draft-ietf-grow-embed-addr-01.txt   draft-ietf-grow-embed-addr-02.txt 
Global Routing Operations D. Plonka Global Routing Operations D. Plonka
Internet-Draft University of Wisconsin Internet-Draft University of Wisconsin
Expires: December 6, 2004 June 7, 2004 Expires: December 7, 2004 June 8, 2004
Embedding Globally Routable Internet Addresses Considered Harmful Embedding Globally Routable Internet Addresses Considered Harmful
draft-ietf-grow-embed-addr-01 draft-ietf-grow-embed-addr-02
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as other groups may also distribute working documents as
Internet-Drafts. Internet-Drafts.
skipping to change at page 1, line 31 skipping to change at page 1, line 31
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 6, 2004. This Internet-Draft will expire on December 7, 2004.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved. Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract Abstract
This document means to clarify best current practices in the Internet This document means to clarify best current practices in the Internet
community. Internet hosts should not contain globally routable community. Internet hosts should not contain globally routable
Internet Protocol addresses embedded within firmware or elsewhere as Internet Protocol addresses embedded within firmware or elsewhere as
part of their default configuration such that it influences run-time part of their default configuration such that it influences run-time
behavior. behavior.
Revision History Revision History
RFC-EDITOR: PLEASE REMOVE REVISION HISTORY BEFORE PUBLICATION. The RFC-EDITOR: PLEASE REMOVE REVISION HISTORY BEFORE PUBLICATION. The
following is the revision history of this document following is the revision history of this document
$Log: draft-ietf-grow-embed-addr.xml,v $ $Log: draft-ietf-grow-embed-addr.xml,v $
Revision 1.15 2004/06/08 14:16:45 plonka
revised conclusion based on input from Geoff Huston
added netgear-sntp technical report to list of informative references
Revision 1.14 2004/06/07 18:16:27 plonka Revision 1.14 2004/06/07 18:16:27 plonka
split references into normative and informative sections split references into normative and informative sections
Revision 1.13 2004/06/07 16:32:10 plonka Revision 1.13 2004/06/07 16:32:10 plonka
Set category to BCP. Set category to BCP.
Rewrote/resized abstract and introduction as suggested by Pekka Savola. Rewrote/resized abstract and introduction as suggested by Pekka Savola.
Improved section about using DNS names, re; hard-coding caveats, as Improved section about using DNS names, re; hard-coding caveats, as
suggested by Pekka Savola. suggested by Pekka Savola.
skipping to change at page 11, line 7 skipping to change at page 11, line 7
security or privacy policy. Furthermore, the significant possibility security or privacy policy. Furthermore, the significant possibility
of malicious parties exploiting such a remote control mechanism may of malicious parties exploiting such a remote control mechanism may
completely negate any potential benefit of the remote control scheme. completely negate any potential benefit of the remote control scheme.
5. IANA Considerations 5. IANA Considerations
This document creates no new requirements on IANA namespaces. This document creates no new requirements on IANA namespaces.
6. Conclusion 6. Conclusion
As larger numbers of homogenous Internet hosts continue to be When large numbers of homogenous Internet hosts are deployed, it is
deployed, it is particularly important that both their designers and particularly important that both their designers and other members of
other members of the Internet community diligently assess host the Internet community diligently assess host implementation quality
implementation quality and reconfigurability. Unique, globally and reconfigurability.
routable IP addresses should not be embedded within a host's fixed
configuration because doing so excludes the ability to remotely Implementors of host services should avoid any kind of use of unique
influence hosts when the unsolicited IP traffic they generate causes globally routable IP addresses within a fixed configuration part of
problems for those operating the IP addresses to which the traffic is the service implementation. If there is a requirement for
destined. pre-configured state then care should be taken to use an appropriate
service identifier and use standard resolution mechanisms to
dynamically resolve the identifier into an IP address. Also, any
such identifiers should be alterable in the field through a
conventional command and control interface for the service.
7. Acknowledgements 7. Acknowledgements
The author thanks the following reviewers for their contributions to The author thanks the following reviewers for their contributions to
this document: Paul Barford, Mike O'Connor, Michael Patton, Tom this document: Paul Barford, Geoff Huston, David Meyer, Mike
Petch, Pekka Savola, and David Meyer. O'Connor, Michael Patton, Tom Petch, and Pekka Savola.
8. References 8. References
8.1 Normative References 8.1 Normative References
[1] Hubbard, K., "INTERNET REGISTRY IP ALLOCATION GUIDELINES", RFC [1] Hubbard, K., "INTERNET REGISTRY IP ALLOCATION GUIDELINES", RFC
2050, BCP 12, November 1996. 2050, BCP 12, November 1996.
[2] Eastlake, D., "Reserved Top Level DNS Names", RFC 2606, BCP 32, [2] Eastlake, D., "Reserved Top Level DNS Names", RFC 2606, BCP 32,
June 1999. June 1999.
skipping to change at page 13, line 35 skipping to change at page 13, line 35
[6] Hamilton, M., "Use of DNS Aliases for Network Services", RFC [6] Hamilton, M., "Use of DNS Aliases for Network Services", RFC
2219, BCP 17, October 1997. 2219, BCP 17, October 1997.
[7] Mills, D., "Simple Network Time Protocol (SNTP) Version 4 for [7] Mills, D., "Simple Network Time Protocol (SNTP) Version 4 for
IPv4, IPv6 and OSI", RFC 2030, October 1996. IPv4, IPv6 and OSI", RFC 2030, October 1996.
[8] Alexander, S., "DHCP Options and BOOTP Vendor Extensions", RFC [8] Alexander, S., "DHCP Options and BOOTP Vendor Extensions", RFC
2132, March 1997. 2132, March 1997.
[9] Plonka, D., "Flawed Routers Flood University of Wisconsin
Internet Time Server", August 2003,
<http://www.cs.wisc.edu/~plonka/netgear-sntp/>.
Author's Address Author's Address
David J. Plonka David Plonka
University of Wisconsin - Madison University of Wisconsin - Madison
EMail: plonka AT doit DOT wisc DOT edu EMail: plonka AT doit DOT wisc DOT edu
URI: http://net.doit.wisc.edu/~plonka/ URI: http://net.doit.wisc.edu/~plonka/
Appendix A. Background Appendix A. Background
In June 2003, the University of Wisconsin discovered that a network In June 2003, the University of Wisconsin discovered that a network
product vendor named NetGear had manufactured and shipped over product vendor named NetGear had manufactured and shipped over
700,000 routers with firmware containing a hard-coded reference to 700,000 routers with firmware containing a hard-coded reference to
skipping to change at page 14, line 29 skipping to change at page 14, line 29
source addresses, destined for the University's network, resulting in source addresses, destined for the University's network, resulting in
significant operational problems. significant operational problems.
These flawed routers are widely deployed throughout the global These flawed routers are widely deployed throughout the global
Internet and are likely to remain in use for years to come. As such, Internet and are likely to remain in use for years to come. As such,
the University of Wisconsin with the cooperation of NetGear will the University of Wisconsin with the cooperation of NetGear will
build a new anycast time service which aims to mitigate the damage build a new anycast time service which aims to mitigate the damage
caused by the misbehavior of these flawed routers. caused by the misbehavior of these flawed routers.
A technical report regarding the details of this situation is A technical report regarding the details of this situation is
available on the world wide web: available on the world wide web: Flawed Routers Flood University of
<http://www.cs.wisc.edu/~plonka/netgear-sntp/> Wisconsin Internet Time Server [9].
Intellectual Property Statement Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and IETF's procedures with respect to rights in standards-track and
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/