draft-ietf-tsvwg-source-quench-00.txt   draft-ietf-tsvwg-source-quench-01.txt 
Transport Area Working Group F. Gont Transport Area Working Group (tsvwg) F. Gont
(tsvwg) UTN/FRH Internet-Draft UTN/FRH
Internet-Draft January 27, 2011 Updates: 792, 1122, 1812 June 10, 2011
Updates: 792, 1122, 1812
(if approved) (if approved)
Intended status: Standards Track Intended status: Standards Track
Expires: July 31, 2011 Expires: December 12, 2011
Deprecation of ICMP Source Quench messages Deprecation of ICMP Source Quench messages
draft-ietf-tsvwg-source-quench-00.txt draft-ietf-tsvwg-source-quench-01.txt
Abstract Abstract
This document formally deprecates the use of ICMP Source Quench This document formally deprecates the use of ICMP Source Quench
messages by transport protocols, formally updating RFC 792, RFC 1122, messages by transport protocols, formally updating RFC 792, RFC 1122,
and RFC 1812. Additionally, it requests that the status of RFC 1016 and RFC 1812. Additionally, it requests that the status of RFC 1016
be changed to "Historic". be changed to "Historic".
Status of this Memo Status of this Memo
skipping to change at page 1, line 36 skipping to change at page 1, line 35
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 31, 2011. This Internet-Draft will expire on December 12, 2011.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 14 skipping to change at page 2, line 13
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. ICMP Source Quench messages . . . . . . . . . . . . . . . . . . 3 2. ICMP Source Quench messages . . . . . . . . . . . . . . . . . . 3
3. Updating RFC 1122 . . . . . . . . . . . . . . . . . . . . . . . 4 3. Updating RFC 1122 . . . . . . . . . . . . . . . . . . . . . . . 4
4. Updating RFC 1812 . . . . . . . . . . . . . . . . . . . . . . . 4 4. Updating RFC 1812 . . . . . . . . . . . . . . . . . . . . . . . 4
5. General Advice to Transport Protocols . . . . . . . . . . . . . 4 5. General Advice to Transport Protocols . . . . . . . . . . . . . 4
6. Changing the status of RFC 1016 Historic . . . . . . . . . . . 4 6. Changing the status of RFC 1016 to Historic . . . . . . . . . . 4
7. Security Considerations . . . . . . . . . . . . . . . . . . . . 4 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 5 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 5
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 5
10.1. Normative References . . . . . . . . . . . . . . . . . . . 5 10.1. Normative References . . . . . . . . . . . . . . . . . . . 5
10.2. Informative References . . . . . . . . . . . . . . . . . . 6 10.2. Informative References . . . . . . . . . . . . . . . . . . 6
Appendix A. Survey of support of ICMP Source Quench in some Appendix A. Survey of support of ICMP Source Quench in some
popular TCP/IP implementations . . . . . . . . . . . . 6 popular TCP/IP implementations . . . . . . . . . . . . 7
Appendix B. Changes from previous versions of the draft (to Appendix B. Changes from previous versions of the draft (to
be removed by the RFC Editor before publishing be removed by the RFC Editor before publishing
this document as an RFC) . . . . . . . . . . . . . . . 6 this document as an RFC) . . . . . . . . . . . . . . . 7
B.1. Changes from draft-gont-tsvwg-source-quench-01 . . . . . . 7 B.1. Changes from draft-ietf-tsvwg-source-quench-00 . . . . . . 7
B.2. Changes from draft-gont-tsvwg-source-quench-00 . . . . . . 7 B.2. Changes from draft-gont-tsvwg-source-quench-01 . . . . . . 7
B.3. Changes from draft-gont-tsvwg-source-quench-00 . . . . . . 7
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction 1. Introduction
The ICMP specification [RFC0792] defined the ICMPv4 Source Quench The ICMP specification [RFC0792] defined the ICMP Source Quench
message (type 4, code 0), which was meant as a mechanism for message (type 4, code 0), which was meant as a mechanism for
congestion control. ICMP Source Quench has been known to be an congestion control. ICMP Source Quench has been known to be an
ineffective (and unfair) antidote for congestion, and generation of ineffective (and unfair) antidote for congestion, and generation of
ICMP Source Quench messages by routers has been formally deprecated ICMP Source Quench messages by routers has been formally deprecated
by [RFC1812] since 1995. However, reaction to ICMP Source Quench by [RFC1812] since 1995. However, reaction to ICMP Source Quench
messages in transport protocols has never been formally deprecated. messages in transport protocols has never been formally deprecated.
This document formally deprecates reaction to ICMP Source Quench This document formally deprecates reaction to ICMP Source Quench
messages by transport protocols such as TCP, formally updating messages by transport protocols such as TCP, formally updating
[RFC0792], [RFC1122], and [RFC1812]. Additionally, it requests that [RFC0792], [RFC1122], and [RFC1812]. Additionally, it requests that
the status of [RFC1016] be changed to "Historic". the status of [RFC1016] be changed to "Historic". The rationale for
these specification updates is:
o Processing of ICMP Source Quench messages by routers has been
deprecated for more than 20 years [RFC1812].
o Virtually all popular host implementations have removed support
for ICMP Source Quench messages since (at least) 2005 [RFC5927].
o Widespread deployment of ICMP filtering makes it impossible to
rely on ICMP Source Quench messages for congestion control.
o The IETF has moved away from ICMP Source Quench messages for
congestion control (note e.g. the development of ECN [RFC3168],
and the fact that ICMPv6 [RFC4443] does not even specify a Source
Quench message).
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119]. document are to be interpreted as described in RFC 2119 [RFC2119].
2. ICMP Source Quench messages 2. ICMP Source Quench messages
The ICMP specification [RFC0792] defined the ICMP Source Quench The ICMP specification [RFC0792] defined the ICMP Source Quench
message (type 4, code 0), which was meant to provide a mechanism for message (type 4, code 0), which was meant to provide a mechanism for
congestion control. The Host Requirements RFC [RFC1122] stated in congestion control. The Host Requirements RFC [RFC1122] stated in
skipping to change at page 4, line 34 skipping to change at page 4, line 44
This document hereby updates Section 4.3.3.3 of [RFC1812] as follows: This document hereby updates Section 4.3.3.3 of [RFC1812] as follows:
A router SHOULD ignore any ICMP Source Quench messages it A router SHOULD ignore any ICMP Source Quench messages it
receives. receives.
5. General Advice to Transport Protocols 5. General Advice to Transport Protocols
If a Source Quench message is received by a transport-protocol If a Source Quench message is received by a transport-protocol
instance (e.g., a TCP connection), it SHOULD be silently ignored. instance (e.g., a TCP connection), it SHOULD be silently ignored.
6. Changing the status of RFC 1016 Historic 6. Changing the status of RFC 1016 to Historic
This document requests the RFC Editor to change the status of This document requests the RFC Editor to change the status of
[RFC1016] to "Historic". [RFC1016] to "Historic".
7. Security Considerations 7. Security Considerations
ICMP Source Quench messages could be leveraged for performing blind ICMP Source Quench messages could be leveraged for performing blind
throughput-reduction attacks against TCP and similar protocols. This throughput-reduction attacks against TCP and similar protocols. This
attack vector, along with possible countermeasures, have been attack vector, along with possible countermeasures, have been
discussed in great detail in [RFC5927] and [CPNI-TCP]. However, as discussed in great detail in [RFC5927] and [CPNI-TCP]. However, as
skipping to change at page 5, line 13 skipping to change at page 5, line 23
Quench messages. Quench messages.
Silently ignoring ICMP Source Quench messages, as specified in this Silently ignoring ICMP Source Quench messages, as specified in this
document, eliminates the aforementioned attack vector. document, eliminates the aforementioned attack vector.
If deemed necessary, ICMP Source Quench messages could be filtered at If deemed necessary, ICMP Source Quench messages could be filtered at
firewalls. firewalls.
8. IANA Considerations 8. IANA Considerations
This document has no actions for IANA. The RFC-Editor can remove IANA is requested to mark ICMP type 4 (Source Quench) as "Deprecated"
this section before publication of this document as an RFC. in de ICMP Parameters registry [ICMPPARREG] with a reference to this
document.
9. Acknowledgements 9. Acknowledgements
The author of this document would like to thank (in alphabetical The author of this document would like to thank (in alphabetical
order) Fred Baker, David Black, Scott Bradner, James Carlson, Antonio order) Fred Baker, David Black, Scott Bradner, James Carlson, Antonio
De Simone, Gorry Fairhurst, Alfred Hoenes, Mahesh Jethanandani, Dan De Simone, Gorry Fairhurst, Alfred Hoenes, Mahesh Jethanandani,
Wing, and Andrew Yourtchenko, for providing valuable feedback on Carlos Pignataro, Anantha Ramaiah, Dan Wing, and Andrew Yourtchenko,
earlier versions of this document. for providing valuable feedback on earlier versions of this document.
This document has benefited from discussions within the TCPM Working This document has benefited from discussions within the TCPM Working
Group while working on [RFC5927]. Group while working on [RFC5927].
10. References 10. References
10.1. Normative References 10.1. Normative References
[RFC0792] Postel, J., "Internet Control Message Protocol", STD 5, [RFC0792] Postel, J., "Internet Control Message Protocol", STD 5,
RFC 792, September 1981. RFC 792, September 1981.
skipping to change at page 6, line 5 skipping to change at page 6, line 15
[RFC1122] Braden, R., "Requirements for Internet Hosts - [RFC1122] Braden, R., "Requirements for Internet Hosts -
Communication Layers", STD 3, RFC 1122, October 1989. Communication Layers", STD 3, RFC 1122, October 1989.
[RFC1812] Baker, F., "Requirements for IP Version 4 Routers", [RFC1812] Baker, F., "Requirements for IP Version 4 Routers",
RFC 1812, June 1995. RFC 1812, June 1995.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition
of Explicit Congestion Notification (ECN) to IP",
RFC 3168, September 2001.
[RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP Congestion [RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP Congestion
Control", RFC 5681, September 2009. Control", RFC 5681, September 2009.
10.2. Informative References 10.2. Informative References
[CPNI-TCP] [CPNI-TCP]
CPNI, "Security Assessment of the Transmission Control CPNI, "Security Assessment of the Transmission Control
Protocol (TCP)", 2009, <http://www.cpni.gov.uk/Docs/ Protocol (TCP)", 2009, <http://www.cpni.gov.uk/Docs/
tn-03-09-security-assessment-TCP.pdf>. tn-03-09-security-assessment-TCP.pdf>.
[FreeBSD] The FreeBSD Project, "http://www.freebsd.org". [FreeBSD] The FreeBSD Project, "http://www.freebsd.org".
[ICMPPARREG]
Internet Control Message Protocol (ICMP) Parameters,
"http://www.iana.org/assignments/icmp-parameters".
[Linux] The Linux Project, "http://www.kernel.org". [Linux] The Linux Project, "http://www.kernel.org".
[NetBSD] The NetBSD Project, "http://www.netbsd.org". [NetBSD] The NetBSD Project, "http://www.netbsd.org".
[OpenBSD] The OpenBSD Project, "http://www.openbsd.org". [OpenBSD] The OpenBSD Project, "http://www.openbsd.org".
[OpenSolaris] [OpenSolaris]
OpenSolaris, "http://www.opensolaris.org". OpenSolaris, "http://www.opensolaris.org".
[RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition
of Explicit Congestion Notification (ECN) to IP",
RFC 3168, September 2001.
[RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control [RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet Control
Message Protocol (ICMPv6) for the Internet Protocol Message Protocol (ICMPv6) for the Internet Protocol
Version 6 (IPv6) Specification", RFC 4443, March 2006. Version 6 (IPv6) Specification", RFC 4443, March 2006.
[RFC5927] Gont, F., "ICMP Attacks against TCP", RFC 5927, July 2010. [RFC5927] Gont, F., "ICMP Attacks against TCP", RFC 5927, July 2010.
Appendix A. Survey of support of ICMP Source Quench in some popular Appendix A. Survey of support of ICMP Source Quench in some popular
TCP/IP implementations TCP/IP implementations
A large number of implementations completely ignore ICMP Source A large number of implementations completely ignore ICMP Source
Quench messages meant for TCP connections. This behavior has been Quench messages meant for TCP connections. This behavior has been
implemented in, at least, Linux [Linux] since 2004, and in FreeBSD implemented in, at least, Linux [Linux] since 2004, and in FreeBSD
[FreeBSD], NetBSD [NetBSD], OpenBSD [OpenBSD], and Solaris 10 since [FreeBSD], NetBSD [NetBSD], OpenBSD [OpenBSD], and Solaris 10 since
2005. Additionally, OpenSolaris [OpenSolaris] has always shipped 2005. Additionally, OpenSolaris [OpenSolaris] has always shipped
with support for ICMP Source Quench messages disabled. with support for ICMP Source Quench messages disabled.
Appendix B. Changes from previous versions of the draft (to be removed Appendix B. Changes from previous versions of the draft (to be removed
by the RFC Editor before publishing this document as an by the RFC Editor before publishing this document as an
RFC) RFC)
B.1. Changes from draft-gont-tsvwg-source-quench-01 B.1. Changes from draft-ietf-tsvwg-source-quench-00
o Discusses the motivation for deprecating ICMP Source Quench
messages (as suggested by Anantha Ramaiah).
o Incorporates IANA considerations such that ICMP Source Quench
messages are deprecated in the corresponding registry.
B.2. Changes from draft-gont-tsvwg-source-quench-01
o Addresses nits and editorial chagnes suggested by Gorry Fairhurst. o Addresses nits and editorial chagnes suggested by Gorry Fairhurst.
o Added the status of Solaris and OpenSolaris to Appendix A. o Added the status of Solaris and OpenSolaris to Appendix A.
o Document resubmitted as draft-ietf. o Document resubmitted as draft-ietf.
B.2. Changes from draft-gont-tsvwg-source-quench-00 B.3. Changes from draft-gont-tsvwg-source-quench-00
o This revision reflects the recent discussion about ICMP Source o This revision reflects the recent discussion about ICMP Source
Quench messages on the tsvwg mailing-list. A detailed list of the Quench messages on the tsvwg mailing-list. A detailed list of the
changes is available at: changes is available at:
http://www.ietf.org/mail-archive/web/tsvwg/current/msg10407.html http://www.ietf.org/mail-archive/web/tsvwg/current/msg10407.html
Author's Address Author's Address
Fernando Gont Fernando Gont
Universidad Tecnologica Nacional / Facultad Regional Haedo Universidad Tecnologica Nacional / Facultad Regional Haedo
 End of changes. 17 change blocks. 
27 lines changed or deleted 55 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/