Search RFCs
RFC 6324
Routing Loop Attack Using IPv6 Automatic Tunnels: Problem Statement and Proposed Mitigations,August 2011
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC6324
Discuss this RFC: Send questions or comments to the mailing listv6ops@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 6324
Abstract
This document is concerned with security vulnerabilities in IPv6-in-IPv4 automatic tunnels. These vulnerabilities allow an attacker totake advantage of inconsistencies between the IPv4 routing state andthe IPv6 routing state. The attack forms a routing loop that can beabused as a vehicle for traffic amplification to facilitate denial-of-service (DoS) attacks. The first aim of this document is toinform on this attack and its root causes. The second aim is topresent some possible mitigation measures. It should be noted thatat the time of this writing there are no known reports of maliciousattacks exploiting these vulnerabilities. Nonetheless, thesevulnerabilities can be activated by accidental misconfiguration.This document is not an Internet Standards Track specification; it ispublished for informational purposes.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.