|
Network Working Group Request for Comments: 1716 Category: Informational |
P. Almquist, Author Consultant F. Kastenholz, Editor FTP Software, Inc. November 1994 |
This memo provides information for the Internet community. This memo does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
0. PREFACE
1. INTRODUCTION
1.1 Reading this Document
1.1.1 Organization
1.1.2 Requirements
1.1.3 Compliance
1.2 Relationships to Other Standards
1.3 General Considerations
1.3.1 Continuing Internet Evolution
1.3.2 Robustness Principle
1.3.3 Error Logging
1.3.4 Configuration
1.4 Algorithms
2. INTERNET ARCHITECTURE
2.1 Introduction
2.2 Elements of the Architecture
2.2.1 Protocol Layering
2.2.2 Networks
2.2.3 Routers
2.2.4 Autonomous Systems
2.2.5 Addresses and Subnets
2.2.6 IP Multicasting
2.2.7 Unnumbered Lines and Networks and Subnets
2.2.8 Notable Oddities
2.2.8.1 Embedded Routers
2.2.8.2 Transparent Routers
2.3 Router Characteristics
2.4 Architectural Assumptions
3. LINK LAYER
3.1 INTRODUCTION
3.2 LINK/INTERNET LAYER INTERFACE
3.3 SPECIFIC ISSUES
3.3.1 Trailer Encapsulation
3.3.2 Address Resolution Protocol - ARP
3.3.3 Ethernet and 802.3 Coexistence
3.3.4 Maximum Transmission Unit - MTU
3.3.5 Point-to-Point Protocol - PPP
3.3.5.1 Introduction
3.3.5.2 Link Control Protocol (LCP) Options
3.3.5.3 IP Control Protocol (ICP) Options
3.3.6 Interface Testing
4. INTERNET LAYER - PROTOCOLS
4.1 INTRODUCTION
4.2 INTERNET PROTOCOL - IP
4.2.1 INTRODUCTION
4.2.2 PROTOCOL WALK-THROUGH
4.2.2.1 Options: RFC-791 Section 3.2
4.2.2.2 Addresses in Options: RFC-791 Section 3.1
4.2.2.3 Unused IP Header Bits: RFC-791 Section 3.1
4.2.2.4 Type of Service: RFC-791 Section 3.1
4.2.2.5 Header Checksum: RFC-791 Section 3.1
4.2.2.6 Unrecognized Header Options: RFC-791 Section 3.1
4.2.2.7 Fragmentation: RFC-791 Section 3.2
4.2.2.8 Reassembly: RFC-791 Section 3.2
4.2.2.9 Time to Live: RFC-791 Section 3.2
4.2.2.10 Multi-subnet Broadcasts: RFC-922
4.2.2.11 Addressing: RFC-791 Section 3.2
4.2.3 SPECIFIC ISSUES
4.2.3.1 IP Broadcast Addresses
4.2.3.2 IP Multicasting
4.2.3.3 Path MTU Discovery
4.2.3.4 Subnetting
4.3 INTERNET CONTROL MESSAGE PROTOCOL - ICMP
4.3.1 INTRODUCTION
4.3.2 GENERAL ISSUES
4.3.2.1 Unknown Message Types
4.3.2.2 ICMP Message TTL
4.3.2.3 Original Message Header
4.3.2.4 ICMP Message Source Address
4.3.2.5 TOS and Precedence
4.3.2.6 Source Route
4.3.2.7 When Not to Send ICMP Errors
4.3.2.8 Rate Limiting
4.3.3 SPECIFIC ISSUES
4.3.3.1 Destination Unreachable
4.3.3.2 Redirect
4.3.3.3 Source Quench
4.3.3.4 Time Exceeded
4.3.3.5 Parameter Problem
4.3.3.6 Echo Request/Reply
4.3.3.7 Information Request/Reply
4.3.3.8 Timestamp and Timestamp Reply
4.3.3.9 Address Mask Request/Reply
4.3.3.10 Router Advertisement and Solicitations
4.4 INTERNET GROUP MANAGEMENT PROTOCOL - IGMP
5. INTERNET LAYER - FORWARDING
5.1 INTRODUCTION
5.2 FORWARDING WALK-THROUGH
5.2.1 Forwarding Algorithm
5.2.1.1 General
5.2.1.2 Unicast
5.2.1.3 Multicast
5.2.2 IP Header Validation
5.2.3 Local Delivery Decision
5.2.4 Determining the Next Hop Address
5.2.4.1 Immediate Destination Address
5.2.4.2 Local/Remote Decision
5.2.4.3 Next Hop Address
5.2.4.4 Administrative Preference
5.2.4.6 Load Splitting
5.2.5 Unused IP Header Bits: RFC-791 Section 3.1
5.2.6 Fragmentation and Reassembly: RFC-791 Section 3.2
5.2.7 Internet Control Message Protocol - ICMP
5.2.7.1 Destination Unreachable
5.2.7.2 Redirect
5.2.7.3 Time Exceeded
5.2.8 INTERNET GROUP MANAGEMENT PROTOCOL - IGMP
5.3 SPECIFIC ISSUES
5.3.1 Time to Live (TTL)
5.3.2 Type of Service (TOS)
5.3.3 IP Precedence
5.3.3.1 Precedence-Ordered Queue Service
5.3.3.2 Lower Layer Precedence Mappings
5.3.3.3 Precedence Handling For All Routers
5.3.4 Forwarding of Link Layer Broadcasts
5.3.5 Forwarding of Internet Layer Broadcasts
5.3.5.1 Limited Broadcasts
5.3.5.2 Net-directed Broadcasts
5.3.5.3 All-subnets-directed Broadcasts
5.3.5.4 Subnet-directed Broadcasts
5.3.6 Congestion Control
5.3.7 Martian Address Filtering
5.3.8 Source Address Validation
5.3.9 Packet Filtering and Access Lists
5.3.10 Multicast Routing
5.3.11 Controls on Forwarding
5.3.12 State Changes
5.3.12.1 When a Router Ceases Forwarding
5.3.12.2 When a Router Starts Forwarding
5.3.12.3 When an Interface Fails or is Disabled
5.3.12.4 When an Interface is Enabled
5.3.13 IP Options
5.3.13.1 Unrecognized Options
5.3.13.2 Security Option
5.3.13.3 Stream Identifier Option
5.3.13.4 Source Route Options
5.3.13.5 Record Route Option
5.3.13.6 Timestamp Option
6. TRANSPORT LAYER
6.1 USER DATAGRAM PROTOCOL - UDP
6.2 TRANSMISSION CONTROL PROTOCOL - TCP
7. APPLICATION LAYER - ROUTING PROTOCOLS
7.1 INTRODUCTION
7.1.1 Routing Security Considerations
7.1.2 Precedence
7.2 INTERIOR GATEWAY PROTOCOLS
7.2.1 INTRODUCTION
7.2.2 OPEN SHORTEST PATH FIRST - OSPF
7.2.2.1 Introduction
7.2.2.2 Specific Issues
7.2.2.3 New Version of OSPF
10.1 Introduction
10.2 Router Initialization
10.2.1 Minimum Router Configuration
10.2.2 Address and Address Mask Initialization
10.2.3 Network Booting using BOOTP and TFTP
10.3 Operation and Maintenance
10.3.1 Introduction
10.3.2 Out Of Band Access
10.3.2 Router O&M Functions
10.3.2.1 Maintenance - Hardware Diagnosis
10.3.2.2 Control - Dumping and Rebooting
10.3.2.3 Control - Configuring the Router
10.3.2.4 Netbooting of System Software
10.3.2.5 Detecting and responding to misconfiguration
10.3.2.6 Minimizing Disruption
10.3.2.7 Control - Troubleshooting Problems
10.4 Security Considerations
10.4.1 Auditing and Audit Trails
10.4.2 Configuration Control
11. REFERENCES
APPENDIX A. REQUIREMENTS FOR SOURCE-ROUTING HOSTS
APPENDIX B. GLOSSARY
APPENDIX C. FUTURE DIRECTIONS
APPENDIX D. Multicast Routing Protocols
D.1 Introduction
D.2 Distance Vector Multicast Routing Protocol - DVMRP
D.3 Multicast Extensions to OSPF - MOSPF
APPENDIX E Additional Next-Hop Selection Algorithms
E.1. Some Historical Perspective
E.2. Additional Pruning Rules
E.3 Some Route Lookup Algorithms
E.3.1 The Revised Classic Algorithm
E.3.2 The Variant Router Requirements Algorithm
E.3.3 The OSPF Algorithm
E.3.4 The Integrated IS-IS Algorithm
Security Considerations
Acknowledgments
Editor's Address
This memo emulates the layered organization used by [INTRO:2] and [INTRO:3]. Thus, Chapter 2 describes the layers found in the Internet architecture. Chapter 3 covers the Link Layer. Chapters 4 and 5 are concerned with the Internet Layer protocols and forwarding algorithms. Chapter 6 covers the Transport Layer. Upper layer protocols are divided between Chapter 7, which discusses the protocols which routers use to exchange routing information with each other, Chapter 8, which discusses network management, and Chapter 9, which discusses other upper layer protocols. The final chapter covers operations and maintenance features. This organization was chosen for simplicity, clarity, and consistency with the Host Requirements RFCs. Appendices to this memo include a bibliography, a glossary, and some conjectures about future directions of router standards.
In describing the requirements, we assume that an implementation strictly mirrors the layering of the protocols. However, strict layering is an imperfect model, both for the protocol suite and for recommended implementation approaches. Protocols in different layers interact in complex and sometimes subtle ways, and particular functions often involve multiple layers. There are many design choices in an implementation, many of which involve creative breaking of strict layering. Every implementor is urged to read [INTRO:4] and [INTRO:5].
In general, each major section of this memo is organized into the following subsections:
(1) Introduction
(2) Protocol Walk-Through - considers the protocol specification documents section-by-section, correcting errors, stating requirements that may be ambiguous or ill-defined, and providing further clarification or explanation.
(3) Specific Issues - discusses protocol design and
implementation issues that were not included in the walk-
through.
Under many of the individual topics in this memo, there is parenthetical material labeled DISCUSSION or IMPLEMENTATION. This material is intended to give a justification, clarification or
explanation to the preceding requirements text. The
implementation material contains suggested approaches that an
implementor may want to consider. The DISCUSSION and
IMPLEMENTATION sections are not part of the standard.
In this memo, the words that are used to define the significance of each particular requirement are capitalized. These words are:
Some requirements are applicable to all routers. Other requirements are applicable only to those which implement particular features or protocols. In the following paragraphs, Relevant refers to the union of the requirements applicable to all routers and the set of requirements applicable to a particular router because of the set of features and protocols it has implemented.
Note that not all Relevant requirements are stated directly in this memo. Various parts of this memo incorporate by reference sections of the Host Requirements specification, [INTRO:2] and [INTRO:3]. For purposes of determining compliance with this memo, it does not matter whether a Relevant requirement is stated directly in this memo or merely incorporated by reference from one of those documents.
An implementation is said to be conditionally compliant if it satisfies all of the Relevant MUST, MUST IMPLEMENT, and MUST NOT requirements. An implementation is said to be unconditionally compliant if it is conditionally compliant and also satisfies all of the Relevant SHOULD, SHOULD IMPLEMENT, and SHOULD NOT requirements. An implementation is not compliant if it is not conditionally compliant (i.e., it fails to satisfy one or more of the Relevant MUST, MUST IMPLEMENT, or MUST NOT requirements).
For any of the SHOULD and SHOULD NOT requirements, a router may provide a configuration option that will cause the router to act other than as specified by the requirement. Having such a configuration option does not void a router's claim to unconditional compliance as long as the option has a default setting, and that leaving the option at its default setting causes the router to operate in a manner which conforms to the requirement.
Likewise, routers may provide, except where explicitly prohibited by this memo, options which cause them to violate MUST or MUST NOT requirements. A router which provides such options is compliant (either fully or conditionally) if and only if each such option has a default setting which causes the router to conform to the requirements of this memo. Please note that the authors of this memo, although aware of market realities, strongly recommend against provision of such options. Requirements are labeled MUST or MUST NOT because experts in the field have judged them to be particularly important to interoperability or proper functioning in the Internet. Vendors should weigh carefully the customer
support costs of providing options which violate those rules.
Of course, this memo is not a complete specification of an IP router, but rather is closer to what in the OSI world is called a profile. For example, this memo requires that a number of protocols be implemented. Although most of the contents of their protocol specifications are not repeated in this memo, implementors are nonetheless required to implement the protocols according to those specifications.
There are several reference documents of interest in checking the current status of protocol specifications and standardization:
Note that these documents are revised and updated at different times; in case of differences between these documents, the most recent must prevail.
These and other Internet protocol documents may be obtained from the:
The InterNIC
DS.INTERNIC.NET
InterNIC Directory and Database Service
+1 (800) 444-4345 or +1 (619) 445-4600
info@internic.net
There are several important lessons that vendors of Internet software have learned and which a new vendor should consider seriously.
The enormous growth of the Internet has revealed problems of management and scaling in a large datagram-based packet communication system. These problems are being addressed, and as a result there will be continuing evolution of the specifications described in this memo. New routing protocols, algorithms, and architectures are constantly being developed. New and additional internet-layer protocols are also constantly being devised. Because routers play such a crucial role in the Internet, and because the number of routers deployed in the Internet is much smaller than the number of hosts, vendors should expect that router standards will continue to evolve much more quickly than host standards. These changes will be carefully planned and controlled since there is extensive participation in this planning by the vendors and by the organizations responsible for operation of the networks.
Development, evolution, and revision are characteristic of computer network protocols today, and this situation will persist for some years. A vendor who develops computer communications software for the Internet protocol suite (or any other protocol suite!) and then fails to maintain and update that software for changing specifications is going to leave a trail of unhappy customers. The Internet is a large communication network, and the users are in constant contact through it. Experience has shown that knowledge of deficiencies in vendor software propagates quickly through the Internet technical community.
At every layer of the protocols, there is a general rule (from [TRANS:2] by Jon Postel) whose application can lead to enormous benefits in robustness and interoperability:
Be conservative in what you do,
be liberal in what you accept from others.
Software should be written to deal with every conceivable error, no matter how unlikely; sooner or later a packet will come in with that particular combination of errors and attributes, and unless the software is prepared, chaos can ensue. In general, it is best to assume that the network is filled with malevolent entities that will send packets designed to have the worst possible effect. This assumption will lead to suitably protective design. The most serious problems in the Internet have been caused by unforeseen mechanisms triggered by low probability events; mere human malice would never have taken so devious a course!
Adaptability to change must be designed into all levels of router software. As a simple example, consider a protocol specification that contains an enumeration of values for a particular header field - e.g., a type field, a port number, or an error code; this enumeration must be assumed to be incomplete. If the protocol specification defines four possible error codes, the software must not break when a fifth code shows up. An undefined code might be logged, but it must not cause a failure.
The second part of the principle is almost as important: software on hosts or other routers may contain deficiencies that make it unwise to exploit legal but obscure protocol features. It is unwise to stray far from the obvious and simple, lest untoward effects result elsewhere. A corollary of this is watch out for misbehaving hosts; router software should be prepared to survive in the presence of misbehaving hosts. An important function of routers in the Internet is to limit the amount of disruption such hosts can inflict on the shared communication facility.
The Internet includes a great variety of systems, each implementing many protocols and protocol layers, and some of these contain bugs and misfeatures in their Internet protocol software. As a result of complexity, diversity, and distribution of function, the diagnosis of problems is often very difficult.
Problem diagnosis will be aided if routers include a carefully designed facility for logging erroneous or strange events. It is important to include as much diagnostic information as possible when an error is logged. In particular, it is often useful to record the header(s) of a packet that caused an error. However, care must be taken to ensure that error logging does not consume prohibitive amounts of resources or otherwise interfere with the operation of the router.
There is a tendency for abnormal but harmless protocol events to
overflow error logging files; this can be avoided by using a
circular log, or by enabling logging only while diagnosing a known
failure. It may be useful to filter and count duplicate
successive messages. One strategy that seems to work well is to
both:
This topic is further discussed in [MGT:5].
In an ideal world, routers would be easy to configure, and perhaps even entirely self-configuring. However, practical experience in the real world suggests that this is an impossible goal, and that in fact many attempts by vendors to make configuration easy actually cause customers more grief than they prevent. As an extreme example, a router designed to come up and start routing packets without requiring any configuration information at all would almost certainly choose some incorrect parameter, possibly causing serious problems on any networks unfortunate enough to be connected to it.
Often this memo requires that a parameter be a configurable option. There are several reasons for this. In a few cases there currently is some uncertainty or disagreement about the best value and it may be necessary to update the recommended value in the future. In other cases, the value really depends on external factors - e.g., the distribution of its communication load, or the speeds and topology of nearby networks - and self-tuning algorithms are unavailable and may be insufficient. In some cases, configurability is needed because of administrative requirements.
Finally, some configuration options are required to communicate with obsolete or incorrect implementations of the protocols, distributed without sources, that persist in many parts of the Internet. To make correct systems coexist with these faulty systems, administrators must occasionally misconfigure the correct systems. This problem will correct itself gradually as the faulty systems are retired, but cannot be ignored by vendors.
When we say that a parameter must be configurable, we do not intend to require that its value be explicitly read from a configuration file at every boot time. For many parameters, there is one value that is appropriate for all but the most unusual situations. In such cases, it is quite reasonable that the parameter default to that value if not explicitly set.
This memo requires a particular value for such defaults in some cases. The choice of default is a sensitive issue when the configuration item controls accommodation of existing, faulty, systems. If the Internet is to converge successfully to complete interoperability, the default values built into implementations must implement the official protocol, not misconfigurations to accommodate faulty implementations. Although marketing considerations have led some vendors to choose misconfiguration defaults, we urge vendors to choose defaults that will conform to the standard.
Finally, we note that a vendor needs to provide adequate documentation on all configuration parameters, their limits and effects.
In several places in this memo, specific algorithms that a router ought to follow are specified. These algorithms are not, per se, required of the router. A router need not implement each algorithm as it is written in this document. Rather, an implementation must present a behavior to the external world that is the same as a strict, literal, implementation of the specified algorithm.
Algorithms are described in a manner that differs from the way a good implementor would implement them. For expository purposes, a style that emphasizes conciseness, clarity, and independence from implementation details has been chosen. A good implementor will choose algorithms and implementation methods which produce the same results as these algorithms, but may be more efficient or less general.
We note that the art of efficient router implementation is outside of the scope of this memo.
The Internet system consists of a number of interconnected packet networks supporting communication among host computers using the Internet protocols. These protocols include the Internet Protocol (IP), the Internet Control Message Protocol (ICMP), the Internet Group Management Protocol (IGMP), and a variety transport and application protocols that depend upon them. As was described in Section [1.2], the Internet Engineering Steering Group periodically releases an Official Protocols memo listing all of the Internet protocols.
All Internet protocols use IP as the basic data transport mechanism. IP is a datagram, or connectionless, internetwork service and includes provision for addressing, type-of-service specification, fragmentation and reassembly, and security. ICMP and IGMP are considered integral parts of IP, although they are architecturally layered upon IP. ICMP provides error reporting, flow control, first-hop router redirection, and other maintenance and control functions. IGMP provides the mechanisms by which hosts and routers can join and leave IP multicast groups.
Reliable data delivery is provided in the Internet protocol suite by Transport Layer protocols such as the Transmission Control Protocol (TCP), which provides end-end retransmission, resequencing and connection control. Transport Layer connectionless service is provided by the User Datagram Protocol (UDP).
To communicate using the Internet system, a host must implement the layered set of protocols comprising the Internet protocol suite. A host typically must implement at least one protocol from each layer.
The protocol layers used in the Internet architecture are as follows [ARCH:7]:
We distinguish two categories of application layer protocols: user protocols that provide service directly to users, and support protocols that provide common system functions. The most common Internet user protocols are:
- Telnet (remote login)
- FTP (file transfer)
- SMTP (electronic mail delivery)
There are a number of other standardized user protocols and many private user protocols.
Support protocols, used for host name mapping, booting, and management, include SNMP, BOOTP, TFTP, the Domain Name System (DNS) protocol, and a variety of routing protocols.
Application Layer protocols relevant to routers are discussed in chapters 7, 8, and 9 of this memo.
There are two primary Transport Layer protocols at present:
- Transmission Control Protocol (TCP)
- User Datagram Protocol (UDP)
TCP is a reliable connection-oriented transport service that provides end-to-end reliability, resequencing, and flow control. UDP is a connectionless (datagram) transport service. Other transport protocols have been developed by the research community, and the set of official Internet transport protocols may be expanded in the future.
Transport Layer protocols relevant to routers are discussed in Chapter 6.
The datagram or connectionless nature of IP is a fundamental and characteristic feature of the Internet architecture.
The Internet Control Message Protocol (ICMP) is a control protocol that is considered to be an integral part of IP, although it is architecturally layered upon IP, i.e., it uses IP to carry its data end-to-end. ICMP provides error reporting, congestion reporting, and first-hop router redirection.
The Internet Group Management Protocol (IGMP) is an Internet layer protocol used for establishing dynamic host groups for IP multicasting.
The Internet layer protocols IP, ICMP, and IGMP are discussed in chapter 4.
Some older Internet documents refer to this layer as the Network Layer, but it is not the same as the Network Layer in the OSI Reference Model.
This layer contains everything below the Internet Layer.
Protocols in this Layer are generally outside the scope of Internet standardization; the Internet (intentionally) uses existing standards whenever possible. Thus, Internet Link Layer standards usually address only address resolution and rules for transmitting IP packets over specific Link Layer protocols. Internet Link Layer standards are discussed in chapter 3.
The constituent networks of the Internet system are required to provide only packet (connectionless) transport. According to the IP service specification, datagrams can be delivered out of order, be lost or duplicated, and/or contain errors.
For reasonable performance of the protocols that use IP (e.g., TCP), the loss rate of the network should be very low. In networks providing connection-oriented service, the extra reliability provided by virtual circuits enhances the end-end robustness of the system, but is not necessary for Internet operation.
Constituent networks may generally be divided into two classes:
In the Internet model, constituent networks are connected together by IP datagram forwarders which are called routers or IP routers. In this document, every use of the term router is equivalent to IP router. Many older Internet documents refer to routers as gateways.
Historically, routers have been realized with packet-switching software executing on a general-purpose CPU. However, as custom hardware development becomes cheaper and as higher throughput is required, but special-purpose hardware is becoming increasingly common. This specification applies to routers regardless of how they are implemented.
A router is connected to two or more networks, appearing to each of these networks as a connected host. Thus, it has (at least) one physical interface and (at least) one IP address on each of the connected networks (this ignores the concept of un-numbered links, which is discussed in section [2.2.7]). Forwarding an IP datagram generally requires the router to choose the address of the next-hop router or (for the final hop) the destination host. This choice, called routing, depends upon a routing database within the router. The routing database is also sometimes known as a routing table or forwarding table.
The routing database should be maintained dynamically to reflect the current topology of the Internet system. A router normally accomplishes this by participating in distributed routing and reachability algorithms with other routers.
Routers provide datagram transport only, and they seek to minimize the state information necessary to sustain this service in the interest of routing flexibility and robustness.
Packet switching devices may also operate at the Link Layer; such devices are usually called bridges. Network segments which are connected by bridges share the same IP network number, i.e., they logically form a single IP network. These other devices are outside of the scope of this document.
Another variation on the simple model of networks connected with routers sometimes occurs: a set of routers may be interconnected with only serial lines, to form a network in which the packet switching is performed at the Internetwork (IP) Layer rather than the Link Layer.
For technical, managerial, and sometimes political reasons, the routers of the Internet system are grouped into collections called autonomous systems. The routers included in a single autonomous system (AS) are expected to:
A number of different dynamic routing protocols have been developed (see Section [7.2]); the routing protocol within a single AS is generically called an interior gateway protocol or IGP.
An IP datagram may have to traverse the routers of two or more ASs to reach its destination, and the ASs must provide each other with topology information to allow such forwarding. An exterior gateway protocol (generally BGP or EGP) is used for this purpose.
An IP datagram carries 32-bit source and destination addresses, each of which is partitioned into two parts - a constituent network number and a host number on that network. Symbolically:
IP-address ::= { <Network-number>, <Host-number> }
To finally deliver the datagram, the last router in its path must map the Host-number (or rest) part of an IP address into the physical address of a host connection to the constituent network.
This simple notion has been extended by the concept of subnets, which were introduced in order to allow arbitrary complexity of interconnected LAN structures within an organization, while insulating the Internet system against explosive growth in network numbers and routing complexity. Subnets essentially provide a multi-level hierarchical routing structure for the Internet system. The subnet extension, described in [INTERNET:2], is now a required part of the Internet architecture. The basic idea is to partition the <Host-number> field into two parts: a subnet number, and a true host number on that subnet:
IP-address ::=
{ <Network-number>, <Subnet-number>, <Host-number> }
The interconnected physical networks within an organization will be given the same network number but different subnet numbers. The distinction between the subnets of such a subnetted network is normally not visible outside of that network. Thus, routing in the rest of the Internet will be based only upon the <Network- number> part of the IP destination address; routers outside the network will combine <Subnet-number> and <Host-number> together to form an uninterpreted rest part of the 32-bit IP address. Within the subnetted network, the routers must route on the basis of an extended network number:
{ <Network-number>, <Subnet-number> }
Under certain circumstances, it may be desirable to support subnets of a particular network being interconnected only via a path which is not part of the subnetted network. Even though many IGP's and no EGP's currently support this configuration effectively, routers need to be able to support this configuration of subnetting (see Section [4.2.3.4]). In general, routers should not make assumptions about what are subnets and what are not, but simply ignore the concept of Class in networks, and treat each route as a { network, mask }-tuple.
DISCUSSION:
It is becoming clear that as the Internet grows larger and
larger, the traditional uses of Class A, B, and C networks will
be modified in order to achieve better use of IP's 32-bit
address space. Classless Interdomain Routing (CIDR)
[INTERNET:15] is a method currently being deployed in the
Internet backbones to achieve this added efficiency. CIDR
depends on the ability of assigning and routing to networks
that are not based on Class A, B, or C networks. Thus, routers
should always treat a route as a network with a mask.
Furthermore, for similar reasons, a subnetted network need not have a consistent subnet mask through all parts of the network. For example, one subnet may use an 8 bit subnet mask, another 10 bit, and another 6 bit. Routers need to be able to support this type of configuration (see Section [4.2.3.4]).
The bit positions containing this extended network number are indicated by a 32-bit mask called the subnet mask; it is recommended but not required that the <Subnet-number> bits be contiguous and fall between the <Network-number> and the <Host- number> fields. No subnet should be assigned the value zero or -1
(all one bits).
Although the inventors of the subnet mechanism probably expected that each piece of an organization's network would have only a single subnet number, in practice it has often proven necessary or useful to have several subnets share a single physical cable.
There are special considerations for the router when a connected network provides a broadcast or multicast capability; these will be discussed later.
IP multicasting is an extension of Link Layer multicast to IP internets. Using IP multicasts, a single datagram can be addressed to multiple hosts. This collection of hosts is called a multicast group. Each multicast group is represented as a Class D IP address. An IP datagram sent to the group is to be delivered to each group member with the same best-effort delivery as that provided for unicast IP traffic. The sender of the datagram does not itself need to be a member of the destination group.
The semantics of IP multicast group membership are defined in [INTERNET:4]. That document describes how hosts and routers join and leave multicast groups. It also defines a protocol, the Internet Group Management Protocol (IGMP), that monitors IP multicast group membership.
Forwarding of IP multicast datagrams is accomplished either through static routing information or via a multicast routing protocol. Devices that forward IP multicast datagrams are called multicast routers. They may or may not also forward IP unicasts. In general, multicast datagrams are forwarded on the basis of both their source and destination addresses. Forwarding of IP multicast packets is described in more detail in Section [5.2.1]. Appendix D discusses multicast routing protocols.
Traditionally, each network interface on an IP host or router has its own IP address. Over the years, people have observed that this can cause inefficient use of the scarce IP address space, since it forces allocation of an IP network number, or at least a subnet number, to every point-to-point link.
To solve this problem, a number of people have proposed and implemented the concept of unnumbered serial lines. An unnumbered
serial line does not have any IP network or subnet number associated with it. As a consequence, the network interfaces connected to an unnumbered serial line do not have IP addresses.
Because the IP architecture has traditionally assumed that all interfaces had IP addresses, these unnumbered interfaces cause some interesting dilemmas. For example, some IP options (e.g. Record Route) specify that a router must insert the interface address into the option, but an unnumbered interface has no IP address. Even more fundamental (as we shall see in chapter 5) is that routes contain the IP address of the next hop router. A router expects that that IP address will be on an IP (sub)net that the router is connected to. That assumption is of course violated if the only connection is an unnumbered serial line.
To get around these difficulties, two schemes have been invented. The first scheme says that two routers connected by an unnumbered serial line aren't really two routers at all, but rather two half-routers which together make up a single (virtual) router. The unnumbered serial line is essentially considered to be an internal bus in the virtual router. The two halves of the virtual router must coordinate their activities in such a way that they act exactly like a single router.
This scheme fits in well with the IP architecture, but suffers from two important drawbacks. The first is that, although it handles the common case of a single unnumbered serial line, it is not readily extensible to handle the case of a mesh of routers and unnumbered serial lines. The second drawback is that the interactions between the half routers are necessarily complex and are not standardized, effectively precluding the connection of equipment from different vendors using unnumbered serial lines.
Because of these drawbacks, this memo has adopted an alternative scheme, which has been invented multiple times but which is probably originally attributable to Phil Karn. In this scheme, a router which has unnumbered serial lines also has a special IP address, called a router-id in this memo. The router-id is one of the router's IP addresses (a router is required to have at least one IP address). This router-id is used as if it is the IP address of all unnumbered interfaces.
A router may be a stand-alone computer system, dedicated to its IP router functions. Alternatively, it is possible to embed router functions within a host operating system which supports connections to two or more networks. The best-known example of an operating system with embedded router code is the Berkeley BSD system. The embedded router feature seems to make internetting easy, but it has a number of hidden pitfalls:
(1) If a host has only a single constituent-network interface, it should not act as a router.
For example, hosts with embedded router code that gratuitously forward broadcast packets or datagrams on the same net often cause packet avalanches.
(2) If a (multihomed) host acts as a router, it must implement ALL the relevant router requirements contained in this document.
For example, the routing protocol issues and the router control and monitoring problems are as hard and important for embedded routers as for stand-alone routers.
Since Internet router requirements and specifications may change independently of operating system changes, an administration that operates an embedded router in the Internet is strongly advised to have the ability to maintain and update the router code (e.g., this might require router code source).
(3) Once a host runs embedded router code, it becomes part of the Internet system. Thus, errors in software or configuration can hinder communication between other hosts. As a consequence, the host administrator must lose some autonomy.
In many circumstances, a host administrator will need to disable router code embedded in the operating system, and any embedded router code must be organized so that it can be easily disabled.
(4) If a host running embedded router code is concurrently
used for other services, the O&M (Operation and Maintenance) requirements for the two modes of use may be in serious conflict.
For example, router O&M will in many cases be performed remotely by an operations center; this may require privileged system access which the host administrator would not normally want to distribute.
There are two basic models for interconnecting local-area networks and wide-area (or long-haul) networks in the Internet. In the first, the local-area network is assigned a network number and all routers in the Internet must know how to route to that network. In the second, the local-area network shares (a small part of) the address space of the wide-area network. Routers that support this second model are called address sharing routers or transparent routers. The focus of this memo is on routers that support the first model, but this is not intended to exclude the use of transparent routers.
The basic idea of a transparent router is that the hosts on the local-area network behind such a router share the address space of the wide-area network in front of the router. In certain situations this is a very useful approach and the limitations do not present significant drawbacks.
The words in front and behind indicate one of the limitations of this approach: this model of interconnection is suitable only for a geographically (and topologically) limited stub environment. It requires that there be some form of logical addressing in the network level addressing of the wide-area network. All of the IP addresses in the local environment map to a few (usually one) physical address in the wide-area network. This mapping occurs in a way consistent with the { IP address <-> network address } mapping used throughout the wide-area network.
Multihoming is possible on one wide-area network, but may present routing problems if the interfaces are geographically or topologically separated. Multihoming on two (or more) wide-area networks is a problem due to the confusion of addresses.
The behavior that hosts see from other hosts in what is apparently the same network may differ if the transparent
router cannot fully emulate the normal wide-area network service. For example, the ARPANET used a Link Layer protocol that provided a Destination Dead indication in response to an attempt to send to a host which was powered off. However, if there were a transparent router between the ARPANET and an Ethernet, a host on the ARPANET would not receive a Destination Dead indication if it sent a datagram to a host that was powered off and was connected to the ARPANET via the transparent router instead of directly.
An Internet router performs the following functions:
(1) Conforms to specific Internet protocols specified in this document, including the Internet Protocol (IP), Internet Control Message Protocol (ICMP), and others as necessary.
(2) Interfaces to two or more packet networks. For each connected network the router must implement the functions required by that network. These functions typically include:
See chapter 3 (Link Layer).
(3) Receives and forwards Internet datagrams. Important issues in this process are buffer management, congestion control, and fairness.
See chapter 4 (Internet Layer - Protocols) and chapter 5 (Internet Layer - Forwarding) for more information.
(4) Chooses a next-hop destination for each IP datagram, based on the information in its routing database. See chapter 5 (Internet Layer - Forwarding) for more information.
(5) (Usually) supports an interior gateway protocol (IGP) to carry out distributed routing and reachability algorithms with the other routers in the same autonomous system. In addition, some routers will need to support an exterior gateway protocol (EGP) to exchange topological information with other autonomous systems. See chapter 7 (Application Layer - Routing Protocols) for more information.
(6) Provides network management and system support facilities, including loading, debugging, status reporting, exception reporting and control. See chapter 8 (Application Layer - Network Management Protocols) and chapter 10 (Operation and Maintenance) for more information.
A router vendor will have many choices on power, complexity, and features for a particular router product. It may be helpful to observe that the Internet system is neither homogeneous nor fully- connected. For reasons of technology and geography it is growing into a global interconnect system plus a fringe of LANs around the edge. More and more these fringe LANs are becoming richly interconnected, thus making them less out on the fringe and more demanding on router requirements.
Routers in the global interconnect system generally require:
These routers need routing algorithms which are highly dynamic and also offer type-of-service routing. Congestion is still not a completely resolved issue (see Section [5.3.6]). Improvements in these areas are expected, as the research community is actively working on these issues.
These routers need to be highly reliable, providing 24 hours a day, 7 days a week service. Equipment and software faults can have a wide-spread (sometimes global) effect. In case of failure, they must recover quickly. In any environment, a router must be highly robust and able to operate, possibly in a degraded state, under conditions of extreme congestion or failure of network resources.
Internet routers normally operate in an unattended mode. They will typically be operated remotely from a centralized monitoring center. They need to provide sophisticated means for monitoring and measuring traffic and other events and for diagnosing faults.
Long-haul lines in the Internet today are most frequently 56 Kbps, DS1 (1.4Mbps), and DS3 (45Mbps) speeds. LANs are typically Ethernet (10Mbps) and, to a lesser degree, FDDI (100Mbps). However, network media technology is constantly advancing and even higher speeds are likely in the future. Full-duplex operation is provided at all of these speeds.
The requirements for routers used in the LAN fringe (e.g., campus networks) depend greatly on the demands of the local networks. These may be high or medium-performance devices, probably competitively procured from several different vendors and operated by an internal organization (e.g., a campus computing center). The design of these routers should emphasize low average latency and good burst performance, together with delay and type-of-service sensitive resource management. In this environment there may be less formal O&M but it will not be less important. The need for the routing mechanism to be highly dynamic will become more important as networks become more complex and interconnected. Users will demand more out of their local connections because of the speed of the global interconnects.
As networks have grown, and as more networks have become old enough
that they are phasing out older equipment, it has become increasingly imperative that routers interoperate with routers from other vendors.
Even though the Internet system is not fully interconnected, many
parts of the system need to have redundant connectivity. Rich
connectivity allows reliable service despite failures of
communication lines and routers, and it can also improve service by
shortening Internet paths and by providing additional capacity.
Unfortunately, this richer topology can make it much more difficult
to choose the best path to a particular destination.
The current Internet architecture is based on a set of assumptions about the communication system. The assumptions most relevant to routers are as follows:
Each host is directly connected to some particular network(s); its connection to the Internet is only conceptual. Two hosts on the same network communicate with each other using the same set of protocols that they would use to communicate with hosts on distant networks.
To improve the robustness of the communication system, routers are designed to be stateless, forwarding each IP packet independently of other packets. As a result, redundant paths can be exploited to provide robust service in spite of failures of intervening routers and networks.
All state information required for end-to-end flow control and reliability is implemented in the hosts, in the transport layer or in application programs. All connection control information is thus co-located with the end points of the communication, so it will be lost only if an end point fails. Routers effect flow control only indirectly, by dropping packets or increasing network delay.
Note that future protocol developments may well end up putting some more state into routers. This is especially likely for resource reservation and flows.
Routing is a complex and difficult problem, and ought to be performed by the routers, not the hosts. An important objective is to insulate host software from changes caused by the inevitable evolution of the Internet routing architecture.
A basic objective of the Internet design is to tolerate a wide range of network characteristics - e.g., bandwidth, delay, packet loss, packet reordering, and maximum packet size. Another objective is robustness against failure of individual networks, routers, and hosts, using whatever bandwidth is still available. Finally, the goal is full open system interconnection: an Internet router must be able to interoperate robustly and effectively with any other router or Internet host, across diverse Internet paths.
Sometimes implementors have designed for less ambitious goals. For example, the LAN environment is typically much more benign than the Internet as a whole; LANs have low packet loss and delay and do not reorder packets. Some vendors have fielded implementations that are adequate for a simple LAN environment, but work badly for general interoperation. The vendor justifies such a product as being economical within the restricted LAN market. However, isolated LANs seldom stay isolated for long; they are soon connected to each other, to organization-wide internets, and eventually to the global Internet system. In the end, neither the customer nor the vendor is served by incomplete or substandard routers.
The requirements spelled out in this document are designed for a full-function router. It is intended that fully compliant routers will be usable in almost any part of the Internet.
Routers have essentially the same Link Layer protocol requirements as other sorts of Internet systems. These requirements are given in chapter 3 of Requirements for Internet Gateways [INTRO:1]. A router MUST comply with its requirements and SHOULD comply with its recommendations. Since some of the material in that document has become somewhat dated, some additional requirements and explanations are included below.
DISCUSSION:
It is expected that the Internet community will produce a
Requirements for Internet Link Layer standard which will supersede
both this chapter and chapter 3 of [INTRO:1].
Although this document does not attempt to specify the interface between the Link Layer and the upper layers, it is worth noting here that other parts of this document, particularly chapter 5, require various sorts of information to be passed across this layer boundary.
This section uses the following definitions:
The source physical address is the Link Layer address of the host or router from which the packet was received.
The destination physical address is the Link Layer address to which the packet was sent.
The information that must pass from the Link Layer to the Internetwork Layer for each received packet is:
(1) The IP packet [5.2.2],
(2) The length of the data portion (i.e., not including the Link- Layer framing) of the Link Layer frame [5.2.2],
(3) The identity of the physical interface from which the IP packet was received [5.2.3], and
(4) The classification of the packet's destination physical address as a Link Layer unicast, broadcast, or multicast [4.3.2], [5.3.4].
In addition, the Link Layer also should provide:
(5) The source physical address.
The information that must pass from the Internetwork Layer to the Link Layer for each transmitted packet is:
(1) The IP packet [5.2.1]
(2) The length of the IP packet [5.2.1]
(3) The destination physical interface [5.2.1]
(4) The next hop IP address [5.2.1]
In addition, the Internetwork Layer also should provide:
(5) The Link Layer priority value [5.3.3.2]
The Link Layer must also notify the Internetwork Layer if the packet to be transmitted causes a Link Layer precedence-related error [5.3.3.3].
Routers which can connect to 10Mb Ethernets MAY be able to receive and forward Ethernet packets encapsulated using the trailer encapsulation described in [LINK:1]. However, a router SHOULD NOT originate trailer encapsulated packets. A router MUST NOT originate trailer encapsulated packets without first verifying, using the mechanism described in section 2.3.1 of [INTRO:2], that the immediate destination of the packet is willing and able to
accept trailer-encapsulated packets. A router SHOULD NOT agree (using these same mechanisms) to accept trailer-encapsulated packets.
Routers which implement ARP MUST be compliant and SHOULD be unconditionally compliant with the requirements in section 2.3.2 of [INTRO:2].
The link layer MUST NOT report a Destination Unreachable error to IP solely because there is no ARP cache entry for a destination.
A router MUST not believe any ARP reply which claims that the Link Layer address of another host or router is a broadcast or multicast address.
Routers which can connect to 10Mb Ethernets MUST be compliant and SHOULD be unconditionally compliant with the requirements of Section [2.3.3] of [INTRO:2].
The MTU of each logical interface MUST be configurable.
Many Link Layer protocols define a maximum frame size that may be sent. In such cases, a router MUST NOT allow an MTU to be set which would allow sending of frames larger than those allowed by the Link Layer protocol. However, a router SHOULD be willing to receive a packet as large as the maximum frame size even if that is larger than the MTU.
DISCUSSION:
Note that this is a stricter requirement than imposed on hosts
by [INTRO:2], which requires that the MTU of each physical
interface be configurable.
If a network is using an MTU smaller than the maximum frame size for the Link Layer, a router may receive packets larger than the MTU from hosts which are in the process of initializing themselves, or which have been misconfigured.
In general, the Robustness Principle indicates that these packets should be successfully received, if at all possible.
Contrary to [INTRO:1], the Internet does have a standard serial line protocol: the Point-to-Point Protocol (PPP), defined in [LINK:2], [LINK:3], [LINK:4], and [LINK:5].
A serial line interface is any interface which is designed to send data over a telephone, leased, dedicated or direct line (either 2 or 4 wire) using a standardized modem or bit serial interface (such as RS-232, RS-449 or V.35), using either synchronous or asynchronous clocking.
A general purpose serial interface is a serial line interface which is not solely for use as an access line to a network for which an alternative IP link layer specification exists (such as X.25 or Frame Relay).
Routers which contain such general purpose serial interfaces MUST implement PPP.
PPP MUST be supported on all general purpose serial interfaces on a router. The router MAY allow the line to be configured to use serial line protocols other than PPP, all general purpose serial interfaces MUST default to using PPP.
This section provides guidelines to router implementors so that they can ensure interoperability with other routers using PPP over either synchronous or asynchronous links.
It is critical that an implementor understand the semantics of the option negotiation mechanism. Options are a means for a local device to indicate to a remote peer what the local device will *accept* from the remote peer, not what it wishes to send. It is up to the remote peer to decide what is most convenient to send within the confines of the set of options that the local device has stated that it can accept. Therefore it is perfectly acceptable and normal for a remote peer to ACK all the options indicated in an LCP Configuration Request (CR) even if the remote peer does not support any of those options. Again, the options are simply a mechanism for either device to indicate to its peer what it will accept, not necessarily what it will send.
The PPP Link Control Protocol (LCP) offers a number of options that may be negotiated. These options include (among others) address and control field compression, protocol field compression, asynchronous character map, Maximum Receive Unit (MRU), Link Quality Monitoring (LQM), magic number (for loopback detection), Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and the 32-bit Frame Check Sequence (FCS).
A router MAY do address/control field compression on either synchronous or asynchronous links. A router MAY do protocol field compression on either synchronous or asynchronous links. A router MAY indicate that it can accept these compressions, but MUST be able to accept uncompressed PPP header information even if it has indicated a willingness to receive compressed PPP headers.
DISCUSSION:
These options control the appearance of the PPP header.
Normally the PPP header consists of the address field (one
byte containing the value 0xff), the control field (one byte
containing the value 0x03), and the two-byte protocol field
that identifies the contents of the data area of the frame.
If a system negotiates address and control field compression
it indicates to its peer that it will accept PPP frames that
have or do not have these fields at the front of the header.
It does not indicate that it will be sending frames with
these fields removed. The protocol field may also be
compressed from two to one byte in most cases.
IMPLEMENTATION:
Some hardware does not deal well with variable length header
information. In those cases it makes most sense for the
remote peer to send the full PPP header. Implementations
may ensure this by not sending the address/control field and
protocol field compression options to the remote peer. Even
if the remote peer has indicated an ability to receive
compressed headers there is no requirement for the local
router to send compressed headers.
A router MUST negotiate the Async Control Character Map (ACCM) for asynchronous PPP links, but SHOULD NOT negotiate the ACCM for synchronous links. If a router receives an attempt to negotiate the ACCM over a synchronous link, it MUST ACKnowledge
the option and then ignore it.
DISCUSSION:
There are implementations that offer both sync and async
modes of operation and may use the same code to implement
the option negotiation. In this situation it is possible
that one end or the other may send the ACCM option on a
synchronous link.
A router SHOULD properly negotiate the maximum receive unit (MRU). Even if a system negotiates an MRU smaller than 1,500 bytes, it MUST be able to receive a 1,500 byte frame.
A router SHOULD negotiate and enable the link quality monitoring (LQM) option.
DISCUSSION:
This memo does not specify a policy for deciding whether the
link's quality is adequate. However, it is important (see
Section [3.3.6]) that a router disable failed links.
A router SHOULD implement and negotiate the magic number option for loopback detection.
A router MAY support the authentication options (PAP - password authentication protocol, and/or CHAP - challenge handshake authentication protocol).
A router MUST support 16-bit CRC frame check sequence (FCS) and MAY support the 32-bit CRC.
A router MAY offer to perform IP address negotiation. A router MUST accept a refusal (REJect) to perform IP address negotiation from the peer.
A router SHOULD NOT perform Van Jacobson header compression of TCP/IP packets if the link speed is in excess of 64 Kbps. Below that speed the router MAY perform Van Jacobson (VJ) header compression. At link speeds of 19,200 bps or less the router SHOULD perform VJ header compression.
A router MUST have a mechanism to allow routing software to determine whether a physical interface is available to send packets or not. A router SHOULD have a mechanism to allow routing software to judge the quality of a physical interface. A router MUST have a mechanism for informing the routing software when a physical interface becomes available or unavailable to send packets because of administrative action. A router MUST have a mechanism for informing the routing software when it detects a Link level interface has become available or unavailable, for any reason.
DISCUSSION:
It is crucial that routers have workable mechanisms for
determining that their network connections are functioning
properly, since failure to do so (or failure to take the proper
actions when a problem is detected) can lead to black holes.
The mechanisms available for detecting problems with network connections vary considerably, depending on the Link Layer protocols in use and also in some cases on the interface hardware chosen by the router manufacturer. The intent is to maximize the capability to detect failures within the Link- Layer constraints.
This chapter and chapter 5 discuss the protocols used at the Internet Layer: IP, ICMP, and IGMP. Since forwarding is obviously a crucial topic in a document discussing routers, chapter 5 limits itself to the aspects of the protocols which directly relate to forwarding. The current chapter contains the remainder of the discussion of the Internet Layer protocols.
Routers MUST implement the IP protocol, as defined by
[INTERNET:1]. They MUST also implement its mandatory extensions:
subnets (defined in [INTERNET:2]), and IP broadcast (defined in
[INTERNET:3]).
A router MUST be compliant, and SHOULD be unconditionally compliant, with the requirements of sections 3.2.1 and 3.3 of [INTRO:2], except that:
In the following, the action specified in certain cases is to silently discard a received datagram. This means that the datagram will be discarded without further processing and that the
router will not send any ICMP error message (see Section [4.3]) as a result. However, for diagnosis of problems a router SHOULD provide the capability of logging the error (see Section [1.3.3]), including the contents of the silently-discarded datagram, and SHOULD record the event in a statistics counter.
RFC 791 is [INTERNET:1], the specification for the Internet Protocol.
In datagrams received by the router itself, the IP layer MUST interpret those IP options that it understands and preserve the rest unchanged for use by higher layer protocols.
Higher layer protocols may require the ability to set IP options in datagrams they send or examine IP options in datagrams they receive. Later sections of this document discuss specific IP option support required by higher layer protocols.
DISCUSSION:
Neither this memo nor [INTRO:2] define the order in which a
receiver must process multiple options in the same IP
header. Hosts and routers originating datagrams containing
multiple options must be aware that this introduces an
ambiguity in the meaning of certain options when combined
with a source-route option.
Here are the requirements for specific IP options:
(a) Security Option
Some environments require the Security option in every packet originated or received. Routers SHOULD IMPLEMENT the revised security option described in [INTERNET:5].
DISCUSSION:
Note that the security options described in
[INTERNET:1] and RFC 1038 ([INTERNET:16]) are obsolete.
(b) Stream Identifier Option
This option is obsolete; routers SHOULD NOT place this option in a datagram that the router originates. This
option MUST be ignored in datagrams received by the router.
(c) Source Route Options
A router MUST be able to act as the final destination of a source route. If a router receives a packet containing a completed source route (i.e., the pointer points beyond the last field and the destination address in the IP header addresses the router), the packet has reached its final destination; the option as received (the recorded route) MUST be passed up to the transport layer (or to ICMP message processing).
In order to respond correctly to source-routed datagrams it receives, a router MUST provide a means whereby transport protocols and applications can reverse the source route in a received datagram and insert the reversed source route into datagrams they originate (see Section 4 of [INTRO:2] for details).
Some applications in the router MAY require that the user be able to enter a source route.
A router MUST NOT originate a datagram containing multiple source route options. What a router should do if asked to forward a packet containing multiple source route options is described in Section [5.2.4.1].
When a source route option is created, it MUST be correctly formed even if it is being created by reversing a recorded route that erroneously includes the source host (see case (B) in the discussion below).
DISCUSSION:
Suppose a source routed datagram is to be routed from
source S to destination D via routers G1, G2, ... Gn.
Source S constructs a datagram with G1's IP address as
its destination address, and a source route option to
get the datagram the rest of the way to its
destination. However, there is an ambiguity in the
specification over whether the source route option in a
datagram sent out by S should be (A) or (B):
(A): {>>G2, G3, ... Gn, D} <--- CORRECT
(B): {S, >>G2, G3, ... Gn, D} <---- WRONG
(where >> represents the pointer). If (A) is sent, the datagram received at D will contain the option: {G1, G2, ... Gn >>}, with S and D as the IP source and destination addresses. If (B) were sent, the datagram received at D would again contain S and D as the same IP source and destination addresses, but the option would be: {S, G1, ...Gn >>}; i.e., the originating host would be the first hop in the route.
(d) Record Route Option
Routers MAY support the Record Route option in datagrams originated by the router.
(e) Timestamp Option
Routers MAY support the timestamp option in datagrams originated by the router. The following rules apply:
- Its Internet address fields are not pre-specified or
- Its first pre-specified address is the IP address of
the logical interface over which the datagram is
being sent (or the router's router-id if the
datagram is being sent over an unnumbered
interface).
IMPLEMENTATION:
To maximize the utility of the timestamps contained in
the timestamp option, it is suggested that the
timestamp inserted be, as nearly as practical, the time
at which the packet arrived at the router. For
datagrams originated by the router, the timestamp
inserted should be, as nearly as practical, the time at
which the datagram was passed to the Link Layer for
transmission.
When a router inserts its address into a Record Route, Strict Source and Record Route, Loose Source and Record Route, or Timestamp, it MUST use the IP address of the logical interface on which the packet is being sent. Where this rule cannot be obeyed because the output interface has no IP address (i.e., is an unnumbered interface), the router MUST instead insert its router-id. The router's router-id is one of the router's IP addresses. Which of the router's addresses is used as the router-id MUST NOT change (even across reboots) unless changed by the network manager or unless the configuration of the router is changed such that the IP address used as the router- id ceases to be one of the router's IP addresses. Routers with multiple unnumbered interfaces MAY have multiple router-id's. Each unnumbered interface MUST be associated with a particular router-id. This association MUST NOT change (even across reboots) without reconfiguration of the router.
DISCUSSION:
This specification does not allow for routers which do not
have at least one IP address. We do not view this as a
serious limitation, since a router needs an IP address to
meet the manageability requirements of Chapter [8] even if
the router is connected only to point-to-point links.
IMPLEMENTATION:
One possible method of choosing the router-id that fulfills
this requirement is to use the numerically smallest (or
greatest) IP address (treating the address as a 32-bit
integer) that is assigned to the router.
The IP header contains two reserved bits: one in the Type of Service byte and the other in the Flags field. A router MUST NOT set either of these bits to one in datagrams originated by the router. A router MUST NOT drop (refuse to receive or forward) a packet merely because one or more of these reserved bits has a non-zero value.
DISCUSSION:
Future revisions to the IP protocol may make use of these
unused bits. These rules are intended to ensure that these
revisions can be deployed without having to simultaneously
upgrade all routers in the Internet.
The Type-of-Service byte in the IP header is divided into three sections: the Precedence field (high-order 3 bits), a field that is customarily called Type of Service or TOS (next 4 bits), and a reserved bit (the low order bit).
Rules governing the reserved bit were described in Section [4.2.2.3].
A more extensive discussion of the TOS field and its use can be found in [ROUTE:11].
The description of the IP Precedence field is superseded by Section [5.3.3]. RFC-795, Service Mappings, is obsolete and SHOULD NOT be implemented.
As stated in Section [5.2.2], a router MUST verify the IP checksum of any packet which is received. The router MUST NOT provide a means to disable this checksum verification.
IMPLEMENTATION:
A more extensive description of the IP checksum, including
extensive implementation hints, can be found in [INTERNET:6]
and [INTERNET:7].
A router MUST ignore IP options which it does not recognize. A corollary of this requirement is that a router MUST implement the End of Option List option and the No Operation option, since neither contains an explicit length.
DISCUSSION:
All future IP options will include an explicit length.
Fragmentation, as described in [INTERNET:1], MUST be supported by a router.
When a router fragments an IP datagram, it SHOULD minimize the number of fragments. When a router fragments an IP datagram, it MUST send the fragments in order. A fragmentation method which may generate one IP fragment which is significantly smaller than the other MAY cause the first IP fragment to be the smaller one.
DISCUSSION:
There are several fragmentation techniques in common use in
the Internet. One involves splitting the IP datagram into
IP fragments with the first being MTU sized, and the others
being approximately the same size, smaller than the MTU.
The reason for this is twofold. The first IP fragment in
the sequence will be the effective MTU of the current path
between the hosts, and the following IP fragments are sized
to hopefully minimize the further fragmentation of the IP
datagram. Another technique is to split the IP datagram
into MTU sized IP fragments, with the last fragment being
the only one smaller, as per page 26 of [INTERNET:1].
A common trick used by some implementations of TCP/IP is to fragment an IP datagram into IP fragments that are no larger than 576 bytes when the IP datagram is to travel through a router. In general, this allows the resulting IP fragments to pass the rest of the path without further fragmentation. This would, though, create more of a load on the destination host, since it would have a larger number of IP fragments to reassemble into one IP datagram. It would also not be efficient on networks where the MTU only changes once, and stays much larger than 576 bytes (such as an 802.5 network with a MTU of 2048 or an Ethernet network with an MTU of 1536).
One other fragmentation technique discussed was splitting the IP datagram into approximately equal sized IP fragments, with the size being smaller than the next hop network's MTU. This is intended to minimize the number of fragments that would result from additional fragmentation further down the
path.
In most cases, routers should try and create situations that will generate the lowest number of IP fragments possible.
Work with slow machines leads us to believe that if it is necessary to send small packets in a fragmentation scheme, sending the small IP fragment first maximizes the chance of a host with a slow interface of receiving all the fragments.
As specified in Section 3.3.2 of [INTRO:2], a router MUST support reassembly of datagrams which it delivers to itself.
Time to Live (TTL) handling for packets originated or received by the router is governed by [INTRO:2]. Note in particular that a router MUST NOT check the TTL of a packet except when forwarding it.
All-subnets broadcasts (called multi-subnet broadcasts in [INTERNET:3]) have been deprecated. See Section [5.3.5.3].
There are now five classes of IP addresses: Class A through Class E. Class D addresses are used for IP multicasting [INTERNET:4], while Class E addresses are reserved for experimental use.
A multicast (Class D) address is a 28-bit logical address that stands for a group of hosts, and may be either permanent or transient. Permanent multicast addresses are allocated by the Internet Assigned Number Authority [INTRO:7], while transient addresses may be allocated dynamically to transient groups. Group membership is determined dynamically using IGMP [INTERNET:4].
We now summarize the important special cases for Unicast (that is class A, B, and C) IP addresses, using the following notation for an IP address:
{ <Network-number>, <Host-number> }
or
{ <Network-number>, <Subnet-number>, <Host-number> }
and the notation -1 for a field that contains all 1 bits and the notation 0 for a field that contains all 0 bits. This notation is not intended to imply that the 1-bits in a subnet mask need be contiguous.
(a) { 0, 0 }
This host on this network. It MUST NOT be used as a source address by routers, except the router MAY use this as a source address as part of an initialization procedure (e.g., if the router is using BOOTP to load its configuration information).
Incoming datagrams with a source address of { 0, 0 } which are received for local delivery (see Section [5.2.3]), MUST be accepted if the router implements the associated protocol and that protocol clearly defines appropriate action to be taken. Otherwise, a router MUST silently discard any locally-delivered datagram whose source address is { 0, 0 }.
DISCUSSION:
Some protocols define specific actions to take in
response to a received datagram whose source address is
{ 0, 0 }. Two examples are BOOTP and ICMP Mask
Request. The proper operation of these protocols often
depends on the ability to receive datagrams whose
source address is { 0, 0 }. For most protocols,
however, it is best to ignore datagrams having a source
address of { 0, 0 } since they were probably generated
by a misconfigured host or router. Thus, if a router
knows how to deal with a given datagram having a { 0, 0
} source address, the router MUST accept it.
Otherwise, the router MUST discard it.
See also Section [4.2.3.1] for a non-standard use of { 0, 0 }.
(b) { 0, <Host-number> }
Specified host on this network. It MUST NOT be sent by
routers except that the router MAY uses this as a source address as part of an initialization procedure by which the it learns its own IP address.
(c) { -1, -1 }
Limited broadcast. It MUST NOT be used as a source address.
A datagram with this destination address will be received by every host and router on the connected physical network, but will not be forwarded outside that network.
(d) { <Network-number>, -1 }
Network Directed Broadcast - a broadcast directed to the specified network. It MUST NOT be used as a source address. A router MAY originate Network Directed Broadcast packets. A router MUST receive Network Directed Broadcast packets; however a router MAY have a configuration option to prevent reception of these packets. Such an option MUST default to allowing reception.
(e) { <Network-number>, <Subnet-number>, -1 }
Subnetwork Directed Broadcast - a broadcast sent to the specified subnet. It MUST NOT be used as a source address. A router MAY originate Network Directed Broadcast packets. A router MUST receive Network Directed Broadcast packets; however a router MAY have a configuration option to prevent reception of these packets. Such an option MUST default to allowing reception.
(f) { <Network-number>, -1, -1 }
All Subnets Directed Broadcast - a broadcast sent to all subnets of the specified subnetted network. It MUST NOT be used as a source address. A router MAY originate Network Directed Broadcast packets. A router MUST receive Network Directed Broadcast packets; however a router MAY have a configuration option to prevent reception of these packets. Such an option MUST default to allowing reception.
(g) { 127, <any> }
Internal host loopback address. Addresses of this form MUST NOT appear outside a host.
The <Network-number> is administratively assigned so that its value will be unique in the entire world.
IP addresses are not permitted to have the value 0 or -1 for any of the <Host-number>, <Network-number>, or <Subnet-number> fields (except in the special cases listed above). This implies that each of these fields will be at least two bits long.
For further discussion of broadcast addresses, see Section [4.2.3.1].
Since (as described in Section [4.2.1]) a router must support the subnet extensions to IP, there will be a subnet mask of the form: { -1, -1, 0 } associated with each of the host's local IP addresses; see Sections [4.3.3.9], [5.2.4.2], and [10.2.2].
When a router originates any datagram, the IP source address
MUST be one of its own IP addresses (but not a broadcast or
multicast address). The only exception is during
initialization.
For most purposes, a datagram addressed to a broadcast or multicast destination is processed as if it had been addressed to one of the router's IP addresses; that is to say:
The term specific-destination address means the equivalent local IP address of the host. The specific-destination address is defined to be the destination address in the IP header unless the header contains a broadcast or multicast address, in which case the specific-destination is an IP address assigned to the physical interface on which the datagram arrived.
A router MUST silently discard any received datagram containing an IP source address that is invalid by the rules of this
section. This validation could be done either by the IP layer or by each protocol in the transport layer.
DISCUSSION:
A misaddressed datagram might be caused by a Link Layer
broadcast of a unicast datagram or by another router or host
that is confused or misconfigured.
For historical reasons, there are a number of IP addresses (some standard and some not) which are used to indicate that an IP packet is an IP broadcast. A router
(1) MUST treat as IP broadcasts packets addressed to 255.255.255.255, { <Network-number>, -1 }, { <Network- number>, <Subnet-number>, -1 }, and { <Network-number>,
-1, -1 }.
(2) SHOULD silently discard on receipt (i.e., don't even deliver to applications in the router) any packet addressed to 0.0.0.0, { <Network-number>, 0 }, {
<Network-number>, <Subnet-number>, 0 }, or { <Network-
number>, 0, 0 }; if these packets are not silently
discarded, they MUST be treated as IP broadcasts (see
Section [5.3.5]). There MAY be a configuration option to
allow receipt of these packets. This option SHOULD
default to discarding them.
(3) SHOULD (by default) use the limited broadcast address (255.255.255.255) when originating an IP broadcast destined for a connected network or subnet (except when sending an ICMP Address Mask Reply, as discussed in Section [4.3.3.9]). A router MUST receive limited broadcasts.
(4) SHOULD NOT originate datagrams addressed to 0.0.0.0, {
<Network-number>, 0 }, { <Network-number>, <Subnet-
number>, 0 }, or { <Network-number>, 0, 0 }. There MAY be
a configuration option to allow generation of these
packets (instead of using the relevant 1s format
broadcast). This option SHOULD default to not generating
them.
DISCUSSION:
In the second bullet, the router obviously cannot recognize
addresses of the form { <Network-number>, <Subnet-number>, 0
} if the router does not know how the particular network is
subnetted. In that case, the rules of the second bullet do
not apply because, from the point of view of the router, the
packet is not an IP broadcast packet.
An IP router SHOULD satisfy the Host Requirements with respect to IP multicasting, as specified in Section 3.3.7 of [INTRO:2]. An IP router SHOULD support local IP multicasting on all connected networks for which a mapping from Class D IP addresses to link-layer addresses has been specified (see the various IP-over-xxx specifications), and on all connected point-to-point links. Support for local IP multicasting includes originating multicast datagrams, joining multicast groups and receiving multicast datagrams, and leaving multicast groups. This implies support for all of [INTERNET:4] including IGMP (see Section [4.4]).
DISCUSSION:
Although [INTERNET:4] is entitled Host Extensions for IP
Multicasting, it applies to all IP systems, both hosts and
routers. In particular, since routers may join multicast
groups, it is correct for them to perform the host part of
IGMP, reporting their group memberships to any multicast
routers that may be present on their attached networks
(whether or not they themselves are multicast routers).
Some router protocols may specifically require support for IP multicasting (e.g., OSPF [ROUTE:1]), or may recommend it (e.g., ICMP Router Discovery [INTERNET:13]).
In order to eliminate fragmentation or minimize it, it is desirable to know what is the path MTU along the path from the