<?xml version='1.0' encoding='utf-8'?> encoding='UTF-8'?>

<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.18 (Ruby 3.3.3) -->

<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-ietf-opsawg-ipfix-tcpo-v6eh-18" number="9740" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.22.0 --> version="3" xml:lang="en" obsoletes="" updates="" >

    <title abbrev="New TCP and IPv6 EH IPFIX IEs">Extended IEs">New IPFIX Information Elements for TCP Options and IPv6 Extension Headers IPFIX Information Elements</title> Headers</title>
    <seriesInfo name="Internet-Draft" value="draft-ietf-opsawg-ipfix-tcpo-v6eh-18"/> name="RFC" value="9740"/>
    <author fullname="Mohamed Boucadair"> Boucadair" initials="M." surname="Boucadair">
    <author fullname="Benoit Claise"> Claise" initials="B." surname="Claise">
    <date year="2024" month="July" day="22"/>
    <area>Operations and Management</area>
    <workgroup>OPSAWG</workgroup> year="2025" month="March"/>

      <?line 68?>

<t>This document specifies new IP Flow Information Export (IPFIX) Information Elements (IEs) to solve issues with existing ipv6ExtensionHeaders and tcpOptions IPFIX IEs, especially the ability to export any observed IPv6 extension headers or TCP options.</t>
    <note removeInRFC="true">
      <name>Discussion Venues</name>
      <t>Discussion of this document takes place on the
    Operations and Management Area Working Group Working Group mailing list (opsawg@ietf.org),
    which is archived at <eref target="https://mailarchive.ietf.org/arch/browse/opsawg/"/>.</t>
      <t>Source for this draft and an issue tracker can be found at
    <eref target="https://github.com/boucadair/ipfix-tcpoptions-and-v6eh"/>.</t>
    <?line 72?>

<section anchor="introduction">
      <t>This document specifies new IP Flow Information Export (IPFIX) <xref target="RFC7011"/> Information Elements (IEs) to solve a set of issues encountered with the specifications of two IEs -- ipv6ExtensionHeaders (to export IPv6 extension headers) and tcpOptions (to export TCP options) IEs <xref target="IANA-IPFIX"/>. More details about these issues are provided in the following sub-sections.</t> subsections.</t>
      <t>This document deprecates the ipv6ExtensionHeaders and tcpOptions IPFIX IEs that were initially defined in <xref target="RFC5102"/>.</t>
      <ul empty="true">

          <t indent="3">Note that <xref target="RFC7012"/> obsoletes <xref target="RFC5102"/> and specifies that <xref target="IANA-IPFIX"/> is the normative reference for these IEs.</t>

      <section anchor="sec-eh-issues">
        <name>Issues with ipv6ExtensionHeaders Information Element</name>
        <t>The specification of the ipv6ExtensionHeaders IPFIX IE (64) does not:</t>
        <ul spacing="normal">
            <t>Cover the full extension headers' range defined in the IPv6 specification (<xref section="4" sectionFormat="of" target="RFC8200"/>).</t>
            <t>Specify the procedure to follow when all bits are exhausted.</t>
            <t>Specify a means to export the order and the number of occurrences of a given extension header.</t>
            <t>Specify how to automatically update the IANA IPFIX registry (<xref target="IANA-IPFIX"/>) <xref target="IANA-IPFIX"/> when a new value is assigned in the IPv6 Extension Header Types registry <xref target="IANA-EH"/>. Only a frozen set of extension headers can be exported using the ipv6ExtensionHeaders IE. For example, the ipv6ExtensionHeaders IE can't report some IPv6 EHs, specifically EHs for the Host Identity Protocol (139), Shim6 Protocol (140) (140), or extension headers for experimentation and testing.</t>
            <t>Specify whether the exported values match the full enclosed values or only up to a limit imposed by hardware or software (e.g., <xref section="1.1" sectionFormat="of" target="RFC8883"/>). Note that some implementations may not be able to export all observed extension headers in a Flow because of a hardware or software limit (see, e.g., <xref target="I-D.ietf-6man-eh-limits"/>). The specification of the ipv6ExtensionHeaders IE does not discuss target="I-D.ietf-6man-eh-limits"/>).</t>
	    <t>Discuss whether it covers all enclosed extension headers or only up to a limit.</t>
            <t>Specify how to report the length of IPv6 extension headers.</t>
            <t>Optimize the encoding.</t>
            <t>Explain the reasoning for reporting values which that do not correspond to extension headers (e.g., "Unknown Layer 4 header" or "Payload compression header").</t>
            <t>Specify how to report extension header chains or aggregate lengths of extension headers length.</t> headers.</t>
        <t><xref target="sec-eh"/> addresses these issues.</t>
        <t>This specification deprecates the ipv6ExtensionHeaders IPFIX IE in favor of the new IEs defined in this document.</t>
      <section anchor="sec-tcp-issues">
        <name>Issues with tcpOptions Information Element</name>
        <t>The specification of the tcpOptions IPFIX IE (209) does not:</t>
        <ul spacing="normal">
            <t>Describe how some observed TCP options in a Flow can be exported using IPFIX. Only TCP options having a Kind &lt;= 63 can be exported in a tcpOptions IE.</t>
            <t>Allow reporting the observed Experiment Identifiers (ExIDs) that are carried in shared Experimental TCP options (Kind=253 or 254) <xref target="RFC6994"/>.</t>
            <t>Optimize the encoding.</t>
        <t><xref target="sec-tcp"/> addresses these issues.</t>
        <t>This specification deprecates the tcpOptions IE in favor of the new IEs defined in this document.</t>
    <section anchor="conventions-and-definitions">
      <name>Conventions and Definitions</name>
    The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>",
    "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>",
    "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>",
    "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
    "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be
    interpreted as described in BCP 14 BCP&nbsp;14 <xref target="RFC2119"/> <xref
    target="RFC8174"/> when, and only when, they appear in all capitals, as
    shown here.</t>
      <?line -18?> here.
<t>This document uses the IPFIX-specific terminology (Information Element, Template Record,
   Flow, etc.) defined in
   <xref section="2" sectionFormat="of" target="RFC7011"/>. As in the base IPFIX specification <xref target="RFC7011"/>, these IPFIX-specific terms
   have the first letter of a word capitalized.</t>
      <t>Also, the document uses the terms defined in the IPv6 <xref target="RFC8200"/> and TCP <xref target="RFC9293"/> specifications.</t>
      <t>In addition, the document makes use of the following term:</t>
      <dl> terms:</t>
      <dl spacing="normal" newline="false">
        <dt>Extension header chain:</dt>
          <t>Refers to the chain of extension headers that are present in an IPv6 packet.</t>
          <t>This term should not be confused with the IPv6 header chain,
          which includes the IPv6 header, zero or more IPv6 extension headers,
          and zero or a single Upper-Layer Header.</t>
        <dt>Flow with varying extension header chain:</dt> chains:</dt>
          <t>Refers to a Flow where distinct extension header chains are
          observed. Concretely, different packets in such a Flow will have a
          different sequence of extension header type codes.</t>
    <section anchor="sec-eh">
      <name>Information Elements for IPv6 Extension Headers</name>
      <section anchor="sec-v6ehtype">
        <name>ipv6ExtensionHeaderType Information Element</name>
        <dl newline="false">
            <t>Type of an IPv6 extension header observed in at least one packet of this Flow.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the IPv6 "IPv6 Extension Header Types Types" registry at <xref target="IANA-EH"/>.</t>
            <t>See <xref section="4" sectionFormat="of" target="RFC8200"/> for
            the general definition of IPv6 extension headers.</t>
            <t>RFC 9740</t>
      <section anchor="sec-v6ehcount">
        <name>ipv6ExtensionHeaderCount Information Element</name>
        <dl newline="false">
            <t>The number of consecutive occurrences of the same extension header type in a Flow.</t>
            <t>This IE is reported, e.g., in the ipv6ExtensionHeaderTypeCountList IE.</t>
            <t>The type of the extension header is provided in the ipv6ExtensionHeaderType IE.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the IPv6 "IPv6 Extension Header Types Types" registry at <xref target="IANA-EH"/>.</t>
            <t>See <xref section="4" sectionFormat="of" target="RFC8200"/> for
            the general definition of IPv6 extension headers.</t>
            <t>RFC 9740</t>
      <section anchor="sec-v6full">
        <name>ipv6ExtensionHeadersFull Information Element</name>
        <dl newline="false">
            <t>IPv6 extension headers observed in packets of this Flow. The
            information is encoded in a set of bit fields.  For each IPv6
            extension header, there is a bit in this set. The bit is set to 1
            if any observed packet of this Flow contains the corresponding
            IPv6 extension header.  Otherwise, if no observed packet of this
            Flow contains the respective IPv6 extension header, the value of
            the corresponding bit is 0.</t>
            <t>The IPv6 extension header associated with each bit is provided
[NEW_IPFIX_IPv6EH_SUBREGISTRY]. <xref target="IANA-IPFIX-IPv6EH"/>. Bit 0 corresponds to the least-significant
            least significant bit (LSB) in the ipv6ExtensionHeadersFull IE IE, while bit
            255 corresponds to the most-significant most significant bit (MSB) of the IE.  In doing
            so, few octets will be needed to encode common IPv6 extension
            headers when observed in a Flow.</t>
            <t>The "No Next Header" (bit 2) value (<xref section="4.7"
            sectionFormat="of" target="RFC8200"/>) is used if there is no
            upper-layer header in an IPv6 packet.  Even if the value is not
            considered as an extension header as such, the corresponding bit
            is set in the ipv6ExtensionHeadersFull IE whenever that value is
            encountered in the Flow.</t>
            <t>Extension headers observed in a Flow with varying extension
            header chain chains <bcp14>MUST NOT</bcp14> be grouped in the
            ipv6ExtensionHeadersFull IE if the
            ipv6ExtensionHeaderChainLengthList IE is also present.</t>
            <t>If the ipv6ExtensionHeaderChainLengthList IE is not present,
            then extension headers observed in a Flow with varying extension
            header chain chains <bcp14>MAY</bcp14> be grouped in one single
            ipv6ExtensionHeadersFull IE or be exported in separate
            ipv6ExtensionHeadersFull IEs, one for each extension header
            <t>The ipv6ExtensionHeadersFull IE <bcp14>MUST NOT</bcp14> be
            exported if ipv6ExtensionHeaderTypeCountList IE is also present
            because of the overlapping scopes between of these two IEs.</t>
            <t>The value of ipv6ExtensionHeadersFull IE may be encoded in
            fewer octets per the guidelines in <xref section="6.2"
            sectionFormat="of" target="RFC7011"/>.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the "IPFIX ipv6ExtensionHeaders Bits Bits" registry at [NEW_IPFIX_IPv6EH_SUBREGISTRY].</t>
          <dd> <xref target="IANA-IPFIX-IPv6EH"/>.</t>
            <t>See the IPv6 "IPv6 Extension Header Types Types" registry at <xref target="IANA-EH"/>.</t>
            <t>See <xref section="4" sectionFormat="of" target="RFC8200"/> for
            the general definition of IPv6 extension headers.</t>
            <t>The ipv6ExtensionHeadersFull IE deprecates the
            ipv6ExtensionHeaders IE (64) that was initially defined in <xref
            <t><xref target="RFC7012"/> obsoletes <xref target="RFC5102"/> and
            specifies that <xref target="IANA-IPFIX"/> is the normative
            reference for the ipv6ExtensionHeaders IE (64).</t>
            <t>RFC 9740</t>
        <ul empty="true">
            <t>Note to the RFC Editor: Please replace [NEW_IPFIX_IPv6EH_SUBREGISTRY] with the link to the "ipv6ExtensionHeaders Bits" registry (<xref target="sec-iana-eh"/>).</t>
      <section anchor="sec-v6count">
        <name>ipv6ExtensionHeaderTypeCountList Information Element</name>
        <dl newline="false">
            <t>As per <xref section="4.1" sectionFormat="of"
            target="RFC8200"/>, IPv6 nodes must accept and attempt to process
            extension headers occurring any number of times in the same
            packet. This IE echoes the order of extension headers and number
            of consecutive occurrences of the same extension header type in a
            <t>This IE is a subTemplateList of ipv6ExtensionHeaderType and
            ipv6ExtensionHeaderCount IEs.</t>
            <t>Each header chain in a Flow with varying extension header chain chains
            <bcp14>MUST</bcp14> be exported in a separate IE.</t>
            <t>The same extension header type may appear several times in an
            ipv6ExtensionHeaderTypeCountList IE.  For example, if an IPv6
            packet of a Flow includes a Hop-by-Hop Options header, a
            Destination Options header, a Fragment header, and a Destination
            Options header, the ipv6ExtensionHeaderTypeCountList IE will
            <ul spacing="normal">
                <t>the count of Hop-by-Hop Options headers,</t>
                <t>the occurrences of the Destination Options headers that are observed before a Fragment header,</t>
                <t>the occurrences of the Fragment headers, and</t>
                <t>the occurrences of the Destination Options headers that are observed right after a Fragment header.</t>
            <t>If an implementation determines that an observed packet of a
            Flow includes an extension header (including an extension header
            that it does not support), then the exact observed code of that
            extension header <bcp14>MUST</bcp14> be echoed in the
            ipv6ExtensionHeaderTypeCountList IE. How an implementation
            disambiguates between unknown upper-layer protocols vs. extension
            headers is not IPFIX-specific. Refer, for example, to <xref
            section="2.2" sectionFormat="of" target="RFC8883"/> for a behavior
            of an intermediate node that encounters an unknown Next Header
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the IPv6 "IPv6 Extension Header Types Types" registry at <xref target="IANA-EH"/>.</t>
            <t>See <xref section="4" sectionFormat="of" target="RFC8200"/> for the general definition of IPv6 extension headers.</t>
            <t>RFC 9740</t>
      <section anchor="sec-v6limit">
        <name>ipv6ExtensionHeadersLimit Information Element</name>
        <dl newline="false">
            <t>When set to "false", this IE indicates that the exported
headers header information (e.g., ipv6ExtensionHeadersFull or
            ipv6ExtensionHeaderTypeCountList) does not match the full enclosed
            extension headers, but only up to a limit that is typically set by
            hardware or software.</t>
            <t>When set to "true", this IE indicates that the exported
            extension header information matches the full enclosed extension
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See <xref section="4" sectionFormat="of" target="RFC8200"/> for
            the general definition of IPv6 extension headers.</t>
            <t>See <xref target="RFC8883"/> for an example of IPv6 packet
            processing due to limits on extension headers.</t>
            <t>RFC 9740</t>
      <section anchor="sec-v6aggr">
        <name>ipv6ExtensionHeadersChainLength Information Element</name>
        <dl newline="false">
            <t>In theory, there are no limits on the number of IPv6 extension
            headers that may be present in a packet other than the path
            MTU. However, it was regularly reported that IPv6 packets with
            extension headers are were often dropped in the Internet (e.g., <xref
            <t>As discussed in <xref section="1.2" sectionFormat="of"
            target="RFC8883"/>, some hardware devices implement a parsing
            buffer of a fixed size to process packets, including all the
            headers.  When the aggregate length of headers of an IPv6 packet
            exceeds that size, the packet will be discarded or deferred to a
            slow path.</t>
            <t>The ipv6ExtensionHeadersChainLength IE is used to report, in
            octets, the length of an extension header chain observed in a
            Flow.  The length is the sum of the length lengths of all extension
            headers of the chain. Exporting such information might help
            identifying root causes of performance degradation, including
            packet drops.</t>
            <t>Each header chain length of a Flow with varying extension
            header chain chains <bcp14>MUST</bcp14> be exported in a separate
            ipv6ExtensionHeadersChainLength IE.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See <xref section="4" sectionFormat="of" target="RFC8200"/> for
            the general definition of IPv6 extension headers.</t>
            <t>See <xref target="RFC9098"/> for an overview of operational
            implications of IPv6 packets with extension headers.</t>
            <t>RFC 9740</t>
      <section anchor="sec-v6chain-list">
        <name>ipv6ExtensionHeaderChainLengthList Information Element</name>
        <dl newline="false">
            <t>This IE is used to report the chains and their length lengths as
            observed in a Flow with varying extension header chain.</t>
          <dd> chains.</t>
            <t>This IE is a subTemplateList of ipv6ExtensionHeadersFull and
            ipv6ExtensionHeadersChainLength IEs.</t>
            <t>If several extension header chains are observed in a Flow, each
            header chain <bcp14>MUST</bcp14> be exported in a separate
            ipv6ExtensionHeaderChainLengthList IE.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the IPv6 "IPv6 Extension Header Types Types" registry at <xref target="IANA-EH"/>.</t>
            <t>See <xref section="4" sectionFormat="of" target="RFC8200"/> for the general definition of IPv6 extension headers.</t>
            <t>RFC 9740</t>
    <section anchor="sec-tcp">
      <name>Information Elements for TCP Options</name>
      <section anchor="sec-tcpfull">
        <name>tcpOptionsFull Information Element</name>
        <t>This section specifies a new IE to cover the full TCP options range.</t>
        <dl newline="false">
            <t>TCP options in packets of this Flow.  The information is
            encoded in a set of bit fields.  For each TCP option, there is a
            bit in this set.  The bit is set to 1 if any observed packet of
            this Flow contains the corresponding TCP option.  Otherwise, if no
            observed packet of this Flow contains the respective TCP option,
            the value of the corresponding bit is 0.</t>
            <t>Options are mapped to bits according to their option numbers.
            TCP option Kind 0 corresponds to the least-significant least significant bit in the
            tcpOptionsFull IE IE, while Kind 255 corresponds to the most-significant
            most significant bit of the IE. This approach allows an observer
            to export any observed TCP option even if it does not support that
            option and without requiring updating a mapping table.</t>
            <t>The value of tcpOptionsFull IE may be encoded in fewer octets
            per the guidelines in <xref section="6.2" sectionFormat="of"
            <t>The presence of tcpSharedOptionExID16List or
            tcpSharedOptionExID32List IEs is an indication that a shared TCP
            option (Kind=253 or 254) is observed in a Flow. The presence of
            tcpSharedOptionExID16List or tcpSharedOptionExID32List IEs takes
            precedence over setting the corresponding bits in the
            tcpOptionsFull IE for the same Flow. In order to optimize the use
            of the reduced-size encoding in the presence of
            tcpSharedOptionExID16List or tcpSharedOptionExID32List IEs, the
            Exporter <bcp14>MUST NOT</bcp14> set to 1 the shared TCP options
            (Kind=253 or 254) flags of the tcpOptionsFull IE that is reported
            for the same Flow.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the TCP "TCP Option Kind Numbers Numbers" registry at <xref target="IANA-TCP"/>.</t>
            <t>See <xref target="RFC9293"/> for the general definition of TCP options.</t>
            <t>The tcpOptionsFull IE deprecates the tcpOptions IE (209) that was initially defined in <xref target="RFC5102"/>.</t>
            <t><xref target="RFC7012"/> obsoletes <xref target="RFC5102"/> and specifies that <xref target="IANA-IPFIX"/> is the normative reference for the tcpOptions IE (209).</t>
            <t>RFC 9740</t>
      <section anchor="sec-tcpExID16">
        <name>tcpSharedOptionExID16  Information Element</name>
        <dl newline="false">
            <t>Reports an observed 2-byte ExID in a shared TCP option
            (Kind=253 or 254) in a Flow.</t>
            <t>A basicList of tcpSharedOptionExID16 is used to report
            tcpSharedOptionExID16List values.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the TCP "TCP Experimental Option Experiment Identifiers (TCP ExIDs) ExIDs)" registry at <xref target="IANA-TCP-EXIDs"/>.</t>
          <dd> target="IANA-TCP-ExIDs"/>.</t>
            <t>See <xref target="RFC9293"/> for the general definition of TCP options.</t>
            <t>See <xref target="RFC6994"/> for the shared use of experimental TCP Options.</t>
            <t>RFC 9740</t>
      <section anchor="sec-tcpExID32">
        <name>tcpSharedOptionExID32 Information Element</name>
        <dl newline="false">
            <t>Reports an observed 4-byte ExID in a shared TCP option
            (Kind=253 or 254) in a Flow.</t>
            <t>A basicList of tcpSharedOptionExID32 is used to report tcpSharedOptionExID32List values.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the TCP "TCP Experimental Option Experiment Identifiers (TCP ExIDs) ExIDs)" registry at <xref target="IANA-TCP-EXIDs"/>.</t>
          <dd> target="IANA-TCP-ExIDs"/>.</t>
            <t>See <xref target="RFC9293"/> for the general definition of TCP options.</t>
            <t>See <xref target="RFC6994"/> for the shared use of experimental TCP Options.</t>
            <t>RFC 9740</t>
      <section anchor="sec-ex">
        <name>tcpSharedOptionExID16List Information Element</name>
        <dl newline="false">
            <t>Reports observed 2-byte ExIDs in shared TCP options (Kind=253
            or 254) in a Flow.</t>
            <t>A basicList of tcpSharedOptionExID16 IEs in which each
            tcpSharedOptionExID16 IE carries an observed 2-byte ExID in a
            shared option.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the TCP "TCP Experimental Option Experiment Identifiers (TCP ExIDs)
            ExIDs)" registry at <xref target="IANA-TCP-EXIDs"/>.</t>
          <dd> target="IANA-TCP-ExIDs"/>.</t>
            <t>See <xref target="RFC9293"/> for the general definition of TCP options.</t>
            <t>See <xref target="RFC6994"/> for the shared use of experimental TCP Options.</t>
            <t>RFC 9740</t>
      <section anchor="sec-ex32">
        <name>tcpSharedOptionExID32List Information Element</name>
        <dl newline="false">
            <t>Reports observed 4-byte ExIDs in shared TCP options (Kind=253
            or 254) in a Flow.</t>
            <t>A basicList of tcpSharedOptionExID32 IEs in which each
            tcpSharedOptionExID32 IE carries an observed 4-byte ExID in a
            shared option.</t>
          <dt>Abstract Data Type:</dt>
          <dt>Data Type Semantics:</dt>
          <dt>Additional Information:</dt>
            <t>See the TCP "TCP Experimental Option Experiment Identifiers (TCP ExIDs) ExIDs)" registry at <xref target="IANA-TCP-EXIDs"/>.</t>
          <dd> target="IANA-TCP-ExIDs"/>.</t>
            <t>See <xref target="RFC9293"/> for the general definition of TCP options.</t>
            <t>See <xref target="RFC6994"/> for the shared use of experimental TCP Options.</t>
            <t>RFC 9740</t>
    <section anchor="implementation-and-operational-considerations">
      <name>Implementation and Operational Considerations</name>
      <t>Implementations of tcpSharedOptionExID16, tcpSharedOptionExID32, tcpSharedOptionExID16List, and tcpSharedOptionExID32List IEs are assumed to be provided with a list of valid ExIDs <xref target="IANA-TCP-EXIDs"/>. target="IANA-TCP-ExIDs"/>. How that list is maintained is implementation-specific. Absent that list, an implementation can't autonomously determine whether an ExID is present and, if so, whether it its length is 2- 2 or 4-byte length.</t> 4 bytes.</t>
      <t>If a TCP Flow contains packets with a mix of 2-byte and 4-byte ExIDs, the same Template Record is used with both tcpSharedOptionExID16 and tcpSharedOptionExID32 IEs.</t>
    <section anchor="sec-examples">
      <t>This section provides a few examples to illustrate the use of some IEs defined in this document.</t>
      <section anchor="ipv6-extension-headers">
        <name>IPv6 Extension Headers</name>
        <t><xref target="ex-eh1"/> provides an example of EH/bit mappings in an ipv6ExtensionHeadersFull IE for an IPv6 Flow in which only
the     IPv6 Destination Options (0) header is observed. The bits are set following the table provided in <xref target="sec-initial"/>.</t>

        <figure anchor="ex-eh1">
          <name>A First Example
          <name>Example of EH/Bit Mappings in the ipv6ExtensionHeadersFull IE</name>
          <artwork align="center"><![CDATA[
MSB                                                      LSB
                     1                          25
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 ... 8 9 0 1 2 3 4 5
|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|   |0|0|0|0|0|0|0|1|
        <t>The leading zeros are dropped per the reduced-size encoding guidance. One octet is thus sufficient to send these observed options on the wire. Concretely, the ipv6ExtensionHeadersFull IE will be set to 0x01 (<xref target="ex-eh1-wire"/>).</t>
        <figure anchor="ex-eh1-wire">
          <name>A First Example
          <name>Example A of ipv6ExtensionHeadersFull IE with Reduced-size Reduced-Size Encoding</name>
          <artwork align="center"><![CDATA[
MSB           LSB
 0 1 2 3 4 5 6 7
        <t><xref target="ex-eh2"/> provides another example of reported values in an ipv6ExtensionHeadersFull IE for an IPv6 Flow in which
the     Destination Options (0), IPv6 Hop-by-Hop Options (1), and Routing (5) headers are observed. One octet is sufficient to report these observed options. Concretely, the ipv6ExtensionHeadersFull IE will be set to 0x23.</t>
        <figure anchor="ex-eh2">
          <name>A Second Example
          <name>Example B of ipv6ExtensionHeadersFull IE with Reduced-size Reduced-Size Encoding</name>
          <artwork align="center"><![CDATA[
MSB           LSB
 0 1 2 3 4 5 6 7
        <t>Let us now consider an IPv6 Flow in which the following EH chain is observed: Routing (5), Mobility (7), and Authentication (9) header. <xref target="ex-eh3"/>
shows the ipv6ExtensionHeadersFull IE (0x02A0) to reprot report this individual chain.</t>
        <figure anchor="ex-eh3">
          <name>An Example
          <name>Example of ipv6ExtensionHeadersFull IE Reported for an Extension Header Chain</name>
          <artwork align="center"><![CDATA[
MSB                          LSB
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5
      <section anchor="tcp-options">
        <name>TCP Options</name>
        <section anchor="reduced-size-encoding">
          <name>Reduced-Size Encoding</name>
          <t>Given TCP Kind allocation practices and the option mapping defined in <xref target="sec-tcpfull"/>, fewer octets are likely to be used for Flows with common TCP options.</t>
          <t><xref target="ex-tcp1"/> shows an example of Kind/bit mappings in a tcpOptionsFull IE for a TCP Flow in which End of Option List (0), Maximum Segment Size (2), and Window Scale (3) options are observed.</t>
          <figure anchor="ex-tcp1">
            <name>An Example
            <name>Example of TCP Options / Bit Mappings in a tcpOptionsFull IE</name>
            <artwork align="center"><![CDATA[
MSB                                                      LSB
                     1                          25
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 ... 8 9 0 1 2 3 4 5
|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|0|   |0|0|0|0|1|1|0|1|
          <t>One octet is sufficient to report these observed options. Concretely, the tcpOptionsFull IE will be set to 0x0D (<xref target="ex-tcp1-wire"/>).</t>
          <figure anchor="ex-tcp1-wire">
            <name>An Example
            <name>Example of tcpOptionsFull IE with Reduced-size Encdoing</name> Reduced-Size Encoding</name>
            <artwork align="center"><![CDATA[
MSB           LSB
 0 1 2 3 4 5 6 7
        <section anchor="shared-options">
          <name>Shared Options</name>
          <t>Let us consider a TCP Flow in which shared options with ExIDs 0x0348 (HOST_ID) <xref target="RFC7974"/>, 0x454E     (TCP-ENO) <xref target="RFC8547"/>, and 0xE2D4C3D9  (Shared Memory communications Communications over RMDA RDMA protocol) <xref target="RFC7609"/> are observed. <xref target="ex-tcp2"/> shows an excerpt of the Data Set encoding with a focus on the tcpSharedOptionExID16 and tcpSharedOptionExID32 IEs. The meaning of the fields is defined in <xref target="RFC6313"/>.</t>
          <figure anchor="ex-tcp2">
            <name>Example of TCP Shared IEs</name>
            <artwork align="center"><![CDATA[
 MSB                                                          LSB
 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
:                           ...                                 :
|      255      |        List Length = 9        |semantic=allof |
|tcpSharedOptionExID16 = TBD9 521    |         Field Length = 2      |
|              0x0348           |             0x454E            |
|      255      |        List Length = 9        |semantic=allof |
|tcpSharedOptionExID32 = TBD10 522    |         Field Length = 4      |
|                           0xE2D4C3D9                          |
:                           ...                                 :
]]></artwork>                                 :]]></artwork>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <t>IPFIX security considerations are discussed in <xref section="11" sectionFormat="of" target="RFC7011"/>.</t>
      <t>ipv6ExtensionHeadersChainLength and ipv6ExtensionHeadersLimit IEs can be exploited by an unauthorized observer as a means to deduce the processing capabilities of nodes. <xref section="8" sectionFormat="of" target="RFC7012"/> discusses the required measures to guarantee the integrity and confidentiality of the exported information.</t>
      <t>This document does not add new security considerations for exporting IEs other than those already discussed in <xref section="8" sectionFormat="of" target="RFC7012"/>.</t>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <section anchor="deprecate-ipv6extensionheaders-and-tcpoptions-information-elements">
        <name>Deprecate ipv6ExtensionHeaders and tcpOptions Information Elements</name>
        <t>This document requests IANA to update
        <t>IANA has updated the "IPFIX Information Elements" registry under the "IP Flow Information Export (IPFIX) Entities" registry group <xref target="IANA-IPFIX"/> as follows:</t>
        <ul spacing="normal">
            <t>Update the
            <t>The ipv6ExtensionHeaders IE (64) entry by marking it has been marked as deprecated in favor of the ipv6ExtensionHeadersFull IE defined in this document. This note should also be is echoed in the "Additional Information" of the ipv6ExtensionHeaders IE.</t>
            <t>Update the
            <t>The tcpOptions IE (209) entry by marking it has been marked as deprecated in favor of the tcpOptionsFull IE defined in this document. This note should also be is echoed in the "Additional Information" of the tcpOptions IE.</t>
            <t>Add the
            <t>The following has been added to the "Additional Information" of both the ipv6ExtensionHeaders and tcpOptions IEs:  </t>
            <ul spacing="normal">
                <t>This Information Element was initially specified in <xref target="RFC5102"/>.</t>
                <t><xref target="RFC7012"/> has obsoleted <xref target="RFC5102"/> and specifies that <xref target="IANA-IPFIX"/> is the normative reference for this Information Element.</t>
        <t>IANA is also requested to update
        <t>Also, IANA has updated the reference of ipv6ExtensionHeaders IE (64) and tcpOptions IE (209) to point to this document.</t>
      <section anchor="ipfix-information-elements">
        <name>IPFIX Information Elements</name>
        <t>This document requests IANA to add
        <t>IANA has added the following new IPFIX IEs to the "IPFIX Information Elements" registry under the "IP Flow Information Export (IPFIX) Entities" registry group <xref target="IANA-IPFIX"/>:</t>
        <table anchor="iana-new-ies">
          <name>New IPFIX Information Elements</name>
              <th align="left">ElementID</th>
              <th align="left">Name</th>
              <th align="left">Specification</th>
              <td align="left">TBD1</td> align="left">513</td>
              <td align="left">ipv6ExtensionHeader</td> align="left">ipv6ExtensionHeaderType</td>
              <td align="left">
                <xref align="left"><xref target="sec-v6ehtype"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD2</td> align="left">514</td>
              <td align="left">ipv6ExtensionHeaderCount</td>
              <td align="left">
                <xref target="sec-v6ehcount"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD3</td> align="left">515</td>
              <td align="left">ipv6ExtensionHeadersFull</td>
              <td align="left">
                <xref target="sec-v6full"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD4</td> align="left">516</td>
              <td align="left">ipv6ExtensionHeaderTypeCountList</td>
              <td align="left">
                <xref target="sec-v6count"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD5</td> align="left">517</td>
              <td align="left">ipv6ExtensionHeadersLimit</td>
              <td align="left">
                <xref target="sec-v6limit"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD6</td> align="left">518</td>
              <td align="left">ipv6ExtensionHeadersChainLength</td>
              <td align="left">
                <xref target="sec-v6aggr"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD7</td> align="left">519</td>
              <td align="left">ipv6ExtensionHeaderChainLengthList</td>
              <td align="left">
                <xref target="sec-v6chain-list"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD8</td> align="left">520</td>
              <td align="left">tcpOptionsFull</td>
              <td align="left">
                <xref target="sec-tcpfull"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD9</td> align="left">521</td>
              <td align="left">tcpSharedOptionExID16</td>
              <td align="left">
                <xref target="sec-tcpExID16"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD10</td> align="left">522</td>
              <td align="left">tcpSharedOptionExID32</td>
              <td align="left">
                <xref target="sec-tcpExID32"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD11</td> align="left">523</td>
              <td align="left">tcpSharedOptionExID16List</td>
              <td align="left">
                <xref target="sec-ex"/> of This-Document</td> RFC 9740</td>
              <td align="left">TBD12</td> align="left">524</td>
              <td align="left">tcpSharedOptionExID32List</td>
              <td align="left">
                <xref target="sec-ex32"/> of This-Document</td> RFC 9740</td>
        <ul empty="true">
              <dt>Note to IANA:</dt>
                <t>The "Specification" column points to the section with the required information to register each IE.</t>
              <dt>Note to the RFC Editor:</dt>
                <t>Please remove the IANA note once IANA actions are implemented.</t>

      <section anchor="ipfix-information-element-data-type">
        <name>IPFIX Information Element Data Type</name>
        <t>This document requests IANA to add
        <t>IANA has added the following new abstract data type to the "IPFIX Information Element Data Types" registry under the "IP Flow Information Export (IPFIX) Entities" registry group <xref target="IANA-IPFIX"/>:</t>
        <table anchor="iana-new-dt">
          <name>New IPFIX Information Element Data Type</name>
              <th align="left">Value</th>
              <th align="left">Description</th>
              <th align="left">Reference</th>
              <td align="left">TBD10</td> align="left">23</td>
              <td align="left">unsigned256</td>
              <td align="left">This-Document</td> align="left">RFC 9740</td>
        <section anchor="unsigned256">
          <t>The type "unsigned256" represents a non-negative integer value in the
range of '0' to '2^256 '2<sup>256</sup> - 1'. Similar to <xref section="6.1.1" sectionFormat="of" target="RFC7011"/>, this type <bcp14>MUST</bcp14> be encoded using the default canonical format in network byte order.</t>
          <t>Reduced-size encoding (<xref section="6.2" sectionFormat="of" target="RFC7011"/>) applies to this data type. The reduction in size can be to any number of octets smaller than the unsigned256 type if the data value still fits, i.e., so that only leading zeroes zeros are dropped.</t>
      <section anchor="sec-iana-eh">
        <name>IPFIX Subregistry Registry for IPv6 Extension Headers</name>
        <t>This document requests IANA to create
        <t>IANA has created a new registry entitled "ipv6ExtensionHeaders "IPFIX ipv6ExtensionHeaders Bits" under in the IANA IPFIX registry group <xref target="IANA-IPFIX"/>.</t>
        <t>When a new code is assigned to an IPv6 EH in <xref target="IANA-EH"/>, the next available free bit is selected by IANA for this EH from "ipv6ExtensionHeaders the "IPFIX ipv6ExtensionHeaders Bits" registry registry, and the registry is updated with the details that mirror the assigned EH. The "Label" mirrors the "keyword" of an EH as indicated in <xref target="IANA-Protocols"/>, while the "Protocol Number" mirrors the "Protocol Number" in <xref target="IANA-EH"/>. IANA is requested to add has added the following note to <xref target="IANA-EH"/>:</t>
        <ul empty="true">

<!-- Note exactly matches https://www.iana.org/assignments/ipv6-parameters -->
        <t indent="3">Note: When a new code is assigned to an IPv6 Extension Header, the next available free bit in [NEW_IPFIX_IPv6EH_SUBREGISTRY] <xref target="IANA-IPFIX-IPv6EH"/> is selected for this new Extension Header. [NEW_IPFIX_IPv6EH_SUBREGISTRY] <xref target="IANA-IPFIX-IPv6EH"/> is updated accordingly. Modifications to existing registrations must be mirrored in [NEW_IPFIX_IPv6EH_SUBREGISTRY].</t>
        <ul empty="true">
            <t>Note to the RFC Editor: Please replace [NEW_IPFIX_IPv6EH_SUBREGISTRY] with the link used by IANA for this new registry.</t>
        </ul> <xref target="IANA-IPFIX-IPv6EH"/>.</t>
<!-- end -->

        <t>Otherwise, the registration policy for the registry is Expert Review (<xref section="4.5" sectionFormat="of" target="RFC8126"/>). See more details in <xref target="sec-de"/>.</t>
        <section anchor="sec-initial">
          <name>Initial Values</name>
          <t>The initial values of this registry are provided in <xref target="iana-new-eh"/>.</t>
          <table anchor="iana-new-eh">
            <name>Initial Values of the IPv6 Extension Headers IPFIX Subregistry</name> "IPFIX ipv6ExtensionHeaders Bits" Registry</name>
                <th align="left">Bit</th>
                <th align="left">Label</th>
                <th align="left">Protocol Number</th>
                <th align="left">Description</th>
                <th align="left">Reference</th>
                <td align="left">0</td>
                <td align="left">DST</td>
                <td align="left">60</td>
                <td align="left">Destination Options for IPv6</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">1</td>
                <td align="left">HOP</td>
                <td align="left">0</td>
                <td align="left">IPv6 Hop-by-Hop Options</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">2</td>
                <td align="left">NoNxt</td>
                <td align="left">59</td>
                <td align="left">No Next Header for IPv6</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">3</td>
                <td align="left">UNK</td>
                <td align="left"> </td> align="left"></td>
                <td align="left">Unknown extension or transport header</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">4</td>
                <td align="left">FRA0</td>
                <td align="left">44</td>
                <td align="left">Fragment header - first fragment</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">5</td>
                <td align="left">RH</td>
                <td align="left">43</td>
                <td align="left">Routing header</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">6</td>
                <td align="left">FRA1</td>
                <td align="left">44</td>
                <td align="left">Fragmentation header - not first fragment</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">7</td>
                <td align="left">MOB</td>
                <td align="left">135</td>
                <td align="left">Mobility Header</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">8</td>
                <td align="left">ESP</td>
                <td align="left">50</td>
                <td align="left">Encapsulating Security Payload</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">9</td>
                <td align="left">AH</td>
                <td align="left">51</td>
                <td align="left">Authentication Header</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">10</td>
                <td align="left">HIP</td>
                <td align="left">139</td>
                <td align="left">Host Identity Protocol</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">11</td>
                <td align="left">SHIM6</td>
                <td align="left">140</td>
                <td align="left">Shim6 Protocol</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">12</td>
                <td align="left"> </td> align="left"></td>
                <td align="left">253</td>
                <td align="left">Use for experimentation and testing</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">13</td>
                <td align="left"> </td> align="left"></td>
                <td align="left">254</td>
                <td align="left">Use for experimentation and testing</td>
                <td align="left">This-Document</td> align="left">RFC 9740</td>
                <td align="left">14 to 255</td>
                <td align="left"> </td> align="left"></td>
                <td align="left"> </td> align="left"></td>
                <td align="left">Unassigned</td>
                <td align="left"> </td> align="left"></td>
        <section anchor="sec-de">
          <name>Guidelines for the Designated Experts</name>
          <t>It is suggested that multiple designated experts be appointed for registry change requests.</t>
          <t>Designated experts are solicited only for changes that are not covered by the automatic mirroring described above. For example, a registration may request two bits for a new EH to cover specific behaviors or uses of that EH.</t>
          <t>Criteria that should be applied by the designated experts include determining whether the proposed registration duplicates existing entries, whether the exception to the automatic mirroring procedure is justified, and whether the registration description is clear and fits the purpose of this registry.</t>
          <t>Within the review period, the designated experts will either approve or deny the registration request, communicating this decision to the IANA. Denials should include an explanation and, if applicable, suggestions as to how to make the request successful.</t>
    <displayreference target="I-D.ietf-6man-eh-limits" to="EH-LIMITS"/>

    <references anchor="sec-combined-references">
      <references anchor="sec-normative-references">
        <name>Normative References</name>

        <reference anchor="IANA-IPFIX" target="https://www.iana.org/assignments/ipfix/ipfix.xhtml"> target="https://www.iana.org/assignments/ipfix">
            <title>IP Flow Information Export (IPFIX) Entities</title>

        <reference anchor="IANA-IPFIX-IPv6EH" target="https://www.iana.org/assignments/ipfix">
            <title>IPFIX ipv6ExtensionHeaders Bits</title>

        <reference anchor="IANA-EH" target="https://www.iana.org/assignments/ipv6-parameters/ipv6-parameters.xhtml#extension-header"> target="https://www.iana.org/assignments/ipv6-parameters">
            <title>Internet Protocol Version 6 (IPv6) Parameters, IPv6
            <title>IPv6 Extension Header Types</title>

        <reference anchor="IANA-TCP" target="https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml#tcp-parameters-1"> target="https://www.iana.org/assignments/tcp-parameters">
            <title>Transmission Control Protocol (TCP) Parameters, TCP
            <title>TCP Option Kind Numbers</title>

        <reference anchor="IANA-TCP-EXIDs" target="https://www.iana.org/assignments/tcp-parameters/tcp-parameters.xhtml#tcp-exids"> anchor="IANA-TCP-ExIDs" target="https://www.iana.org/assignments/tcp-parameters">
            <title>Transmission Control Protocol (TCP) Parameters, TCP
            <title>TCP Experimental Option Experiment Identifiers (TCP ExIDs)</title>

        <reference anchor="IANA-Protocols" target="https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml"> target="https://www.iana.org/assignments/protocol-numbers">
            <title>Protocol Numbers</title>
        <reference anchor="RFC7011">
            <title>Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information</title>
            <author fullname="B. Claise" initials="B." role="editor" surname="Claise"/>
            <author fullname="B. Trammell" initials="B." role="editor" surname="Trammell"/>
            <author fullname="P. Aitken" initials="P." surname="Aitken"/>
            <date month="September" year="2013"/>
              <t>This document specifies the IP Flow Information Export (IPFIX) protocol, which serves as a means for transmitting Traffic Flow information over the network. In order to transmit Traffic Flow information from an Exporting Process to a Collecting Process, a common representation of flow data and a standard means of communicating them are required. This document describes how the IPFIX Data and Template Records are carried over a number of transport protocols from an IPFIX Exporting Process to an IPFIX Collecting Process. This document obsoletes RFC 5101.</t>
          <seriesInfo name="STD" value="77"/>
          <seriesInfo name="RFC" value="7011"/>
          <seriesInfo name="DOI" value="10.17487/RFC7011"/>
        <reference anchor="RFC7012">
            <title>Information Model for IP Flow Information Export (IPFIX)</title>
            <author fullname="B. Claise" initials="B." role="editor" surname="Claise"/>
            <author fullname="B. Trammell" initials="B." role="editor" surname="Trammell"/>
            <date month="September" year="2013"/>
              <t>This document defines the data types and management policy for the information model for the IP Flow Information Export (IPFIX) protocol. This information model is maintained as the IANA "IPFIX Information Elements" registry, the initial contents of which were defined by RFC 5102. This information model is used by the IPFIX protocol for encoding measured traffic information and information related to the traffic Observation Point, the traffic Metering Process, and the Exporting Process. Although this model was developed for the IPFIX protocol, it is defined in an open way that allows it to be easily used in other protocols, interfaces, and applications. This document obsoletes RFC 5102.</t>
          <seriesInfo name="RFC" value="7012"/>
          <seriesInfo name="DOI" value="10.17487/RFC7012"/>
        <reference anchor="RFC8200">
            <title>Internet Protocol, Version 6 (IPv6) Specification</title>
            <author fullname="S. Deering" initials="S." surname="Deering"/>
            <author fullname="R. Hinden" initials="R." surname="Hinden"/>
            <date month="July" year="2017"/>
              <t>This document specifies version 6 of the Internet Protocol (IPv6). It obsoletes RFC 2460.</t>
          <seriesInfo name="STD" value="86"/>
          <seriesInfo name="RFC" value="8200"/>
          <seriesInfo name="DOI" value="10.17487/RFC8200"/>
        <reference anchor="RFC6994">
            <title>Shared Use of Experimental TCP Options</title>
            <author fullname="J. Touch" initials="J." surname="Touch"/>
            <date month="August" year="2013"/>
              <t>This document describes how the experimental TCP option codepoints can concurrently support multiple TCP extensions, even within the same connection, using a new IANA TCP experiment identifier. This approach is robust to experiments that are not registered and to those that do not use this sharing mechanism. It is recommended for all new TCP options that use these codepoints.</t>
          <seriesInfo name="RFC" value="6994"/>
          <seriesInfo name="DOI" value="10.17487/RFC6994"/>
        <reference anchor="RFC2119">
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        <reference anchor="RFC8174">
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        <reference anchor="RFC9293">
            <title>Transmission Control Protocol (TCP)</title>
            <author fullname="W. Eddy" initials="W." role="editor" surname="Eddy"/>
            <date month="August" year="2022"/>
              <t>This document specifies the Transmission Control Protocol (TCP). TCP is an important transport-layer protocol in the Internet protocol stack, and it has continuously evolved over decades of use and growth of the Internet. Over this time, a number of changes have been made to TCP as it was specified in RFC 793, though these have only been documented in a piecemeal fashion. This document collects and brings those changes together with the protocol specification from RFC 793. This document obsoletes RFC 793, as well as RFCs 879, 2873, 6093, 6429, 6528, and 6691 that updated parts of RFC 793. It updates RFCs 1011 and 1122, and it should be considered as a replacement for the portions of those documents dealing with TCP requirements. It also updates RFC 5961 by adding a small clarification in reset handling while in the SYN-RECEIVED state. The TCP header control bits from RFC 793 have also been updated based on RFC 3168.</t>
          <seriesInfo name="STD" value="7"/>
          <seriesInfo name="RFC" value="9293"/>
          <seriesInfo name="DOI" value="10.17487/RFC9293"/>
        <reference anchor="RFC6313">
            <title>Export of Structured Data in IP Flow Information Export (IPFIX)</title>
            <author fullname="B. Claise" initials="B." surname="Claise"/>
            <author fullname="G. Dhandapani" initials="G." surname="Dhandapani"/>
            <author fullname="P. Aitken" initials="P." surname="Aitken"/>
            <author fullname="S. Yates" initials="S." surname="Yates"/>
            <date month="July" year="2011"/>
              <t>This document specifies an extension to the IP Flow Information Export (IPFIX) protocol specification in RFC 5101 and the IPFIX information model specified in RFC 5102 to support hierarchical structured data and lists (sequences) of Information Elements in data records. This extension allows definition of complex data structures such as variable-length lists and specification of hierarchical containment relationships between Templates. Finally, the semantics are provided in order to express the relationship among multiple list elements in a structured data record. [STANDARDS-TRACK]</t>
          <seriesInfo name="RFC" value="6313"/>
          <seriesInfo name="DOI" value="10.17487/RFC6313"/>
        <reference anchor="RFC8126">
            <title>Guidelines for Writing an IANA Considerations Section in RFCs</title>
            <author fullname="M. Cotton" initials="M." surname="Cotton"/>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <author fullname="T. Narten" initials="T." surname="Narten"/>
            <date month="June" year="2017"/>
              <t>Many protocols make use of points of extensibility that use constants to identify various protocol parameters. To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper. For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA).</t>
              <t>To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed. This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry.</t>
              <t>This is the third edition of this document; it obsoletes RFC 5226.</t>
          <seriesInfo name="BCP" value="26"/>
          <seriesInfo name="RFC" value="8126"/>
          <seriesInfo name="DOI" value="10.17487/RFC8126"/>

	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7011.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7012.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8200.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6994.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9293.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.6313.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8126.xml"/>

      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="RFC5102">
            <title>Information Model for IP Flow Information Export</title>
            <author fullname="J. Quittek" initials="J." surname="Quittek"/>
            <author fullname="S. Bryant" initials="S." surname="Bryant"/>
            <author fullname="B. Claise" initials="B." surname="Claise"/>
            <author fullname="P. Aitken" initials="P." surname="Aitken"/>
            <author fullname="J. Meyer" initials="J." surname="Meyer"/>
            <date month="January" year="2008"/>
              <t>This memo defines an information model for the IP Flow Information eXport (IPFIX) protocol. It is used by the IPFIX protocol for encoding measured traffic information and information related to the traffic Observation Point, the traffic Metering Process, and the Exporting Process. Although developed for the IPFIX protocol, the model is defined in an open way that easily allows using it in other protocols, interfaces, and applications. [STANDARDS-TRACK]</t>
          <seriesInfo name="RFC" value="5102"/>
          <seriesInfo name="DOI" value="10.17487/RFC5102"/>
        <reference anchor="RFC8883">
            <title>ICMPv6 Errors for Discarding Packets Due to Processing Limits</title>
            <author fullname="T. Herbert" initials="T." surname="Herbert"/>
            <date month="September" year="2020"/>
              <t>Network nodes may discard packets if they are unable to process protocol headers of packets due to processing constraints or limits. When such packets are dropped, the sender receives no indication, so it cannot take action to address the cause of discarded packets. This specification defines several new ICMPv6 errors that can be sent by a node that discards packets because it is unable to process the protocol headers. A node that receives such an ICMPv6 error may use the information to diagnose packet loss and may modify what it sends in future packets to avoid subsequent packet discards.</t>
          <seriesInfo name="RFC" value="8883"/>
          <seriesInfo name="DOI" value="10.17487/RFC8883"/>
        <reference anchor="I-D.ietf-6man-eh-limits">
            <title>Limits on Sending and Processing IPv6 Extension Headers</title>
            <author fullname="Tom Herbert" initials="T." surname="Herbert">
            <date day="12" month="June" year="2024"/>
              <t>   This specification defines various limits that may be applied to
   receiving, sending, and otherwise processing packets that contain
   IPv6 extension headers.  The need for such limits is pragmatic to
   facilitate interoperability amongst hosts and routers in the presence
   of extension headers, thereby increasing the feasibility of
   deployment of extension headers.  The limits described herein
   establish the minimum baseline of support for use of extension
   headers on the Internet.  If it is known that all communicating
   parties for a particular communication, including destination hosts
   and any routers in the path, are capable of supporting more than the
   baseline then these default limits may be freely exceeded.

          <seriesInfo name="Internet-Draft" value="draft-ietf-6man-eh-limits-13"/>
        <reference anchor="RFC7872">
            <title>Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World</title>
            <author fullname="F. Gont" initials="F." surname="Gont"/>
            <author fullname="J. Linkova" initials="J." surname="Linkova"/>
            <author fullname="T. Chown" initials="T." surname="Chown"/>
            <author fullname="W. Liu" initials="W." surname="Liu"/>
            <date month="June" year="2016"/>
              <t>This document presents real-world data regarding the extent to which packets with IPv6 Extension Headers (EHs) are dropped in the Internet (as originally measured in August 2014 and later in June 2015, with similar results) and where in the network such dropping occurs. The aforementioned results serve as a problem statement that is expected to trigger operational advice on the filtering of IPv6 packets carrying IPv6 EHs so that the situation improves over time. This document also explains how the results were obtained, such that the corresponding measurements can be reproduced by other members of the community and repeated over time to observe changes in the handling of packets with IPv6 EHs.</t>
          <seriesInfo name="RFC" value="7872"/>
          <seriesInfo name="DOI" value="10.17487/RFC7872"/>
        <reference anchor="RFC9098">
            <title>Operational Implications of IPv6 Packets with Extension Headers</title>
            <author fullname="F. Gont" initials="F." surname="Gont"/>
            <author fullname="N. Hilliard" initials="N." surname="Hilliard"/>
            <author fullname="G. Doering" initials="G." surname="Doering"/>
            <author fullname="W. Kumari" initials="W." surname="Kumari"/>
            <author fullname="G. Huston" initials="G." surname="Huston"/>
            <author fullname="W. Liu" initials="W." surname="Liu"/>
            <date month="September" year="2021"/>
              <t>This document summarizes the operational implications of IPv6 extension headers specified in the IPv6 protocol specification (RFC 8200) and attempts to analyze reasons why packets with IPv6 extension headers are often dropped in the public Internet.</t>
          <seriesInfo name="RFC" value="9098"/>
          <seriesInfo name="DOI" value="10.17487/RFC9098"/>
        <reference anchor="RFC7974">
            <title>An Experimental TCP Option for Host Identification</title>
            <author fullname="B. Williams" initials="B." surname="Williams"/>
            <author fullname="M. Boucadair" initials="M." surname="Boucadair"/>
            <author fullname="D. Wing" initials="D." surname="Wing"/>
            <date month="October" year="2016"/>
              <t>Recent RFCs have discussed issues with host identification in IP address-sharing systems, such as address/prefix-sharing devices and application-layer proxies. Potential solutions for revealing a host identifier in shared address deployments have also been discussed. This memo describes the design, deployment, and privacy considerations for one such solution in operational use on the Internet today that uses a TCP option to transmit a host identifier.</t>
          <seriesInfo name="RFC" value="7974"/>
          <seriesInfo name="DOI" value="10.17487/RFC7974"/>
        <reference anchor="RFC8547">
            <title>TCP-ENO: Encryption Negotiation Option</title>
            <author fullname="A. Bittau" initials="A." surname="Bittau"/>
            <author fullname="D. Giffin" initials="D." surname="Giffin"/>
            <author fullname="M. Handley" initials="M." surname="Handley"/>
            <author fullname="D. Mazieres" initials="D." surname="Mazieres"/>
            <author fullname="E. Smith" initials="E." surname="Smith"/>
            <date month="May" year="2019"/>
              <t>Despite growing adoption of TLS, a significant fraction of TCP traffic on the Internet remains unencrypted. The persistence of unencrypted traffic can be attributed to at least two factors. First, some legacy protocols lack a signaling mechanism (such as a STARTTLS command) by which to convey support for encryption, thus making incremental deployment impossible. Second, legacy applications themselves cannot always be upgraded and therefore require a way to implement encryption transparently entirely within the transport layer. The TCP Encryption Negotiation Option (TCP-ENO) addresses both of these problems through a new TCP option kind providing out-of-band, fully backward-compatible negotiation of encryption.</t>
          <seriesInfo name="RFC" value="8547"/>
          <seriesInfo name="DOI" value="10.17487/RFC8547"/>
        <reference anchor="RFC7609">
            <title>IBM's Shared Memory Communications over RDMA (SMC-R) Protocol</title>
            <author fullname="M. Fox" initials="M." surname="Fox"/>
            <author fullname="C. Kassimis" initials="C." surname="Kassimis"/>
            <author fullname="J. Stevens" initials="J." surname="Stevens"/>
            <date month="August" year="2015"/>
              <t>This document describes IBM's Shared Memory Communications over RDMA (SMC-R) protocol. This protocol provides Remote Direct Memory Access (RDMA) communications to TCP endpoints in a manner that is transparent to socket applications. It further provides for dynamic discovery of partner RDMA capabilities and dynamic setup of RDMA connections, as well as transparent high availability and load balancing when redundant RDMA network paths are available. It maintains many of the traditional TCP/IP qualities of service such as filtering that enterprise users demand, as well as TCP socket semantics such as urgent data.</t>
          <seriesInfo name="RFC" value="7609"/>
          <seriesInfo name="DOI" value="10.17487/RFC7609"/>

	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5102.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8883.xml"/>

<!-- [I-D.ietf-6man-eh-limits] IESG State: IESG Evaluation 2025-02-17 -->
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml3/reference.I-D.ietf-6man-eh-limits.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7872.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.9098.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7974.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.8547.xml"/>
	<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.7609.xml"/>

    <?line 775?>

<section numbered="false" anchor="acknowledgments">
      <t>Thanks to Paul Aitken, Éric Vyncke, and Joe Touch <contact fullname="Paul Aitken"/>, <contact fullname="Éric
      Vyncke"/>, and <contact fullname="Joe Touch"/> for the reviews and
      comments. Special thanks to Andrew Feren <contact fullname="Andrew Feren"/> for
      sharing data about scans of IPFIX data he collected.</t>
      <t>Thanks to Wesley Eddy <contact fullname="Wesley Eddy"/> for the tsvart review, Yingzhen Qu
      <contact fullname="Yingzhen Qu"/> for the opsdir review, Dirk <contact
      fullname="Dirk Von Hugo Hugo"/> for intdir review, Joel Halpern <contact fullname="Joel
      Halpern"/> for the genart review, and Tero Kivinen <contact fullname="Tero Kivinen"/>
      for the secdir review.</t>
      <t>Thanks to Thomas Graf <contact fullname="Thomas Graf"/> for the Shepherd review.</t>
      <t>Thanks to Mahesh Jethanandani <contact fullname="Mahesh Jethanandani"/> for the AD review.</t>
      <t>Thanks to Éric Vyncke, Erik Kline, Roman Danyliw, and Zaheduzzaman Sarker <contact fullname="Éric Vyncke"/>, <contact fullname="Erik
      Kline"/>, <contact fullname="Roman Danyliw"/>, and <contact
      fullname="Zaheduzzaman Sarker"/> for the IESG review.</t>
  <!-- ##markdown-source:
