same network as their
NOC. Since a network failure may temporarily preclude
network access, many NOCs insist that have been implemented. This
information MUST routers be available accessible
for both monitoring and
control operations.
DISCUSSION:
The intent of this requirement is to provide the ability network management through an alternative means, often
dial-up modems attached to do anything console ports on the router via SNMP that can be done
via a console. A certain minimal amount of
configuration is necessary before SNMP can operate
(e.g., the router must have routers.
Since an IP address). This
initial configuration can not be done via SNMP.
However, once packet traversing an internet will often use
routers under the initial configuration is done, full
capabilities ought control of more than one NOC, Internet
problem diagnosis will often involve cooperation of
personnel of more than one NOC. In some cases, the same
router may need to be available via network
management. monitored by more than one NOC, but
only if necessary, because excessive monitoring could
impact a router's performance.
The vendor SHOULD make tools available the specifications for all
Vendor Specific MIB variables. These specifications MUST
conform to the SMI [MGT:1] and the descriptions MUST be in
the form specified in [MGT:4].
DISCUSSION:
Making the Vendor Specific MIB available to monitoring at a NOC may cover a
wide range of sophistication. Current implementations
include multi-window, dynamic displays of the user entire router
system. The use of AI techniques for automatic problem
diagnosis is
necessary. Without this information proposed for the users would future.
Router O&M facilities discussed here are only a part of the
large and difficult problem of Internet management. These
problems encompass not
be able to configure their network only multiple management systems to
be able to access
organizations, but also multiple protocol layers. For
example, at the Vendor Specific parameters. These
parameters would then be useless.
The format current stage of evolution of the MIB specification Internet
architecture, there is also specified.
Parsers which read MIB specifications a strong coupling between host TCP
implementations and generate eventual IP-level congestion in the
needed tables for
router system [OPER:1]. Therefore, diagnosis of congestion
problems will sometimes require the network management station monitoring of TCP
statistics in hosts. There are
available. These parsers generally understand only the
standard MIB specification format.
November 28, 1994
- 149 -
Parameters altered by SNMP MAY be saved to non-volatile
storage.
DISCUSSION:
Reasons why this requirement is currently a MAY:
+ The exact physical nature number of non-volatile storage is
not specified in this document. Hence, parameters
may be saved in NVRAM/EEPROM, local floppy or hard
disk, or R&D
efforts in some TFTP file server or BOOTP server,
etc. Suppose that that this information is progress in a file
that is retrieved via TFTP. In that case, a change
made to a configuration parameter on the router would
need to be propagated back to the file server holding
the configuration file. Alternatively, the SNMP
operation would need to be directed to the file
server, area of Internet management and then the change somehow propagated to the
router. The answer to this problem does not seem
obvious.
more specifically router O&M. These R&D efforts have
already produced standards for router O&M. This is also places more requirements on the host
holding the configuration information than just
having an available tftp server, so much more that
its probably unsafe
IETF Exp. 11 Sep. 1995 [Page 158]
Draft Requirements for a IP Version 4 Routers March 1995
area in which vendor to assume that any
potential customer will have creativity can make a suitable host
available.
+ The timing significant
contribution.
10.2 Router Initialization
10.2.1 Minimum Router Configuration
There exists a minimum set of committing changed parameters to non-
volatile storage is still an issue for debate. Some
prefer to commit all changes immediately. Others
prefer to commit changes to non-volatile storage only
upon an explicit command.
November 28, 1994
- 150 -
For all additional application protocols conditions that must be
satisfied before a router
implements, the may forward packets. A router
MUST be compliant and SHOULD be
unconditionally compliant with the relevant requirements of
[INTRO:3]. NOT enable forwarding on any physical interface
unless either:
(1) The Bootstrap Protocol (BOOTP) is a UDP/IP-based
protocol which allows a booting host to configure itself
dynamically and without user supervision. BOOTP
provides a means to notify a host of its assigned IP
address, router knows the IP address of a boot server host, and the
name of a file to be loaded into memory and executed
([APPL:1]). Other configuration information such as the |
local associated
subnet mask or network prefix length of at least
one logical interface associated with that physical
interface, or subnet mask, the local time
offset,
(2) The router knows that the addresses of interface is an unnumbered
interface and knows its router-id.
These parameters MUST be explicitly configured:
+ A router MUST NOT use factory-configured default routers,
values for its IP addresses, prefix lengths, or
router-id, and the
+ A router MUST NOT assume that an unconfigured
interface is an unnumbered interface.
DISCUSSION:
There have been instances in which routers have been
shipped with vendor-installed default addresses of various Internet servers can also be
communicated to a host using BOOTP ([APPL:2]). for
interfaces. In many a few cases, BOOTP clients this has resulted in
routers advertising these default addresses into
active networks.
IETF Exp. 11 Sep. 1995 [Page 159]
Draft Requirements for IP Version 4 Routers March 1995
10.2.2 Address and their associated BOOTP
server(s) do not reside on the same Prefix Initialization
A router MUST allow its IP (sub)network. In |
such cases, a third-party agent is required to transfer
BOOTP messages between clients addresses and servers. Such an
agent was originally referred their address
masks or prefix lengths to be statically configured and
saved in non-volatile storage.
A router MAY obtain its IP addresses and their
corresponding address masks dynamically as a BOOTP forwarding
agent. However, in order to avoid confusion with side effect
of the IP
forwarding function system initialization process (see Section
10.2.3]);
If the dynamic method is provided, the choice of method
to be used in a router, the name BOOTP relay
agent has been adopted instead.
DISCUSSION:
A BOOTP relay agent performs a task which is distinct
from a router's normal particular router MUST be configurable.
As was described in Section [4.2.2.11], IP forwarding function. While addresses are
not permitted to have the value 0 or -1 in the <Host-
number> or <Network-prefix> fields. Therefore, a router normally switches
SHOULD NOT allow an IP datagrams between
networks more-or-less transparently, a BOOTP relay
agent may more properly address or address mask to be thought set
to receive BOOTP
messages as a final destination and then generate new
BOOTP messages as a result. One should resist the
notion value that would make any of simply forwarding a BOOTP message straight
through like a regular packet.
This relay-agent functionality is most conveniently
located in the routers which interconnect these fields above
have the clients |
and servers (although it may alternatively be located in |
a host which value zero or -1.
DISCUSSION:
It is directly connected to the client |
November 28, 1994
- 151 -
subnet).
A router MAY provide BOOTP relay-agent capability. If
it does, it MUST conform possible using arbitrary address masks to the specifications
create situations in
[APPL:3].
Section [5.2.3] discussed the circumstances under which
a packet routing is delivered locally (to the router). All
locally delivered UDP messages whose UDP ambiguous
(i.e., two routes with different but equally specific
subnet masks match a particular destination
port number address).
This is BOOTPS (67) are considered one of the strongest arguments for special
processing by the router's logical BOOTP relay agent.
Sections [4.2.2.11] use of
network prefixes, and [5.3.7] discussed invalid IP
source addresses. According to these rules, a router
must the reason the use of
discontiguous subnet masks is not forward permitted.
A router SHOULD make the following checks on any received datagram whose IP source address
mask it installs:
+ The mask is 0.0.0.0. However, routers neither all ones nor all zeroes (the
prefix length is neither zero nor 32).
+ The bits which support a
BOOTP relay agent MUST accept for local delivery correspond to the
relay agent BOOTREQUEST messages whose IP source address
is 0.0.0.0.
November 28, 1994
- 152 -
This chapter supersedes any requirements network prefix part
of [INTRO:3] relating | the address are all set to "Extensions 1.
+ The bits that correspond to the network prefix are
contiguous.
DISCUSSION:
IETF Exp. 11 Sep. 1995 [Page 160]
Draft Requirements for IP Module."
Facilities to support operation and maintenance (O&M)
activities form an essential part of any router
implementation. Although these functions do not seem to
relate directly to interoperability, they Version 4 Routers March 1995
The masks associated with routes are essential also sometimes
called "subnet masks", this test should not be
applied to the
network manager who must make the router interoperate them.
10.2.3 Network Booting using BOOTP and must
track down problems when it doesn't. This chapter also
includes some TFTP
There has been much discussion of router initialization how routers can and of
facilities to assist network managers in securing
should be booted from the network. These discussions
have revolved around BOOTP and
accounting for their networks.
The following kinds of activities TFTP. Currently, there
are included under router
O&M:
+ Diagnosing hardware problems in routers that boot with TFTP from the router's processor,
in its network interfaces, or in its connected networks,
modems, or communication lines.
+ Installing new hardware
+ Installing new software.
+ Restarting or rebooting network. There
is no reason that BOOTP could not be used for locating
the router after a crash.
+ Configuring (or reconfiguring) server that the router.
+ Detecting and diagnos