A new Request for Comments is now available in online RFC libraries.
RFC 7113
Title: Implementation Advice for IPv6 Router
Advertisement Guard (RA-Guard)
Author: F. Gont
Status: Informational
Stream: IETF
Date: February 2014
Mailbox: fgont@si6networks.com
Pages: 13
Characters: 29272
Updates: RFC 6105
I-D Tag: draft-ietf-v6ops-ra-guard-implementation-07.txt
URL: http://www.rfc-editor.org/rfc/rfc7113.txt
The IPv6 Router Advertisement Guard (RA-Guard) mechanism is commonly
employed to mitigate attack vectors based on forged ICMPv6 Router
Advertisement messages. Many existing IPv6 deployments rely on
RA-Guard as the first line of defense against the aforementioned attack
vectors. However, some implementations of RA-Guard have been found
to be prone to circumvention by employing IPv6 Extension Headers.
This document describes the evasion techniques that affect the
aforementioned implementations and formally updates RFC 6105, such
that the aforementioned RA-Guard evasion vectors are eliminated.
This document is a product of the IPv6 Operations Working Group of the IETF.
INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
http://www.ietf.org/mailman/listinfo/ietf-announce
http://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
For searching the RFC series, see http://www.rfc-editor.org/search/rfc_search.php
For downloading RFCs, see http://www.rfc-editor.org/rfc.html
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC
