The Controversial IPv6 Extension Headers

IPv6 Extension Headers allow for the extension of the IPv6 protocol, and provide support for core functionality such as IPv6 fragmentation. The typical structure of an IPv6 packet containing IPv6 extensions headers is as follows:

Common implementation limitations suggest that IPv6 extension headers present a challenge for a plethora of device types, and recent studies indicate that there exists widespread dropping of IPv6 packets containing extension headers.

The topic of IPv6 extension header typically triggers heated discussions in the technical communities between network engineers claiming that IPv6 extension headers are key to future innovation, versus security specialists that quite frequently argue that IPv6 extension headers represent a security nightmare.

Given the ongoing debate on this topic, we believe the following resources can help in raising awareness about the challenge represented by IPv6 extension headers and their current operational status.

A first set of resources comprises a number of TechTarget articles on this topic:

A more thorough discussion of these issues can be found in these IETF Internet-Drafts:

The above resources give a clear signal that, if IPv6 extension headers are to usable in the public Internet, there is a lot of work to be done by the IETF itself, software developers, hardware manufacturers, and the operational community as a whole.

Leave a Reply