All things related to multicast

[Bill Nickless <>]

Please see the attached Draft.  If appropriate, I would like to discuss it 
at the MBONED working group meeting at IETF-54 in Yokohama.

Of course, comments and corrections are invited.  I would be especially 
interested in giving credit to people or documents that I have 
inadvertently missed.

Abstract:

   Some IPv4 multicast datagrams should not be routed, either within an
   administrative domain or between administrative domains.  A list of
   those restrictions is supplied here.  These restrictions SHOULD be
   respected by IPv4 multicast applications, and included in network
   device access control lists.

This Draft is also available at:

http://www-fp.mcs.anl.gov/~nickless/draft-nickless-ipv4-mcast-unusable-01.txt

==== Draft Follows ====


   Internet Draft                                           B. Nickless
   Document: draft-nickless-ipv4-mcast-unusable-       Argonne National
   01.txt                                                    Laboratory
   Expires: December 2002                                     June 2002


            IPv4 Multicast Unusable Group And Source Addresses


1. Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six
   months and may be updated, replaced, or obsoleted by other documents
   at any time.  It is inappropriate to use Internet-Drafts as
   reference material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
        http://www.ietf.org/ietf/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
        http://www.ietf.org/shadow.html.


2. Abstract

   Some IPv4 multicast datagrams should not be routed, either within an
   administrative domain or between administrative domains.  A list of
   those restrictions is supplied here.  These restrictions SHOULD be
   respected by IPv4 multicast applications, and included in network
   device access control lists.


   Nickless     Informational - Expires December 2002               1
                    IPv4 Multicast Unusable Group           June 2001
                           And Source Addresses

3. Table of Contents

   1. Status of this Memo.............................................1
   2. Abstract........................................................1
   4. Conventions used in this document...............................2
   5. Background......................................................2
   6. Specific (Source,Group) Restrictions............................2
   7. Unusable Locally................................................4
   8. Unusable Inter-domain...........................................4
   9. No Flooding of Knowledge of Active Sources......................5
   9. Security Considerations.........................................5
   10. Acknowledgements...............................................6
   11. References.....................................................6
   12. Author's Address...............................................7


4. Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-2119 [RFC2119].


5. Background

   IPv4 multicast [MCAST] is an internetwork service that allows IPv4
   datagrams sent from a source to be delivered to one or more
   interested receiver(s).  That is, a given source sends a packet the
   network with a destination address 224/4 CIDR [CIDR] range.  The
   network transports this packet to all receivers (replicated where
   necessary) that have registered their interest in receiving these
   packets.

   Some combinations of Source Address and Group Address SHOULD NOT be
   routed for various reasons.  This note describes those restrictions
   so they can be:

    - Avoided by applications, especially those that choose multicast
      groups on a random or ad-hoc basis.
    - Properly reflected in network device restriction lists.


6. Specific (Source,Group) Restrictions

   Following is a list of (Source,Group) ranges that should not be used
   or routed in certain circumstances.  Each range is associated with a
   brief explanation and a cross-reference to a fuller explanation to
   be found in following sections of this note.

   (*,224.0.1.2/32)       SGI-Dogfight                    Section 8.4
   (*,224.0.1.3/32)       Rwhod                           Section 8.5

   Nickless     Informational - Expires December 2002               2
                    IPv4 Multicast Unusable Group           June 2001
                           And Source Addresses

   (*,224.0.1.22/32)      SVRLOC                          Section 8.4
   (*,224.0.1.22/32)      Microsoft-DS                    Section 8.4
   (*,224.0.1.35/32)      SVRLOC-DA                       Section 8.5
   (*,224.0.1.39/32)      CISCO-RP-ANNOUNCE               Section 8.5
   (*,224.0.1.40/32)      CISCO-RP-DISCOVERY              Section 8.5
   (*,224.0.2.2/32)       SUN-RPC                         Section 8.4
   (*,224.77.0.0/16)      Norton Ghost                    Section 8.3
   (*,224.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,225.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,225.1.2.3/32)       Altiris                         Section 8.3
   (*,225.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,226.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,226.77.0.0/16)      Norton Ghost                    Section 8.3
   (*,226.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,227.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,227.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,228.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,228.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,229.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,229.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,230.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,230.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,231.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,231.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,232.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,232.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,233.0.0.0/8)        Source-Specific Multicast       Section 9.1
   (*,233.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,233.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,234.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,234.42.42.42/32)    Phoenix/StorageSoft ImageCast   Section 8.3
   (*,234.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,234.142.142.42/31)  Phoenix/StorageSoft ImageCast   Section 8.3
   (*,234.142.142.44/30)  Phoenix/StorageSoft ImageCast   Section 8.3
   (*,234.142.142.48/28)  Phoenix/StorageSoft ImageCast   Section 8.3
   (*,234.142.142.64/26)  Phoenix/StorageSoft ImageCast   Section 8.3
   (*,234.142.142.128/29) Phoenix/StorageSoft ImageCast   Section 8.3
   (*,234.142.142.136/30) Phoenix/StorageSoft ImageCast   Section 8.3
   (*,234.142.142.140/31) Phoenix/StorageSoft ImageCast   Section 8.3
   (*,234.142.142.142/32) Phoenix/StorageSoft ImageCast   Section 8.3
   (*,235.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,235.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,236.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,236.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,237.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,237.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,238.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,238.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1
   (*,239.0.0.0/8)        Administratively Scoped Groups  Section 8.1
   (*,239.0.0.0/24)       Control plane of IGMP snoopers  Section 7.1
   (*,239.128.0.0/24)     Control plane of IGMP snoopers  Section 7.1

   (10.0.0.0/8,*)         Private Address Space           Section 8.2

   Nickless     Informational - Expires December 2002               3
                    IPv4 Multicast Unusable Group           June 2001
                           And Source Addresses

   (127.0.0.0/8,*)        Loopback Address Space          Section 8.2
   (172.16.0.0/12,*)      Private Address Space           Section 8.2
   (192.168.0.0/16,*)     Private Address Space           Section 8.2

7. Unusable Locally

   Multicast datagrams that match the criteria in this section SHOULD
   NOT be used, even on local, unrouted subnetworks.

   7.1 Groups processed in the control plane of IGMP-snooping switches.

   [MCAST] describes the mapping of IPv4 Multicast Group addresses to
   Ethernet MAC addresses, as follows:

        An IP host group address is mapped to an Ethernet multicast
        address by placing the low-order 23-bits of the IP address
        into the low-order 23 bits of the Ethernet multicast address
        01-00-5E-00-00-00 (hex).   Because there are 28 significant
        bits in an IP host group address, more than one host group
        address may map to the same Ethernet multicast address.

   Multicast group addresses in the 224.0.0.0/24 range are used for
   local subnetwork control.  This maps to the Ethernet multicast
   address range 01-00-5E-00-00-XX, where XX is 00 through FF.
   Ethernet frames within this range are always processed in the
   control plane of many popular network devices, such as IGMP-snooping
   switches.

   Because of the many-to-one mapping of IPv4 Multicast Group Addresses
   to Ethernet MAC addresses, it is possible to overwhelm the control
   plane of network devices by sending to group addresses that map into
   the 01-00-5E-00-00-XX (hex) range.

8. Unusable Inter-domain

   Multicast datagrams that match the criteria in this section SHOULD
   NOT be routed between administrative domains.

   Section 7 (Unusable Locally) is incorporated here by reference.

   8.1 Administratively Scoped Addresses

   RFC 2366 [ADMIN] defines 239.0.0.0/8 for use within an
   administrative domain.  As such, datagrams with group addresses that
   match 239.0.0.0/8 SHOULD NOT be passed between administrative
   domains.

   8.2 Private and Loopback IPv4 Addresses

   RFC 1918 [PRIVATE] defines certain ranges of IPv4 unicast addresses
   that can be used within an administrative domain.  Multicast
   datagrams are no exception to the rule that datagrams addressed

   Nickless     Informational - Expires December 2002               4
                    IPv4 Multicast Unusable Group           June 2001
                           And Source Addresses

   within these ranges SHOULD NOT be passed between administrative
   domains.

   127.0.0.0/8 is widely used for internal host addressing, and is
   generally not valid on datagrams passed between hosts.

   8.3 Personal Computer Deployment and Control Applications

   The Norton Ghost [GHOST], Phoenix/StorageSoft ImageCast [IMCAST],
   and Altiris [ALTIRIS] applications are used to duplicate files and
   filesystems from servers to clients, and to otherwise maintain
   groups of Personal Computers.  They are intended to be used on a
   local subnet or within an administrative domain, but the default
   addresses used by the software are not within the administratively-
   scoped range 239.0.0.0/8 (see Section 8.1 above).

   8.4 Known Insecure Services

   Applications that use certain multicast group addresses have been
   demonstrated to be vulnerable to exploitation, leading to serious
   security problems.

   8.5 Internal Resource Discovery

   Applications that use certain multicast group addresses are used to
   discover resources within an administrative domain.


9. No Flooding of Knowledge of Active Sources

   In the absence of explicit requests by interested receivers,
   multicast datagrams that match the criteria in this section SHOULD
   NOT be transmitted across administrative domain boundaries.

   The knowledge of active sources that match the criteria in this
   section SHOULD NOT be passed between administrative domains.

   Sections 7 and 8 are incorporated here by reference.

   9.1 Source-Specific Multicast

   Multicast datagrams addressed within 233.0.0.0/8 (See [IANA]) are
   used in the Source-Specific Multicast regime.  Interested recipients
   request traffic from specific sources using specific group
   addresses.  Knowledge of active sources is not flooded throughout
   the Internet, as it is the responsibility of the application to
   discover the active sources.


9. Security Considerations

   Low to moderate multicast traffic levels, using addresses within
   these Section 7.1 Multicast Group Address ranges, can result in

   Nickless     Informational - Expires December 2002               5
                    IPv4 Multicast Unusable Group           June 2001
                           And Source Addresses

   severe denial of service on network devices that process frames with
   Ethernet MAC addresses in the 01-00-5E-00-00-XX (hex) range in the
   control plane.

   Interdomain forwarding of multicast traffic generated by certain
   multicast applications (see Section 8.3) can result in internal
   enterprise data being replicated far beyond that which was intended.

   Interdomain forwarding of multicast traffic on certain multicast
   groups (see Section 8.4) can lead to compromise of host systems.


10. Acknowledgements

   The author relied heavily on a list of problematic groups maintained
   by Cisco Systems, especially Beau Williamson and his colleagues.

   Jay Ford and Alan Croswell provided references for the Norton Ghost
   restriction.

   This work was supported by the Mathematical, Information, and
   Computational Sciences Division subprogram of the Office of Advanced
   Scientific Computing Research, U.S. Department of Energy, under
   Contract W-31-109-Eng-38.

11. References

   [RFC2119] RFC 2119: Key Words for use in RFCs to Indicate
      Requirement Levels.  S. Bradner.  March 1997.

   [MCAST] RFC 1112: Host extensions for IP multicasting. S.E. Deering.
      Aug-01-1989.

   [CIDR] RFC 1519: Classless Inter-Domain Routing (CIDR): an Address
      Assignment and Aggregation Strategy. V. Fuller, T. Li, J. Yu, K.
      Varadhan. September 1993.

   [ADMIN] RFC 2365: Administratively Scoped IP Multicast.  D. Meyer.
      July 1998.

   [PRIVATE] RFC 1918: Address Allocation for Private Internets.  Y
      Rekhter, B. Moskowitz, D. Karrenberg, G. J. de Groot, E. Lear.
      February 1996.

   [GHOST] Symantec.
      http://service2.symantec.com/SUPPORT/ghost.nsf/docid/
      1999033015222425

   [IMCAST] Phoenix Technologies.
      http://www.storagesoft.com/products/imagecast



   Nickless     Informational - Expires December 2002               6
                    IPv4 Multicast Unusable Group           June 2001
                           And Source Addresses


   [ALTIRIS] Altiris
      http://www.altiris.com/support/docs/altirisexpress/
      axtechref41.pdf

   [IANA] Internet Assigned Numbers Authority.
      http://www.iana.org/assignments/multicast-addresses

12. Author's Address

   Bill Nickless
   Argonne National Laboratory
   9700 South Cass Avenue #221     Phone:  +1 630 252 7390
   Argonne, IL 60439               Email:  


   Nickless     Informational - Expires December 2002               7

===
Bill Nickless    http://www.mcs.anl.gov/people/nickless      +1 630 252 7390
PGP:0E 0F 16 80 C5 B1 69 52 E1 44 1A A5 0E 1B 74 F7