brian@ucsdUCSD.Edu (Brian Kantor) (09/04/89)
Network Working Group Internet Engineering Task Force
Request for Comments: APPL R. Braden, Editor
May 22, 1989
Requirements for Internet Hosts -- Application Layer
*** DRAFT ***
Status of This Memo
This is a draft of one RFC of a pair that defines and discusses the
requirements for Internet host software. This RFC covers the
application protocol layers; its companion RFC-COMM covers the
communication protocol layers: link layer, IP layer, and transport
layer.
When complete, these two RFC's will be an official specification for
the Internet community. It incorporates by reference, amends,
corrects, and supplements the primary protocol standards documents
relating to hosts. Distribution of this document is unlimited.
This draft incorporates the changes agreed to at the Austin IETF
meeting, January 1989, plus many minor changes suggested by Mike
Karels and by others, plus major changes agreed to by the WG. Most
recent changes are indicated with !, while earlier changes are marked
with | or #. Minor improvements in wording or clarifications are
marked with @.
Table of Contents
1. INTRODUCTION ............................................... 5
1.1 The Internet Architecture .............................. 6
1.2 General Considerations ................................. 6
1.3 Reading this Document .................................. 9
1.3.1 Organization ...................................... 9
1.3.2 Requirements ...................................... 10
1.3.3 Terminology ....................................... 11
Internet Engineering Task Force [Page 1]
***DRAFT RFC*** INTRODUCTION May 22, 1989
2. GENERAL ISSUES ............................................. 13
2.1 Host Names and Numbers ................................. 13
2.2 Application Use Of Domain Services ..................... 13
2.3 Multihoming ............................................ 14
2.4 Type-of-Service ........................................ 14
2.5 UDP-based Applications .............................. 14
3. REMOTE LOGIN -- TELNET PROTOCOL ............................ 16
3.1 INTRODUCTION ........................................... 16
3.2 PROTOCOL WALK-THROUGH .................................. 16
3.2.1 Option Negotiation ................................ 16
3.2.2 Telnet Go-Ahead Function .......................... 16
3.2.3 Control Functions ................................. 17
3.2.4 Using Telnet Synch Sequence ....................... 18
3.2.5 NVT Printer and Keyboard .......................... 19
3.2.6 Telnet Command Structure .......................... 19
3.2.7 Telnet Binary Option .............................. 19
3.2.8 Telnet Terminal-Type Option ....................... 20
3.3 SPECIFIC ISSUES ......................................... 20
3.3.1 Telnet End-of-Line Convention ..................... 20
3.3.2 Data Entry Terminals .............................. 22
3.3.3 Recommended Options ............................... 23
3.3.4 Option Initiation ................................. 24
3.3.5 Telnet Linemode Option ............................ 24
3.4. TELNET/USER INTERFACE .................................. 25
3.4.1 Character Set Transparency ........................ 25
3.4.2 Telnet Commands ................................... 25
3.4.3 TCP Connection Errors ............................. 25
3.4.4 Non-Default Telnet Contact Port ................... 26
3.4.5 Flushing Output ................................... 26
3.5. TELNET REQUIREMENTS SUMMARY ........................... 26
4. FILE TRANSFER .............................................. 28
4.1 FILE TRANSFER PROTOCOL -- FTP .......................... 28
4.1.1 INTRODUCTION ...................................... 28
4.1.2. PROTOCOL WALK-THROUGH ............................ 28
4.1.2.1 LOCAL Type ................................... 28
4.1.2.2 Telnet Format Control ........................ 29
4.1.2.3 Page Structure ............................... 29
4.1.2.4 Data Structure Transformations ............... 29
4.1.2.5 Data Connection Management ................... 30
4.1.2.6 PASV Command ................................. 30
4.1.2.7 LIST and NLST Commands ....................... 30
4.1.2.8 SITE Command ................................. 31
4.1.2.9 STOU Command ................................. 31
4.1.2.10 Telnet End-of-line Code ..................... 31
4.1.2.11 FTP Replies ................................. 31
4.1.2.12 Connections ................................. 32
Internet Engineering Task Force [Page 2]
***DRAFT RFC*** INTRODUCTION May 22, 1989
4.1.2.13 Minimum Implementation; RFC-959 Section ..... 33
4.1.3 SPECIFIC ISSUES ................................... 34
4.1.3.1 Non-standard Command Verbs ................... 34
4.1.3.2 Idle Timeout ................................. 34
4.1.3.3 Concurrency of Data and Control .............. 35
4.1.3.4 FTP Restart Mechanism ........................ 35
4.1.4 FTP/USER INTERFACE ................................ 38
4.1.4.1 Pathname Specification ....................... 38
4.1.4.2 "QUOTE" Command .............................. 38
4.1.4.3 Displaying Replies to User ................... 39
4.1.4.4 Maintaining Synchronization .................. 39
4.1.5 FTP REQUIREMENTS SUMMARY ......................... 39
4.2 TRIVIAL FILE TRANSFER PROTOCOL -- TFTP ................. 42
4.2.1 INTRODUCTION ...................................... 42
4.2.2 PROTOCOL WALK-THROUGH ............................. 42
4.2.2.1 Transfer Modes ............................... 42
4.2.2.2 Sorcerer's Apprentice Syndrome ............... 42
4.2.3 SPECIFIC ISSUES ................................... 44
4.2.3.1 Timeout Algorithms ........................... 44
4.2.3.2 Extensions ................................... 44
4.2.3.3 Access Control ............................... 44
4.2.3.4 Broadcast Request ............................ 44
4.2.4 TFTP REQUIREMENTS SUMMARY ......................... 44
5. ELECTRONIC MAIL -- SMTP and RFC-822 ........................ 46
5.1 INTRODUCTION ........................................... 46
5.2 PROTOCOL WALK-THROUGH .................................. 46
5.2.1 The SMTP Model .................................... 46
5.2.2 Canonicalization .................................. 47
5.2.3 VRFY and EXPN Commands ............................ 47
5.2.4 SEND, SOML, and SAML Commands ..................... 48
5.2.5 HELO Command ...................................... 48
5.2.6 Mail Relay ........................................ 49
5.2.7 RCPT Command ...................................... 50
5.2.8 DATA Command ...................................... 50
5.2.9 SMTP Replies ...................................... 51
5.2.10 Transparency ..................................... 52
5.2.11 WKS Use in MX Processing ......................... 52
5.2.12 RFC-822 Time Zones ............................... 52
5.2.13 RFC-822 Syntax Change ............................ 52
5.2.14 RFC-822 Syntax Errors ............................ 53
5.2.15 RFC-822 Local-part .............................. 53
5.2.16 Domain Literals .................................. 54
5.3 SPECIFIC ISSUES ........................................ 54
5.3.1 SMTP Queueing Strategies .......................... 54
5.3.1.1 Sending Strategy .............................. 54
5.3.1.2 Receiving strategy ........................... 56
5.3.2 Timeouts in SMTP .................................. 56
Internet Engineering Task Force [Page 3]
***DRAFT RFC*** INTRODUCTION May 22, 1989
5.3.3 Reliable Mail Receipt ............................. 58
5.3.4 Reliable Mail Transmission ........................ 59
5.3.5 Domain Name Support ............................... 60
5.3.6 Mailing Lists and Aliases ......................... 60
5.3.7 Mail Gatewaying ................................... 61
5.3.8 Maximum Message Size .............................. 63
5.4 SMTP REQUIREMENTS SUMMARY .............................. 63
6. SUPPORT SERVICES ............................................ 66
6.1 DOMAIN NAME TRANSLATION ................................. 66
6.1.1 INTRODUCTION ....................................... 66
6.1.2 PROTOCOL WALK-THROUGH ............................. 67
6.1.2.1 Negative Response Caching .................... 67
6.1.2.2 Unused Fields ................................ 67
6.1.2.3 Compression .................................. 67
6.1.2.4 Host Name Syntax ............................. 67
6.1.3 SPECIFIC ISSUES ................................... 68
6.1.3.1 Resolver Implementation ...................... 68
6.1.3.2 Transport Protocols .......................... 69
6.1.3.3 Source Quench ................................ 70
6.1.3.4 Multihomed Hosts ............................. 71
6.1.3.5 Extensibility ................................ 71
6.1.3.6 Status of RR Types ........................... 72
6.1.4 DNS USER INTERFACE ................................ 73
6.1.4.1 DNS Administration ........................... 73
6.1.4.2 Domain Service User Interface ................ 73
6.1.4.3 Search Lists ................................. 73
6.1.5 DOMAIN NAME SYSTEM REQUIREMENTS SUMMARY ........... 74
6.2 HOST INITIALIZATION .................................... 77
6.2.1 INTRODUCTION ...................................... 77
6.2.2 REQUIREMENTS ...................................... 77
6.2.2.1 Dynamic Configuration ........................ 77
6.2.2.2 Loading Phase ................................ 79
6.2.3 SYSTEM INITIALIZATION REQUIREMENTS SUMMARY ........ 79
6.3 REMOTE MANAGEMENT ...................................... 80
6.3.1 INTRODUCTION ...................................... 80
6.3.2 PROTOCOL WALK-THROUGH ............................. 80
6.3.3 MANAGEMENT REQUIREMENTS SUMMARY ................... 82
7. REFERENCES ................................................. 83
Internet Engineering Task Force [Page 4]
***DRAFT RFC*** INTRODUCTION May 22, 1989
1. INTRODUCTION
This document is one of a pair of RFC's that defines and discusses
the requirements for host system implementations of the Internet
protocol suite. This RFC covers the applications layer and support
protocols. Its companion, "Requirements for Internet Hosts --
Communications Layers," RFC-comm [INTRO:1], covers the lower layer
protocols: transport layer, IP layer, and link layer.
These documents are intended to provide guidance for vendors,
implementors, and users of Internet communication software. They
represent the consensus of a large body of technical experience and
wisdom, contributed by the Internet research and vendor communities.
This RFC enumerates standard protocols that a host connected to the
Internet must use, and it incorporates by reference the RFCs and
other documents describing the current specifications for these
protocols. It corrects errors in the referenced documents and adds
additional discussion and guidance for an implementor.
For each protocol, this document contains an explicit set of
requirements, recommendations, and options. The reader must
understand that the list of requirements in this document is
incomplete by itself; the complete set of requirements for an
Internet host is primarily defined in the standard protocol
specification document, with corrections, amendments, and supplements
contained in this RFC. In many cases, the "requirements" in this RFC
are already stated or implied in the standard protocol documents, so
that their inclusion here is, in a sense, redundant. However, many
of the requirements that have been listed here have been ignored by
some set of implementors in the past, causing problems of
interoperability, performance, and robustness.
This document includes discussion and explanation of many of the
requirements and recommendations. A simple list of requirements
would be dangerous, because:
o Some required features are more important than others, and some
features are optional.
o There may be valid reasons why particular vendor products that
are designed for restricted contexts might choose to use
different specifications.
However, the specifications of this document must be followed to meet
the general goal of arbitrary host interoperation across the
diversity and complexity of the Internet system. Although most
current implementations fail to meet these requirements in various
Internet Engineering Task Force [Page 5]
***DRAFT RFC*** INTRODUCTION May 22, 1989
ways, some minor and some major, this specification is the ideal
towards which we need to move.
These requirements are based on the current level of Internet
architecture. This document will be updated as required to provide
additional clarifications or to include additional information in
those areas in which specifications are still evolving.
This introductory section begins with general advice to host software
vendors, and then gives some guidance on reading the rest of the
document. Section 2 contains general requirements that may be
applicable to all application and support protocols. Sections 3, 4,
and 5 contain the requirements on protocols for the three major
applications: Telnet, file transfer, and electronic mail,
respectively. Section 6 covers the support applications: the domain
name system, system initialization, and management. Finally, all
references will be found in Section 7.
1.1 The Internet Architecture
For a brief introduction to the Internet architecture from a host
viewpoint, see Section 1.1 of [INTRO:1]. That section also
contains recommended references for general background on the
Internet architecture.
1.2 General Considerations
There are two important lessons that vendors of Internet host
software have learned and which a new vendor should consider
seriously.
o Continuing Internet Evolution
The enormous growth of the Internet has revealed problems of
management and scaling in a large datagram-based packet
communication system. These problems are being addressed,
and as a result there will be continuing evolution of the
specifications described in this document. These changes
will be carefully planned and controlled, since there is
extensive participation in this planning by the vendors and
by the organizations responsible for operations of the
networks.
Development, evolution, and revision are characteristic of
computer network protocols today, and this situation will
persist for some years. A vendor who develops computer
communication software for the Internet protocol suite (or
Internet Engineering Task Force [Page 6]
***DRAFT RFC*** INTRODUCTION May 22, 1989
any other protocol suite!) and then fails to maintain and
update that software for changing specifications is going to
leave a trail of unhappy customers. The Internet is a large
communication network, and the users are in constant contact
through it. Experience has shown that knowledge of
deficiencies in vendor software propagates quickly through
the Internet technical community.
o Robustness Principle
At every layer of the protocols, there is a general rule
whose application can lead to enormous benefits in robustness
and interoperability:
"Be liberal in what you accept, and
conservative in what you send"
Software should be written to deal with every conceivable
error, no matter how unlikely; sooner or later a packet will
come in with that particular combination of errors and
attributes, and unless the software is prepared, chaos can
ensue. In general, it is best to assume that the network is
filled with malevolent entities that will send in packets
designed to have the worst possible effect. This assumption
will lead to suitable protective design, although the most
serious problems in the Internet have been caused by
unenvisaged mechanisms triggered by low-probability events;
mere human malice would never have taken so devious a course!
Adaptability to change must be designed into all levels of
Internet host software. As a simple example, consider a
protocol specification that contains an enumeration of values
for a particular header field -- e.g., a type field, a port
number, or an error code; this enumeration must be assumed to
be incomplete. Thus, if a protocol specification defines
four possible error codes, the software must not break when a
fifth code shows up. An undefined code might be logged (see
below), but it must not cause a failure.
The second part of the principle is almost as important:
software on other hosts may contain deficiencies that make it
unwise to exploit legal but obscure protocol features. It is
unwise to stray far from the obvious and simple, lest
untoward effects elsewhere result. A corollary of this is
"watch out for misbehaving hosts"; host software should be
prepared, not just to survive other misbehaving hosts, but
also to cooperate to limit the amount of disruption such
Internet Engineering Task Force [Page 7]
***DRAFT RFC*** INTRODUCTION May 22, 1989
hosts can cause to the shared communication facility.
Finally, there are some implementation recommendations that apply
to every layer of the protocol.
o Error Logging
The Internet includes a great variety of host and gateway
systems, each implementing many protocols and protocol
layers, and some of these contain bugs and mis-features that
may affect an end user. As a result of complexity,
diversity, and distribution of function, the diagnosis of
user problems is often very difficult.
Problem diagnosis will be aided if host implementations will
consistently log all erroneous or "strange" events detected
in any protocol layer. Of course, care must be taken to
ensure that such logging does not consume prohibitive amounts
of resources or otherwise interfere with the operation of the
host.
It is important to include as much diagnostic information as
possible when an error is logged. In particular, it is often
useful to record the entire header of the packet that caused
the error.
o Configuration
Everyone agrees that it would be ideal if a host
implementation of the Internet protocol suite could be
entirely self-configuring. This would allow the whole suite
to be implemented in ROM or cast into silicon, it would
simplify diskless workstations, and it would be an immense
boon to harried LAN administrators as well as system vendors.
We have not reached this ideal; in fact, we are not even
close.
At many points in this document, you will find a requirement
that a parameter be a configurable option. There are several
different reasons behind such requirements. In a few cases,
there is current uncertainty or disagreement about the best
value, and it may be necessary to update the recommended
value in the future. In other cases, the value really
depends on external factors -- e.g., the size of the host and
the distribution of its communication load, or the speeds and
Internet Engineering Task Force [Page 8]
***DRAFT RFC*** INTRODUCTION May 22, 1989
topology of nearby networks -- and self-tuning algorithms are
unavailable and would probably be insufficient. In some
cases, the configurability is needed because of observed
administrative requirements.
Finally, some configuration options are required to
communicate with obsolete or incorrect implementations of the
protocols, distributed without sources, that unfortunately
persist in many parts of the Internet. To make correct
systems coexist with these faulty systems, administrators
often have to "mis-configure" the correct systems. This
problem will correct itself gradually as the faulty systems
are retired, but it cannot be ignored by vendors.
When we say that a parameter must be configurable, we do not
intend to require that its value be explicitly read from a
configuration file at every boot time. We recommend that
implementors set up a default for each parameter, so a
configuration file is only necessary to override those
defaults that are inappropriate in a particular installation.
Thus, the configurability requirement is an assurance that it
will be POSSIBLE to override the default when necessary, even
in a binary-only or ROM-based product.
This document requires a particular value for such defaults
in some cases. The choice of default is a sensitive issue
when the configuration item controls the accommodation to
existing faulty systems. If the Internet is to converge
successfully to complete interoperability, the default values
built into implementations must implement the official
protocol, not "mis-configurations" to accommodate faulty
implementations. Although marketing considerations have led
some vendors to choose mis-configuration defaults, we urge
vendors to choose defaults that will conform to the standard.
Finally, we note that a vendor needs to provide adequate
documentation on all configuration parameters, their limits
and effects.
1.3 Reading this Document
1.3.1 Organization
In general, each major section is organized into the following
subsections:
(1) Introduction
Internet Engineering Task Force [Page 9]
***DRAFT RFC*** INTRODUCTION May 22, 1989
(2) Protocol Walk-Through -- considers the protocol
specification documents section-by-section, correcting
errors, stating requirements that may be ambiguous or
ill-defined, and providing further clarification or
explanation.
(3) Specific Issues -- discusses design and implementation
issues in the protocols that were not included in the
walk-through.
(4) Interfaces -- discusses the service interface to the next
higher layer.
(5) Summary -- contains a summary of the summary requirements
in the section.
Under many of the individual topics in this document, there is
parenthetical material labeled "DISCUSSION" or
"IMPLEMENTATION." This material is intended to give
clarification and explanation of the preceding requirements
text. It also includes some suggestions on possible future
directions or developments. The implementation material
contains suggested approaches that an implementor may want to
consider.
1.3.2 Requirements
In this document, the words that are used to define the
significance of each particular requirement are capitalized.
These words are:
* "MUST"
This word or the adjective "REQUIRED" means that the item
is an absolute requirement of the specification.
* "SHOULD"
This word or the adjective "RECOMMENDED" means that there
may exist valid reasons in particular circumstances to
ignore this item, but the full implications should be
understood and the case carefully weighed before choosing
a different course.
* "MAY"
This word or the adjective "OPTIONAL" means that this item
is truly optional. One vendor may choose to include the
Internet Engineering Task Force [Page 10]
***DRAFT RFC*** INTRODUCTION May 22, 1989
item because a particular marketplace requires it or
because it enhances the product, for example; another
vendor may omit the same item.
An implementation is not compliant if it fails to satisfy one
or more of the MUST requirements for the protocols it
implements. An implementation that satisfies all the MUST and
all the SHOULD requirements for its protocols is said to be
"unconditionally compliant"; one that satisfies all the MUST
requirements but not all the SHOULD requirements for its
protocols is said to be "conditionally compliant".
1.3.3 Terminology
This document and its companion [INTRO:1] use the following
technical terms:
Segment
A segment is the unit of end-to-end transmission in the
TCP protocol. A segment consists of a TCP header followed
by application data. A segment is transmitted as an IP
datagram.
Message
Thys term is used by some application layer protocols
(particularly SMTP) for an application data unit.
Datagram
A [UDP] datagram is the unit of end-to-end transmission in
the UDP protocol.
Connected Network
A network to which a host is interfaced is often known as
the "local network" or the "subnetwork" relative to that
host. However, these terms can cause confusion, and
therefore we use the term "connected network" in this
document.
Physical network interface
This is a physical interface to a connected network and
has a (possibly unique) link-layer address. Multiple
physical network interfaces on a single host may share the
same link-layer address, but the address must be unique
for different hosts on the same physical network.
Logical [network] interface
A Logical [network] interface is a logical path to a
Internet Engineering Task Force [Page 11]
***DRAFT RFC*** INTRODUCTION May 22, 1989
connected network and is distinguished by a unique IP
address.
Multihomed
A host is said to be multihomed if it has multiple logical
interfaces, i.e., multiple IP addresses, on connected
network(s).
Internet Engineering Task Force [Page 12]
***DRAFT RFC*** APPLICATIONS LAYER -- GENERAL May 22, 1989
2. GENERAL ISSUES
This section contains general requirements that may be applicable to
all application-layer protocols.
2.1 Host Names and Numbers
Whenever a user inputs the identity of an Internet host, it MUST |
be possible to enter either (1) a host domain name or (2) an IP |
address in dotted decimal ("#.#.#.#") form. The host SHOULD check |
the string syntactically for a dotted-decimal number before |
looking it up in the Domain Name System. |
DISCUSSION: |
This requirement is not intended to specify the complete |
syntactic form for entering a dotted-decimal host number; |
that is considered to be a user-interface issue. For |
example, for SMTP mail, a dotted decimal number must be |
enclosed within "[ ]" brackets (see Section 5.2.16). This |
notation could be made universal within a host system, |
simplifying the syntactic checking for a dotted decimal |
number. |
If a dotted-decimal number can be entered without such |
identifying delimiters, then a full syntactic check must be |
made, because a segment of a host domain name is now allowed |
to begin with a digit and could legally be entirely numeric |
(see Section 6.1.2.4). However, a valid domain name can |
never have the dotted decimal form #.#.#.#, since at least |
the highest-level domain name will be alphabetic. |
2.2 Application Use Of Domain Services
Host domain names MUST be translated to IP addresses as described
in Section 6.1.
Applications using domain services MUST be able to cope with soft
error conditions.
An application SHOULD NOT rely on the ability to locate a WKS |
record containing an accurate listing of all services at a |
particular host address. The only way to confirm that a service |
is present or absent is to attempt to use it. |
DISCUSSION:
Applications should not continuously retry requests that
return soft errors, but should instead wait a reasonable
interval between successive retries. The choice of interval
Internet Engineering Task Force [Page 13]
***DRAFT RFC*** APPLICATIONS LAYER -- GENERAL May 22, 1989
should allow for network problems that deny service for hours
or even days.
The WKS RR type is not often used by Internet sites. As a |
result, applications SHOULD NOT rely on WKS records in the |
DNS. |
2.3 Multihoming
When the remote host is multihomed, the name-to-address
translation will return a list of alternative IP addresses. As
specified in Section 6.1.3.4, this list should be sorted into
order of decreasing preference. Application protocol
implementations SHOULD be prepared to try multiple addresses from
the list until success is obtained. More specific requirements
for SMTP are given in Section 5.3.4.
When the local host is multihomed, a request/response application
that uses UDP SHOULD send the response with the same local IP
address to which the request was addressed. Similarly, a server !
application that opens multiple TCP connections to the same client !
SHOULD use the same logical interface for all. !
2.4 Type-of-Service
Applications MUST select appropriate TOS values when they invoke
transport layer services, and these values MUST be configurable.
Note that a TOS value contains 5 bits, of which only the higher-
order 3 are currently defined. The other two bits MUST be zero.
DISCUSSION:
As gateway algorithms are developed to implement Type-of-
Service, the recommended values for various application
protocols may change. In addition, it is likely that
particular combinations of users and Internet paths will want
non-standard TOS values. For these reasons, the TOS values
must be configurable.
See the latest version of the "Assigned Numbers" RFC
[INTRO:5] for the recommended TOS values for the major
application protocols.
2.5 UDP-based Applications !
<<to be written>> !
Internet Engineering Task Force [Page 14]
***DRAFT RFC*** APPLICATIONS LAYER -- GENERAL May 22, 1989
2.5 GENERAL APPLICATION REQUIREMENTS SUMMARY
| | | | |S| |
| | | | |H| |F
| | | | |O|M|o
| | |S| |U|U|o
| | |H| |L|S|t
| |M|O| |D|T|n
| |U|U|M| | |o
| |S|L|A|N|N|t
| |T|D|Y|O|O|t
FEATURE |SECTION | | | |T|T|e
-----------------------------------------------|----------|-|-|-|-|-|--
| | | | | | |
User interfaces: | | | | | | |
Support dotted-decimal host numbers |2.1 |x| | | | |
Check syntactically for dotted-dec first |2.1 | |x| | | |
Map domain names per Section 6.1 |2.2 |x| | | | |
Retry DNS lookups slowly on soft errors |2.2 |x| | | | |
Expect WKS records to be available |2.2 | | | |x| |
Try multiple addr's for remote multihomed host |2.3 | |x| | | |
Use same IP addr for UDP reply as request |2.3 | |x| | | |
Use same IP addr for related TCP connections |2.3 | |x| | | |
Specify appropriate TOS values |2.4 |x| | | | |
TOS values configurable |2.4 |x| | | | |
Unused TOS bits zero |2.4 |x| | | | |
| | | | | | |
| | | | | | |
Internet Engineering Task Force [Page 15]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
3. REMOTE LOGIN -- TELNET PROTOCOL
3.1 INTRODUCTION
Telnet is the standard Internet application protocol for remote
login. It provides the encoding rules to link a user's
keyboard/display on a client ("user") system with a command
interpreter on a remote server system. Telnet is also
incorporated within the FTP and SMTP protocols.
Telnet uses a single TCP connection, and its normal data stream
("Network Virtual Terminal" or "NVT" mode) is 7-bit ASCII with
escape sequences to embed control functions. Telnet also allows
the negotiation of many optional modes and functions.
The primary Telnet specification is to be found in RFC-854
[TELNET:1], while the options are defined in many other RFCs; see
Section 7 for references.
3.2 PROTOCOL WALK-THROUGH
3.2.1 Option Negotiation: RFC-854, pp. 2-3
Every Telnet implementation MUST include option negotiation and
subnegotiation machinery. A host MUST carefully follow the
rules of RFC-854 to avoid option-negotiation loops. A host
MUST refuse (i.e, reply WONT/DONT to a DO/WILL) an unsupported
option.
Option negotiation SHOULD continue to function (even if all
requests are refused) throughout the lifetime of a Telnet
connection.
If all option negotiations fail, a Telnet implementation MUST
default to, and support, an NVT.
DISCUSSION:
Even though more sophisticated "terminals" and supporting
option negotiations are becoming the norm, all
implementations must be prepared to support an NVT for any
user-server communication.
3.2.2 Telnet Go-Ahead Function: RFC-854, p. 5, and RFC-858
The Telnet Go Ahead (GA) signal is obsolete; Server Telnet
implementations SHOULD NOT try to support sending GA commands.
A Server Telnet SHOULD always accept negotiation of the
Suppress Go Ahead option (i.e., reply "WILL Suppress Go Ahead"
Internet Engineering Task Force [Page 16]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
to "DO Suppress Go Ahead").
User Telnet implementations that do not explicitly negotiate
the Suppress Go Ahead option from the server MUST accept, but
MAY ignore, GA commands.
DISCUSSION:
Half-duplex ("locked-keyboard") line-at-a-time terminals
for which the Go-Ahead mechanism was designed have largely
disappeared from the scene. This is fortunate, since it
turned out to be difficult or impossible to implement
sending the Go-Ahead signal in existing operating systems,
even those systems that support native half-duplex
terminals. The difficulty was that the Telnet server code
does not typically have access to information about
whether the user process is blocked awaiting input from
the Telnet connection, i.e., it cannot reliably determine
when to send a Go-Ahead.
Telnet Server hosts do not generally implement sending GA
commands. Therefore, even when the Suppress Go Ahead
option is not negotiated, a User Telnet should not expect
a Server to ever send a GA, or believe a GA that it
receives.
There is a class of half-duplex terminals that is still
commercially important: "data entry terminals," which
interact in a full-screen manner. However, supporting
data entry terminals using the Telnet protocol does not
require the Go Ahead signal; see Section 3.3.2.
3.2.3 Control Functions: RFC-854, pp. 7-8
The list of Telnet commands has been extended to include EOR
(End-of-Record), with code 239 [TELNET:9].
Both User and Server Telnets MAY support the control functions |
EOR, EC, EL, and Break, and MUST support AO, AYT, DM, IP, NOP, |
SB, and SE. |
A host MUST be able to receive and ignore any Telnet control
functions that it does not support.
DISCUSSION:
Note that a Server Telnet is required to support IP, even
if it has an equivalent in-stream function (e.g.,
Control-C in many systems). The Telnet IP function may be
stronger than an in-stream interrupt command, because of
Internet Engineering Task Force [Page 17]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
the out-of-band effect of TCP urgent data.
The EOR control function may be used to delimit the
stream. An important application is data entry terminal
support (see Section 3.3.2). There was concern that since
EOR had not been defined in RFC-854, a host that was not
prepared to correctly ignore unknown Telnet commands might
crash if it received an EOR. To protect such hosts, the
End-of-Record option [TELNET:9] was introduced; however, a
properly implemented Telnet program will not require this
protection.
3.2.4 Using Telnet Synch Sequence
When it receives "urgent" TCP data, a User or Server Telnet |
MUST discard all data except Telnet commands until the DM (and |
end of urgent) is reached. |
When it sends a Telnet IP (Interrupt Process) command, a User |
Telnet SHOULD follow it by the Telnet "Synch" sequence, i.e., |
send as TCP urgent data the sequence "IAC IP IAC DM" The TCP |
urgent pointer points to the DM octet. |
When it receives a Telnet IP command, a Server Telnet MAY send |
a Telnet "Synch" sequence back to the user, to flush the output |
stream. The choice ought to be consistent with the way the |
server operating system behaves when a local user interrupts a |
process. |
When it receives a Telnet AO command, a Server Telnet MUST send |
a Telnet "Synch" sequence back to the user, to flush the output |
stream. |
A User Telnet SHOULD have the capability of flushing output |
when it sends a Telnet IP; see also Section 3.4.5. |
DISCUSSION: There are three possible ways to flush data in the |
output stream: |
(1) Send AO after IP. |
This will cause the server host to send a "flush- |
buffered-output" signal to its operating system. However, |
the AO may not take effect locally, i.e., stop terminal |
output at the User Telnet end, until the Server Telnet has |
received and processed the AO and has sent back a "Synch". |
(2) Send DO TIMING-MARK after IP, and discard all output |
Internet Engineering Task Force [Page 18]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
locally until a WILL/WONT TIMING-MARK is received from the |
Server Telnet. |
Since the DO TIMING-MARK will be processed at the server |
after the IP, the reply to it should be in the right place |
in the output data stream. However, the TIMING-MARK will |
not send a "flush buffered output" signal to the server |
operating system. Whether or not this is needed is |
dependent upon the server system. |
(3) Do both. |
The best method is not entirely clear, since it must accomodate |
a number of existing server hosts that do not follow the Telnet |
standards in various ways. The safest approach is probably to |
provide a user-controllable option to select (1), (2), or (3). |
3.2.5 NVT Printer and Keyboard: RFC-854, p. 11
A host MUST NOT send characters in NVT mode with the high-order
bit 1 (e.g., a parity bit).
DISCUSSION:
Implementors should be aware that while a strict reading
of RFC-854 allows a client or server expecting NVT ASCII
to ignore characters with the high-order bit set, a few
existing implementations do set the high-order bit during
part or all of the life of a connection.
3.2.6 Telnet Command Structure: RFC-854, p. 13
Since options may appear at any point in the data stream, a
Telnet escape character (known as IAC, with the value 255) to
be sent as data MUST be doubled.
3.2.7 Telnet Binary Option: RFC-856
When the binary option has been successfully negotiated,
arbitrary 8-bit characters are allowed. However, the data @
stream MUST still be scanned for IAC characters, any embedded @
Telnet commands MUST be obeyed, and data bytes equal to IAC @
MUST be doubled. Other character processing (e.g., replacing @
CR by CR NUL or by CR LF) MUST NOT be done. In particular, @
there is no end-of-line convention (see Section 3.3.1) in @
binary mode. @
DISCUSSION:
Internet Engineering Task Force [Page 19]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
The binary option is normally negotiated in both
directions, to change the Telnet connection from NVT mode
to "binary mode."
The sequence IAC EOR may be used to delimit blocks of data
within a binary-mode Telnet stream. As a result, data
bytes equal to IAC must be doubled.
3.2.8 Telnet Terminal-Type Option: RFC-1091 |
The Terminal-Type option MUST use the terminal type names |
officially defined in the Assigned Numbers RFC [INTRO:5], when |
they are available for the particular terminal. However, the |
receiver of a Terminal-Type option MUST accept any name. |
DISCUSSION: |
An earlier version of the Terminal-Type option, defined in |
RFC-930, allowed a server host capable of supporting |
multiple terminal types to learn the type of a particular |
client's terminal. It assumed that each physical terminal |
had an intrinsic type. However, today a "terminal" is |
often really a terminal emulator program running in a PC, |
perhaps capable of emulating a range of terminal types. |
Therefore, RFC-1091 extends the specification to allow a |
more general terminal-type negotiation between User and |
Server Telnets. |
3.3 SPECIFIC ISSUES |
3.3.1 Telnet End-of-Line Convention |
The Telnet protocol defines the sequence CR LF to mean "end- #
of-line". For terminal input, this corresponds to a command- #
completion or "end-of-line" key being pressed on a user #
terminal; on an ASCII terminal, this is the CR key, but it may #
also be labelled "Return" or "Enter." #
When a Server Telnet receives the Telnet end-of-line sequence #
CR LF as input from a remote terminal, the effect MUST be the #
same as if the user had pressed the "end-of-line" key on a #
local terminal. On server hosts that use ASCII, in particular, #
receipt of the Telnet sequence CR LF MUST cause the same effect #
as a local user pressing the CR key on a local terminal. Thus, #
CR LF and CR NUL will have the same effect on an ASCII server #
host when received as input over a Telnet connection. #
A User Telnet MUST be able to send any of the forms: CR LF, CR #
NUL, and LF. There SHOULD be a user-controllable mode to send #
Internet Engineering Task Force [Page 20]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
either CR LF or CR NUL when the user presses the "end-of-end- #
of-line" key, and CR LF SHOULD be the default. #
The Telnet end-of-line sequence CR LF MUST be used to send #
Telnet data that is not terminal-to-computer (e.g., for Server #
Telnet sending output, or the Telnet protocol incorporated #
within FTP). #
DISCUSSION: #
To allow interoperability between arbitrary Telnet clients #
and servers, the Telnet protocol defined a standard #
representation for a line terminator. Since the ASCII #
character set includes no explicit end-of-end-of-line #
character, systems have chosen various representations, #
e.g., CR, LF, and the sequence CR LF. The Telnet protocol #
chose the CR LF sequence as the standard for network #
transmission. #
Unfortunately, the Telnet protocol specification in RFC- #
854 [TELNET:1] has turned out to be somewhat ambiguous on #
what character(s) should be sent from client to server for #
the "end-of-line" key. The result has been a massive and #
continuing interoperability headache, made worse by #
various faulty implementations of both User and Server #
Telnets. #
Although the Telnet protocol is based on a perfectly #
symmetric model, in a remote login session the role of the #
user at a terminal differs from the role of the server #
host. For example, RFC-854 defines the meaning of CR, LF, #
and CR LF as output from the server, but does not specify #
what the User Telnet should send when the user presses the #
"end-of-end-of-line" key on the terminal; this turns out #
to be the point at issue. #
When a user presses the "end-of-line" key, some User #
Telnet implementations send CR LF, while others send CR #
NUL (based on a different interpretation of the same #
sentence in RFC-854). These will be equivalent for a #
correctly-implemented ASCII server host, as discussed #
above. For other servers, a mode in the User Telnet is #
needed. #
The existence of User Telnets that send only CR NUL when #
CR is pressed creates a dilemma for non-ASCII hosts: they #
can either treat CR NUL as equivalent to CR LF in input, #
thus precluding the possibility of entering a "bare" CR, #
or the user can explicitly type CR LF for end-of-line. #
Internet Engineering Task Force [Page 21]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
IMPLEMENTATION:
To understand Telnet end-of-line issues, one must have at
least a general model of the relationship of Telnet to the
local operating system. The Server Telnet process is
typically coupled into the terminal driver software of the
operating system as a pseudo-terminal. A Telnet end-of-
line sequence received by the Server Telnet must have the
same effect as pressing the end-of-end-of-line key on a
real locally-connected terminal.
Operating systems that support interactive character-at-
a-time applications (e.g., editors) typically have two
internal modes for their terminal I/O: a formatted mode,
in which local conventions for end-of-line and other
formatting rules have been applied to the data stream, and
a "raw" mode, in which the application has direct access
to every character as it was entered. A Server Telnet
must be implemented in such a way that these modes have
the same effect for remote as for local terminals. For
example, suppose a CR LF or CR NUL is received by the
Server Telnet. In raw mode, a CR character is passed to
the application; in line mode, the local system's end-of-
line convention is used.
Suppose a user on host A uses Telnet to log into a server
host B, and then execute B's User Telnet program to log
into server host C. It is desirable for the Server/User
Telnet combination on B to be as transparent as possible,
i.e., to appear as if A were connected directly to C. In
particular, correct implementation will make B transparent
to Telnet end-of-line sequences, except that CR LF may be
translated to CR NUL or vice versa.
3.3.2 Data Entry Terminals
DISCUSSION:
In addition to the line-oriented and character-oriented
ASCII terminals for which Telnet was designed, there are
several families of video display terminals that are
sometimes known as "data entry terminals" or DETs. The IBM
3270 family is a well-known example.
Two Internet protocols have been designed to support
generic DETs: SUPDUP [TELNET:15, TELNET:16], and the DET
option [TELNET:17, TELNET:18]. The DET option drives a
data entry terminal over a Telnet connection using (sub-)
negotiation. SUPDUP is a completely separate terminal
protocol, which can be entered from Telnet by negotiation.
Internet Engineering Task Force [Page 22]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
Although both SUPDUP and the DET option have been used
successfully in particular environments, neither has
gained general acceptance or wide implementation.
A different approach to DET interaction has been developed
for supporting the IBM 3270 family through Telnet,
although the same approach would be applicable to any DET.
The idea is to enter a "native DET" mode, in which the
native DET input/output stream is sent as binary data.
The Telnet EOR command is used to delimit logical records
(e.g., "screens") within this binary stream.
IMPLEMENTATION:
The rules for entering and leaving native DET mode are as
follows:
o The Server uses the Terminal-Type option [TELNET:10]
to learn that the client is a DET.
o It is conventional, but not required, that both ends
negotiate the EOR option [TELNET:9].
o Both ends negotiate the Binary option [TELNET:3] to
enter native DET mode.
o When either end negotiates out of binary mode, the
other end does too, and the mode then reverts to
normal NVT.
3.3.3 Recommended Options
Every Telnet implementation SHOULD support the options: Binary
[TELNET:3], Echo [TELNET:4], Suppress Go Ahead [TELNET:5] (as
defined in Section 3.2.2), Status [TELNET:6], End-of-Record
[TELNET:9], and Extended Options List [TELNET:8].
A User or Server Telnet SHOULD support the Window Size Option
[TELNET:12] if the local operating system provides the
corresponding capability.
DISCUSSION:
Note that the End-of-Record option only signifies that a
Telnet can receive a Telnet EOR without crashing;
therefore, every Telnet ought to be willing to accept
negotiation of the End-of-Record option. See also the
discussion in Section 3.2.3.
Internet Engineering Task Force [Page 23]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
3.3.4 Option Initiation
When the Telnet protocol is used in a client/server situation, |
the server SHOULD initiate negotiation of the terminal |
interaction mode it expects, while the client MAY initiate the |
negotiations.
DISCUSSION:
The Telnet protocol was defined to be perfectly
symmetrical, but its application is generally asymmetric.
Remote login has been known to fail because NEITHER side
initiated negotiation of the required non-default terminal
modes. It is generally the server that determines the
preferred mode, so the server needs to initiate the
negotiation; since the negotiation is symmetric, the user
can also initiate it.
There is an advantage to leaving option negotiation
initiation to the Server Telnet. Sometimes a User Telnet
is needed to connect to an application service (e.g., FTP)
that uses Telnet for its command stream but does not
support options. This is no problem if the User Telnet
does not initiate option negotiation.
3.3.5 Telnet Linemode Option |
DISCUSSION: |
An RFC currently under final revision proposes a new |
Telnet option, LINEMODE. The LINEMODE option provides a |
standard way for a User Telnet and a Server Telnet to |
agree that the client rather than the server will perform |
terminal character processing. When the client has |
prepared a complete line of text, it will send it to the |
server in (usually) one TCP packet. This option will |
greatly decrease the packet cost of Telnet sessions and |
will also give much better user response over congested or |
long-delay networks. |
The LINEMODE option allows dynamic switching between local |
and remote character processing. For example, the Telnet |
connection will automatically negotiate into single- |
character mode while a full screen editor is running, and |
then return to linemode when the editor is finished. |
When this RFC is released, it is suggested that hosts |
should implement the client side of this option, and may |
implement the server side of this option. To properly |
implement the server side, the server needs to be able to |
Internet Engineering Task Force [Page 24]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
tell the local system not to do any input character |
processing, but to remember its current terminal state, |
and to notify the Server Telnet process whenever the state |
changes. This will allow password echoing and full screen |
editors to be handled properly, for example. |
3.4. TELNET/USER INTERFACE
3.4.1 Character Set Transparency
User Telnet implementations SHOULD be able to send or receive
any 7-bit ASCII character. Where possible, any special
character interpretations by the user host's operating system
SHOULD be bypassed so that these characters can conveniently be
sent and received on the connection.
Some character value MUST be reserved as "escape to command
mode"; conventionally, doubling this character allows it to be
entered as data. The specific character used SHOULD be user
selectable.
On binary-mode connections, a User Telnet program MAY provide
an escape mechanism for entering arbitrary 8-bit values, if the
host operating system doesn't allow them to be entered directly
from the keyboard.
IMPLEMENTATION:
The transparency issues are less pressing on servers, but
implementors should take care dealing with issues like:
masking off parity bits (sent by an older, non-conforming
client) before they reach programs that expect only NVT
ASCII, and properly handling programs that request 8-bit
data streams.
3.4.2 Telnet Commands
A User Telnet program MUST provide a user the capability of
entering any of the Telnet commands IP, AO, or AYT.
3.4.3 TCP Connection Errors
A User Telnet program SHOULD enable the ERROR_REPORT mechanism
of Section 4.2.4.1 and report all TCP connection errors to the
user.
Internet Engineering Task Force [Page 25]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
3.4.4 Non-Default Telnet Contact Port
A User Telnet program SHOULD allow the user to optionally
specify a non-standard contact port number at the Server Telnet
host.
3.4.5 Flushing Output
A User Telnet program SHOULD provide the user the ability to |
specify whether or not output should be flushed when an IP is |
sent; see Section 3.2.4. |
For any output flushing scheme that causes the User Telnet to |
flush output locally until a Telnet signal is received from the |
Server, there SHOULD be a way for the user to manually restore |
normal output, in case the Server fails to send the expected |
signal. |
3.5. TELNET REQUIREMENTS SUMMARY
| | | | |S| |
| | | | |H| |F
| | | | |O|M|o
| | |S| |U|U|o
| | |H| |L|S|t
| |M|O| |D|T|n
| |U|U|M| | |o
| |S|L|A|N|N|t
| |T|D|Y|O|O|t
FEATURE |SECTION | | | |T|T|e
-------------------------------------------------|--------|-|-|-|-|-|--
| | | | | | |
Option Negotiation |3.2.1 |x| | | | |
Avoid negotiation loops |3.2.1 |x| | | | |
Refuse unsupported options |3.2.1 |x| | | | |
Negotiation OK anytime on connection |3.2.1 | |x| | | |
Default to NVT |3.2.1 |x| | | | |
Only official names in TERMINAL-TYPE option |3.2.8 |x| | | | |
Implement recommended & applicable options |3.3.3 | |x| | | |
| | | | | | |
Go-Aheads | | | | | | |
Server send GA's |3.2.2 | | | |x| |
Server accept SUPPRESS-GA option |3.2.2 | |x| | | |
User Telnet accept GA's |3.2.2 |x| | | | |
User Telnet ignore GA's |3.2.2 | | |x| | |
| | | | | | |
Control Functions | | | | | | |
Internet Engineering Task Force [Page 26]
***DRAFT RFC*** REMOTE LOGIN -- TELNET May 22, 1989
Support SE NOP DM IP AO AYT SB |3.2.3 |x| | | | |
Support EOR EC EL Break |3.2.3 | | |x| | |
Ignore unknown control functions |3.2.3 |x| | | | |
IP implies AO |3.2.3 | | |x| | |
Send "Synch" seq with IP, AO, AYT |3.2.4 |x| | | | |
Handle received "Synch" seq per spec |3.2.4 |x| | | | |
| | | | | | |
Encoding | | | | | | |
Send parity bit in NVT mode |3.2.5 | | | | |x|
Double IAC in NVT or binary mode |3.2.7 |x| | | | |
NUL after CR in binary mode only |3.2.7 | | | | |x|
| | | | | | |
End-of-Line | | | | | | |
Server accept CR LF or CR NUL for EOL |3.3.1 |x| | | | |
User able send CR LF, CR NUL, or LF |3.3.1 |x| | | | |
User Telnet default mode is CR LF |3.3.1 | |x| | | |
Non-interactive uses CR LF for EOL |3.3.1 |x| | | | |
| | | | | | |
Server initiate mode negotiaions |3.3.4 | |x| | | |
| | | | | | |
User Telnet interface | | | | | | |
Input all 7-bit characters |3.4.1 | |x| | | |
Escape character |3.4.1 |x| | | | |
User-settable escape character |3.4.1 | |x| | | |
Escape to enter 8-bit values |3.4.1 | | |x| | |
Can input IP, AO, AYT |3.4.2 |x| | | | |
Report TCP connection errors to user |3.4.3 | |x| | | |
Optional non-default contact port |3.4.4 | |x| | | |
Can spec: output flushed when IP sent |3.4.5 | |x| | | |
Can manually restore output mode |3.4.5 | |x| | | |
| | | | | | |
Internet Engineering Task Force [Page 27]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
4. FILE TRANSFER
4.1 FILE TRANSFER PROTOCOL -- FTP
4.1.1 INTRODUCTION
The File Transfer Protocol FTP is the primary Internet standard
for file transfer. The current specification is contained in
RFC-959 [FTP:1].
FTP uses separate simultaneous TCP connections for control and
for data transfer. The FTP protocol includes many features,
some of which are not commonly implemented. However, for every
feature in FTP, there exists at least one implementation. The
minimum implementation defined in RFC-959 was too small, so a
somewhat larger minimum implementation is defined here.
Internet users have been unnecessarily burdened for years by
deficient FTP implementations. Protocol implementors have
suffered from the erroneous opinion that implementing FTP ought
to be a small and trivial task. This is wrong, because FTP has
a user interface, because it has to deal (correctly) with the
whole variety of communication and operating system errors that
may occur, and because it has to handle the great diversity of
real file systems in the world.
4.1.2. PROTOCOL WALK-THROUGH
4.1.2.1 LOCAL Type: RFC-959 Section 3.1.1.4
An FTP program MUST support TYPE I ("IMAGE" or binary type)
as well as TYPE L 8 ("LOCAL" type with logical byte size 8).
A machine whose memory is organized into m-bit words, where
m is not a multiple of 8, MAY also support TYPE L m.
DISCUSSION:
The command "TYPE L 8" is often required to transfer
binary data between a machine whose memory is organized
into (e.g.) 36-bit words and a machine with an 8-bit
byte organization. For an 8-bit byte machine, TYPE L 8
is equivalent to IMAGE.
"TYPE L m" is sometimes specified to the FTP programs
on two m-bit word machines to ensure the correct
transfer of a native-mode binary file from one machine
to the other. However, this command should have the
same effect on these machines as "TYPE I".
Internet Engineering Task Force [Page 28]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
4.1.2.2 Telnet Format Control: RFC-959 Section 3.1.1.5.2
A host that makes no distinction between TYPE N and TYPE T
SHOULD implement TYPE T to be identical to TYPE N.
DISCUSSION:
Many hosts represent text files internally as strings
of ASCII characters, using the embedded ASCII format
effector characters (LF, BS, FF, ...) to control the
format when a file is printed. For such hosts, there
is no distinction between "print" files and other
files. However, systems that use record structured
files typically need a special format for printable
files (e.g., ASA carriage control). For the latter
hosts, FTP allows a choice of TYPE N or TYPE T. For
hosts that make no distinction, the correct way to
implement TYPE T is to make it identical to TYPE N.
4.1.2.3 Page Structure: RFC-959 Section 3.1.2.3 and Appendix I
Implementation of page structure is NOT RECOMMENDED in
general. However, if a host system does need to implement
FTP for "random access" or "holey" files, it MUST use the
defined page structure format rather than define a new
private FTP format.
4.1.2.4 Data Structure Transformations: RFC-959 Section 3.1.2
An FTP transformation between record-structure and file-
structure SHOULD be invertible, to the extent possible while
making the result useful on the target host.
DISCUSSION:
RFC-959 required strict invertibility between record-
structure and file-structure, but in practice,
efficiency and convenience often preclude it.
Therefore, the requirement is being relaxed. There are
two different objectives for transferring a file:
processing it on the target host, or just storage. For
storage, strict invertibility is important. For
processing, the file created on the target host needs
to be in the format expected by application programs on
that host.
As an example of the conflict, imagine a record-
oriented operating system that requires some data files
to have exactly 80 bytes in each record. While STORing
a file on such a host, an FTP Server must be able to
Internet Engineering Task Force [Page 29]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
pad each line or record to 80 bytes; a later retrieval
of such a file cannot be strictly invertible.
4.1.2.5 Data Connection Management: RFC-959 Section 3.3
A User-FTP that uses STREAM mode SHOULD send a PORT command
to assign a non-default data port before each transfer
command is issued.
DISCUSSION:
This is required because of the long delay after a TCP
connection is closed until its socket pair can be
reused, to allow multiple transfers during a single FTP
session. Sending a port command is unnecessary if a
transfer mode other that stream is used.
4.1.2.6 PASV Command: RFC-959 Section 4.1.2
A server-FTP MUST implement the PASV command.
The format of the 227 reply to a PASV command is not well
standardized. In particular, an FTP client cannot assume
that the parentheses shown on page 40 of RFC-959 will be
present (and in fact, Figure 3 on page 43 omits them).
Therefore, an User-FTP program that interprets the PASV
reply MUST scan the reply for the first digit of the host
and port numbers.
If multiple third-party transfers are to be executed during
the same session, a new PASV command MUST be issued before
each transfer command, to obtain a unique port pair.
IMPLEMENTATION:
Note that the host number h1,h2,h3,h4 is the IP address
of the server host that is sending the reply, and that
p1,p2 is a non-default data transfer port that PASV has
assigned.
4.1.2.7 LIST and NLST Commands: RFC-959 Section 4.1.3
The data returned by an NLST command MUST consist only of a
list of legal pathnames, such that the server can use them
directly as the arguments of subsequent data transfer
commands for the individual files.
The data returned by a LIST or NLST command SHOULD use an |
implied TYPE AN, unless the current type is EBCDIC, in which |
case an implied TYPE EN SHOULD be used. |
Internet Engineering Task Force [Page 30]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
DISCUSSION: |
Many FTP clients support macro-commands that will get |
or put files matching a wildcard specification, using |
NLST to obtain a list of pathnames. The expansion of |
"multiple-put" is local to the client, but "multiple- |
get" requires cooperation by the server. |
The implied type for LIST and NLST is designed to |
provide compatibility with existing User-FTPs, and in |
particular with multiple-get commands. |
4.1.2.8 SITE Command: RFC-959 Section 4.1.3
A Server-FTP SHOULD use the SITE command for non-standard
features, rather than invent new private commands or
unstandardized extensions to existing commands.
4.1.2.9 STOU Command: FRC-959 Section 4.1.3 |
This command stores into a uniquely named file, and the |
Server-FTP MUST return the actual file name in the "125 |
Transfer Starting" or the "150 Opening Data Connection" |
message that precedes the transfer (the 250 reply code |
mentioned in RFC-959 is incorrect). For a STOU command, the |
exact format of these reply messages MUST be as follows: |
125 FILE: pppp |
150 FILE: pppp |
where pppp represents the pathname of the file that will be |
written. |
4.1.2.10 Telnet End-of-line Code: RFC-959, Page 34
Implementors MUST NOT assume any correspondence between READ
boundaries on the control connection and the Telnet EOL
sequences (CR LF). Thus, a server-FTP (or User-FTP) must
continue reading characters from the control connection
until a complete Telnet EOL sequence is encountered, before
processing the command (or response, respectively).
Conversely, a single READ from the control connection may
include more than one Telnet command.
4.1.2.11 FTP Replies: RFC-959 Section 4.2, Page 35
A Server-FTP MUST send only correctly formatted replies on |
the control connection. Note that RFC-959 (unlike earlier |
versions of the FTP spec) contains no provision for a |
Internet Engineering Task Force [Page 31]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
"spontaneous" reply message. |
A Server-FTP SHOULD use the reply codes defined in RFC-959 |
whenever they apply. However, a server-FTP MAY use a |
different reply code when needed, as long as the general |
rules of Section 4.2 are followed. |
A User-FTP SHOULD generally use only the highest-order digit |
of a 3-digit reply code for making a procedural decision, to |
prevent difficulties when a Server-FTP uses non-standard |
reply codes. |
A User-FTP MUST be able to handle multi-line replies. If |
there is a limit on the number of lines, this limit MUST be |
three or greater. |
DISCUSSION: |
Server implementations that fail to strictly follow the |
reply rules often cause FTP user programs to hang. |
Note that RFC-959 resolved ambiguities in earlier FTP |
specifications and must be followed. |
It is important to choose FTP reply codes that properly |
distinguish between temporary and permanent failures, |
to allow the successful use of file transfer client |
daemons. These programs depend on the reply codes to |
decide whether or not to retry a failed transfer; using |
a permanent failure code (5xx) for a temporary error |
will cause these programs to give up unnecessarily. If |
there is any reasonable possibility that a failed FTP |
will succeed a few hours later, a temporary error reply |
code should be sent. |
When the meaning of a reply matches exactly the text |
shown in RFC-959, uniformity will be enhanced by using |
the RFC-959 text verbatim. However, a Server-FTP |
implementor is encouraged to choose reply text that |
conveys specific system-dependent information, when |
appropriate. |
4.1.2.12 Connections: RFC-959 Section 5.2
The words "and the port used" in the second paragraph of |
this section of RFC-959 are erroneous (historical), and they |
should be ignored. |
On a multihomed server host, the default data transfer port |
(L-1) must be associated with the same local logical |
Internet Engineering Task Force [Page 32]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
interface as the corresponding control connection to port L. |
A user-FTP SHOULD NOT attempt to negotiate Telnet options on
the control connection. However, a server-FTP MUST be
capable of accepting and refusing (DONT/WONT) such
negotiations.
DISCUSSION:
Although the RFC says: "Server- and User- processes
should follow the conventions for the Telnet
protocol...[on the control connection]", it is not the
intent that Telnet option negotiation is to be
employed.
4.1.2.13 Minimum Implementation; RFC-959 Section 5.1
The following commands and options MUST be supported by
every server-FTP and user-FTP, except in cases where the
underlying file system or operating system does not allow or
support a particular command.
Type: ASCII Non-print, IMAGE, LOCAL 8
Mode: Stream
Structure: File, Record
Commands:
USER, PASS, ACCT,
PORT, PASV,
TYPE, MODE, STRU,
RETR, STOR, APPE,
RNFR, RNTO, DELE,
CWD, CDUP, RMD, MKD, PWD,
LIST, NLST,
SYST, STAT,
HELP, NOOP, QUIT.
Record structure is REQUIREd only for hosts whose file
systems support record structure.
DISCUSSION:
Vendors are encouraged to implement a larger subset of
the protocol. For example, there are important
robustness features in the protocol (e.g., Restart,
ABOR, block mode) that would be an aid to some Internet
users but are not widely implemented.
A host that does not have record structures in its file
system may still accept files with STRU R, recording
the byte stream literally.
Internet Engineering Task Force [Page 33]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
4.1.3 SPECIFIC ISSUES
4.1.3.1 Non-standard Command Verbs
FTP allows "experimental" commands, whose names begin with
"X". If these commands are subsequently adopted as
standards, there may still be existing implementations using
the "X" form. At present, this is true for the directory
commands:
RFC-959 "Experimental"
MKD XMKD
RMD XRMD
PWD XPWD
CDUP XCUP
CWD XCWD
All FTP implementations SHOULD recognize both forms of these
commands, by simply equating them with extra entries in the
command lookup table.
IMPLEMENTATION:
A User-FTP can access a server that supports only the
"X" forms by implementing a mode switch, or
automatically using the following procedure: if the
RFC-959 form of one of the above commands is rejected
with a 500 or 502 response code, then try the
experimental form; any other response would be passed
to the user.
4.1.3.2 Idle Timeout
A Server-FTP process SHOULD have an idle timeout, which will
terminate the process and close the control connection if
the server is inactive (i.e., no commands and no data
transfer) for a long period of time. The idle timeout time
SHOULD be configurable, and the default should be at least 5
minutes.
A client FTP process ("User-PI" in RFC-959) will need
timeouts on responses only if it is invoked from a program.
DISCUSSION:
A Server-FTP process may be left pending indefinitely
if the corresponding client crashes without closing the
control connection.
Internet Engineering Task Force [Page 34]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
4.1.3.3 Concurrency of Data and Control @
DISCUSSION: @
The intent of the designers of FTP was that a user-FTP @
should be able to send a STAT command at any time while @
data transfer was in progress and that the server-FTP @
would reply immediately with status -- e.g., the number @
of bytes transferred so far. Similarly, an ABOR @
command should be possible at any time during a data @
transfer. @
Unfortunately, some small-machine operating systems @
make such concurrent programming difficult, and some @
other implementers seek minimal solutions, so some FTP @
implementations do not allow concurrent use of the data @
and control connections. Even such a minimal server @
must be prepared to accept and defer a STAT or ABOR @
command that arrives during data transfer. @
4.1.3.4 FTP Restart Mechanism !
The description of the 110 reply on pp. 40-41 of RFC-959 is !
incorrect; the correct description is as follows. A restart !
reply message, sent over the control connection from the !
receiving FTP to the User-FTP, has the format: !
110 MARK ssss = rrrr !
Here: !
* ssss is a text string that appeared in a Restart Marker !
in the data stream and encodes a position in the !
sender's file system; !
* rrrr encodes the corresponding position in the !
receiver's file system. !
The encoding, which is specific to a particular file system !
and network implementation, is always generated and !
interpreted by the same system, either sender or receiver. !
When an FTP that implements restart receives a Restart !
Marker in the data stream, it SHOULD force the data to that !
point to be written to stable storage before encoding the !
corresponding position rrrr. !
Two new reply codes are defined for errors encountered in !
restarting a transfer. !
Internet Engineering Task Force [Page 35]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
554 Requested action not taken: invalid REST parameter. !
A 554 reply may result from a FTP service command that !
follows a REST command. The reply indicates that the !
existing file at the Server-FTP cannot be repositioned !
as specified in the REST. !
555 Requested action not taken: type or stru mismatch. !
A 555 reply may result from an APPE command or from any !
FTP service command following a REST command. The !
reply indicates that there is some mismatch between the !
current transfer parameters (type and stru) and the !
attributes of the existing file. !
DISCUSSION: !
Note that the FTP Restart mechanism requires that Block !
or Compressed mode be used for data transfer, to allow !
the Restart Markers to be included within the data !
stream. The frequency of Restart Markers can be low; !
an interval corresponding to 15-60 seconds of transfer !
time at typical rates is suggested. !
Restart Markers mark a place in the data stream, but !
the receiver may be performing some transformation on !
the data as it is stored into stable storage. In !
general, the receiver's encoding must include any state !
information necessary to restart this transformation at !
any point of the FTP data stream. For example, in TYPE !
A transfers, many receiver hosts transform CR LF !
sequences into a single LF character on disk. If a !
Restart Marker happens to fall between CR and LF, the !
receiver must encode in rrrr that the transfer must be !
restarted in a "CR has been seen and discarded" state. !
Note that the Restart Marker is required to be encoded !
as a string of printable ASCII characters, regardless !
of the type of the data. !
RFC-959 says that restart information is to be returned !
"to the user". This should not be taken literally. In !
general, the User-FTP should append the restart !
information (ssss,rrrr) to a restart control file. It !
would create an empty restart control file when the !
transfer first starts and delete this file !
automatically when the transfer completes successfully. !
It is suggested that this file have a name derived in !
an easily-identifiable manner from the name of the file !
Internet Engineering Task Force [Page 36]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
being transferred and the remote host name; this is !
analogous to the means used by many text editors for !
naming "backup" files !
There are three cases for FTP Restart. !
(1) User-to-Server Transfer !
The User-FTP puts Restart Markers <ssss> at !
convenient places in the data stream. When the !
Server-FTP receives a Marker, it writes all prior !
data to disk, encodes its file system position and !
transformation state as rrrr, and returns a "110 !
MARK ssss = rrrr" reply over the control !
connection. The User-FTP appends the pair !
(ssss,rrrr) to its restart control file. !
To restart the transfer, the User-FTP fetches the !
last (ssss,rrrr) pair from the restart control !
file, repositions its local file system and !
transformation state using ssss, and sends the !
command "REST rrrr" to the Server-FTP. !
(2) Server-to-User Transfer !
The Server-FTP puts Restart Markers <ssss> at !
convenient places in the data stream. When the !
User-FTP receives a Marker, it writes all prior !
data to disk, encodes its file system position and !
transformation state as rrrr, and appends the pair !
(rrrr,ssss) to its restart control file. !
To restart the transfer, the User-FTP fetches the !
last (rrrr,ssss) pair from the restart control !
file, repositions its local file system and !
transformation state using rrrr, and sends the !
command "REST ssss" to the Server-FTP. !
(3) Server-to-Server Transfer !
The sending Server-FTP puts Restart Markers <ssss> !
at convenient places in the data stream. When it !
receives a Marker, the receiving Server-FTP writes !
all prior data to disk, encodes its file system !
position and transformation state as rrrr, and !
sends a "110 MARK ssss = rrrr" reply over the !
control connection to the User. The User-FTP !
appends the pair (ssss,rrrr) to its restart !
Internet Engineering Task Force [Page 37]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
control file. !
To restart the transfer, the User-FTP fetches the !
last (ssss,rrrr) pair from the restart control !
file, sends "REST ssss" to the sending Server-FTP, !
and sends "REST rrrr" to the receiving Server-FTP. !
4.1.4 FTP/USER INTERFACE
This section discusses the user interface for a User-FTP
program.
4.1.4.1 Pathname Specification
Since FTP is intended for use in a heterogeneous
environment, User-FTP implementations MUST support remote
pathnames as arbitrary character strings, so that their form
and content is not limited by the conventions of the local
operating system.
DISCUSSION:
In particular, remote pathnames can be of arbitrary
length, and all the printing ASCII characters as well
as space (0x20) must be allowed. RFC-959 allows a
pathname to contain any 7-bit ASCII character except CR
or LF.
4.1.4.2 "QUOTE" Command
A User-FTP program MUST implement a "quote" command that
will pass an arbitrary character string to the server and
display all resulting response messages to the user.
To make the QUOTE command useful, a User-FTP SHOULD send
transfer control commands to the server as the user enters
them, rather than saving all the commands and sending them
to the server only when a data transfer is started.
DISCUSSION:
The QUOTE command is essential to allow the user to
access servers that require system-specific commands
(e.g., SITE or ALLO), or to invoke new or optional
features that are not implemented by the User-FTP. For
example, "quote" may be used to specify "TYPE A T" to
send a print file to hosts that require the
distinction, even if the User-FTP does not recognize
that TYPE.
Internet Engineering Task Force [Page 38]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
4.1.4.3 Displaying Replies to User |
A User-FTP SHOULD display to the user the full text of all |
error reply messages it receives. It SHOULD have a |
"verbose" mode in which all commands it sends and the full |
text and reply codes it receives are displayed, for |
diagnosis of problems. |
4.1.4.4 Maintaining Synchronization |
The state machine in a User-FTP SHOULD be forgiving of |
missing and unexpected reply messages, in order to maintain |
command synchronization with the server. |
4.1.5 FTP REQUIREMENTS SUMMARY
| | | | |S| |
| | | | |H| |F
| | | | |O|M|o
| | |S| |U|U|o
| | |H| |L|S|t
| |M|O| |D|T|n
| |U|U|M| | |o
| |S|L|A|N|N|t
| |T|D|Y|O|O|t
FEATURE |SECTION | | | |T|T|e
-------------------------------------------|---------------|-|-|-|-|-|--
Implement TYPE T if same as TYPE N |4.1.2.2 | |x| | | |
File/Record transform invertible if poss. |4.1.2.4 | |x| | | |
User-FTP send PORT cmd for stream mode |4.1.2.5 | |x| | | |
Server-FTP implement PASV |4.1.2.6 |x| | | | |
PASV is per-transfer |4.1.2.6 |x| | | | |
NLST reply useable in RETR cmds |4.1.2.7 |x| | | | |
Implied type for LIST and NLST |4.1.2.7 | |x| | | |
SITE cmd for non-standard features |4.1.2.8 | |x| | | |
Use TCP READ boundaries on control conn. |4.1.2.10 | | | | |x|
| | | | | | |
Server-FTP send only correct reply format |4.1.2.11 |x| | | | |
Server-FTP use defined reply code if poss. |4.1.2.11 | |x| | | |
New reply code following Section 4.2 |4.1.2.11 | | |x| | |
User-FTP use only high digit of reply |4.1.2.11 | |x| | | |
User-FTP handle multi-line reply >=3 lines |4.1.2.11 |x| | | | |
User-FTP negotiate Telnet options |4.1.2.12 | | | |x| |
Server-FTP handle Telnet options |4.1.2.12 |x| | | | |
Handle "Experimental" directory cmds |4.1.3.1 | |x| | | |
Idle timeout in server-FTP |4.1.3.2 | |x| | | |
Configurable idle timeout |4.1.3.2 | |x| | | |
Receiver checkpoint data at Restart Marker |4.1.3.4 | |x| | | |
Internet Engineering Task Force [Page 39]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
| | | | | | |
Support TYPE: | | | | | | |
ASCII - Non-Print (AN) |4.1.2.13 |x| | | | |
ASCII - Telnet -- if same as AN |4.1.2.2 | |x| | | |
ASCII - Carriage Control (AC) |959 3.1.1.5.2 | | |x| | |
EBCDIC - (any form) |959 3.1.1.2 | | |x| | |
IMAGE |4.1.2.1 |x| | | | |
LOCAL 8 |4.1.2.1 |x| | | | |
LOCAL m |4.1.2.1 | | |x| | |2
| | | | | | |
Support MODE: | | | | | | |
Stream |4.1.2.13 |x| | | | |
Block |959 3.4.2 | | |x| | |
| | | | | | |
Support STRUCTURE: | | | | | | |
File |4.1.2.13 |x| | | | |
Record |4.1.2.13 |x| | | | |3
Page |4.1.2.3 | | | |x| |
| | | | | | |
Support command: | | | | | | |
USER |4.1.2.13 |x| | | | |
PASS |4.1.2.13 |x| | | | |
ACCT |4.1.2.13 |x| | | | |
CWD |4.1.2.13 |x| | | | |
CDUP |4.1.2.13 |x| | | | |
SMNT |959 5.3.1 | | |x| | |
REIN |959 5.3.1 | | |x| | |
QUIT |959 5.1 |x| | | | |
| | | | | | |
PORT |4.1.2.13 |x| | | | |
PASV |4.1.2.5 |x| | | | |
TYPE |4.1.2.13 |x| | | | |1
STRU |4.1.2.13 |x| | | | |1
MODE |4.1.2.13 |x| | | | |1
| | | | | | |
RETR |4.1.2.13 |x| | | | |
STOR |4.1.2.13 |x| | | | |
STOU |959 5.3.1 | | |x| | |
APPE |4.1.2.13 |x| | | | |
ALLO |959 5.3.1 | | |x| | |
REST |959 5.3.1 | | |x| | |
RNFR |4.1.2.13 |x| | | | |
RNTO |4.1.2.13 |x| | | | |
ABOR |959 5.3.1 | | |x| | |
DELE |4.1.2.13 |x| | | | |
RMD |4.1.2.13 |x| | | | |
MKD |4.1.2.13 |x| | | | |
PWD |4.1.2.13 |x| | | | |
Internet Engineering Task Force [Page 40]
***DRAFT RFC*** APPLICATIONS LAYER -- FTP May 22, 1989
LIST |4.1.2.13 |x| | | | |
NLST |4.1.2.13 |x| | | | |
SITE |4.1.2.13 | | |x| | |
STAT |4.1.2.13 |x| | | | |
SYST |4.1.2.13 |x| | | | |
HELP |4.1.2.13 |x| | | | |
NOOP |4.1.2.13 |x| | | | |
| | | | | | |
User Interface: | | | | | | |
Arbitrary pathnames |4.1.4.1 |x| | | | |
Implement "quote" command |4.1.4.2 |x| | | | |
Transfer control commands immediately |4.1.4.2 | |x| | | |
Display error messages to user |4.1.4.3 | |x| | | |
Verbose mode |4.1.4.3 | |x| | | |
Maintain synchronization with server |4.1.4.4 | |x| | | |
Footnotes:
(1) For the values shown earlier.
(2) Here m is number of bits in a memory word.
(3) Required for host with record-structured file system, optional
otherwise.
Internet Engineering Task Force [Page 41]
***DRAFT RFC*** APPLICATIONS LAYER -- TFTP May 22, 1989
4.2 TRIVIAL FILE TRANSFER PROTOCOL -- TFTP
4.2.1 INTRODUCTION
The Trivial File Transfer Protocol TFTP is defined in RFC-783
[TFTP:1].
TFTP provides its own reliable delivery with UDP as its
transport protocol, using a simple stop-and-wait acknowledgment
system. Since TFTP has an effective window of only one 512
octet segment, it can provide good performance only over paths
that have a small delay*bandwidth product. The TFTP file
interface is very simple, providing no access control security.
TFTP's most important application is bootstrapping a host over
a local network, since it is simple and small enough to be
easily implemented in EPROM [BOOT:1, BOOT:2]. Vendors are
urged to provide a TFTP server for use in booting. Some people
have found TFTP to be useful for other forms of workstation
file transfer over LANs.
4.2.2 PROTOCOL WALK-THROUGH
The TFTP specification [TFTP:1] is written in an open style,
and does not fully specify many parts of the protocol.
4.2.2.1 Transfer Modes: RFC-783, Page 3
The transfer mode "mail" SHOULD NOT be supported.
4.2.2.2 Sorcerer's Apprentice Syndrome
There is a serious bug in the protocol specification that
was never corrected. While it does not cause incorrect
operation of the transfer (the file will always be
transferred correctly if the transfer completes), it may
cause excessive retransmission, which may cause the transfer
to time out. Implementations MUST contain the fix for this
problem.
The bug is caused by the protocol rule that either side, on
receiving an old duplicate datagram, may resend the current
datagram. If a packet is delayed in the network but later
successfully delivered after either side has timed out and
retransmitted a packet, a duplicate copy of the response may
be generated. If the other side responds to this duplicate
with a duplicate of its own, then every datagram will be
sent in duplicate for the remainder of the transfer (unless
Internet Engineering Task Force [Page 42]
***DRAFT RFC*** APPLICATIONS LAYER -- TFTP May 22, 1989
a datagram is lost, breaking the repetition). Worse yet,
since the delay is often caused by congestion, this
duplicate transmission will usually causes more congestion,
leading to more delayed packets, etc.
This serious problem is known as the "Sorcerer's Apprentice
Syndrome" The following example may help to clarify this
problem.
TFTP A TFTP B
(1) Receive ACK X-1
Send DATA X
(2) Receive DATA X
Send ACK X
(ACK X is delayed in network,
and A times out):
(3) Retransmit DATA X
(4) Receive DATA X again
Send ACK X again
(5) Receive (delayed) ACK X
Send DATA X+1
(6) Receive DATA X+1
Send ACK X+1
(7) Receive ACK X again
Send DATA X+1 again
(8) Receive DATA X+1 again
Send ACK X+1 again
(9) Receive ACK X+1
Send DATA X+2
(10) Receive DATA X+2
Send ACK X+3
(11) Receive ACK X+1 again
Send DATA X+2 again
(12) Receive DATA X+2 again
Send ACK X+3 again
Notice that once the delayed ACK arrives, the protocol
settles down to duplicate all further packets (sequences 5-8
and 9-12). The problem is caused not by either side timing
out, but by both sides retransmitting the current packet
when they receive a duplicate.
The fix is to break the retransmission loop; the sender
(i.e., the side originating the DATA packets) MUST never
resend the current DATA packet on receipt of a duplicate
Internet Engineering Task Force [Page 43]
***DRAFT RFC*** APPLICATIONS LAYER -- TFTP May 22, 1989
ACK. (This is analogous to the behavior of TCP).
It is then possible to remove the retransmission timer on
the receiver, since the resent ACK will never cause any
action; this is a useful simplification where TFTP is used
in a bootstrap program. It is OK to allow the timer to
remain, and it may be helpful if the retransmitted ACK
replaces one that was genuinely lost in the network. The
sender still requires a retransmit timer, of course.
4.2.3 SPECIFIC ISSUES
4.2.3.1 Timeout Algorithms
A TFTP implementation MUST use an adaptive timeout.
IMPLEMENTATION:
TCP retransmission algorithms provide a useful base to
work from. At least an exponential backoff of
retransmission timeout is necessary.
4.2.3.2 Extensions
A variety of non-standard extensions have been made to TFTP,
including additional transfer modes and a secure operation
mode (with passwords). None of these have been
standardized.
4.2.3.3 Access Control
A server TFTP implementation SHOULD include some
configurable access control over what pathnames are allowed
in TFTP operations.
4.2.3.4 Broadcast Request
A TFTP request directed to a broadcast address SHOULD be
silently ignored.
DISCUSSION:
Due to the weak access control capability of TFTP,
directed broadcasts of TFTP requests to random networks
could create a significant security hole.
4.2.4 TFTP REQUIREMENTS SUMMARY
Internet Engineering Task Force [Page 44]
***DRAFT RFC*** APPLICATIONS LAYER -- TFTP May 22, 1989
| | | | |S| |
| | | | |H| |F
| | | | |O|M|o
| | |S| |U|U|o
| | |H| |L|S|t
| |M|O| |D|T|n
| |U|U|M| | |o
| |S|L|A|N|N|t
| |T|D|Y|O|O|t
FEATURE |SECTION | | | |T|T|e
-------------------------------------------------|--------|-|-|-|-|-|--
Fix Sorcerer's Apprentice Syndrome |4.2.2.2 |x| | | | |
Transfer modes: | | | | | | |
netascii |RFC-783 |x| | | | |
octet |RFC-783 |x| | | | |
mail |4.2.2.1 | | | |x| |
extensions |4.2.3.2 | | |x| | |
Use adaptive timeout |4.2.3.1 |x| | | | |
Configurable access control |4.2.3.3 | |x| | | |
Silently ignore broadcast request |4.2.3.4 | |x| | | |
-------------------------------------------------|--------|-|-|-|-|-|--
-------------------------------------------------|--------|-|-|-|-|-|--
Internet Engineering Task Force [Page 45]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
5. ELECTRONIC MAIL -- SMTP and RFC-822
5.1 INTRODUCTION
In the TCP/IP protocol suite, electronic mail is exchanged using
the Simple Mail Transfer Protocol (SMTP) in the format specified
by RFC-822 [SMTP:2]. SMTP is defined in RFC-821 [SMTP:1].
While SMTP has remained unchanged over the years, the Internet
community has made several changes in the way SMTP is used. In
particular, the conversion to domain names has caused changes in
address formats and in mail routing.
RFC-822 specifies the Internet standard format for electronic mail
messages. Since this format is logically independent of the
protocol used to transfer a message, RFC-822 is also used in some
non-Internet mail environments (e.g., BITNET and CSNET) that use
different mail transfer protocols than SMTP. RFC-822 supercedes
an older standard, RFC-733, that may still be in use in a few
places, although it is obsolete. The two formats are sometimes
referred to simply by number ("822" and "733").
5.2 PROTOCOL WALK-THROUGH
This section covers both RFC-821 and RFC-822.
The SMTP specification in RFC-821 is clear and contains numerous
examples, so implementors should not find it difficult to
understand. This section simply updates or annotates portions of
RFC-821 to conform with current usage.
RFC-822 is a long and dense document, defining a rich syntax.
Unfortunately, incomplete or defective implementations of RFC-822
are common. In fact, nearly all of the many formats of RFC-822
are actually used, so an implementation needs to recognize and
correctly interpret all of the RFC-822 syntax.
5.2.1 The SMTP Model: RFC-821 Section 2
DISCUSSION:
Mail is sent by a series of request/response transactions
between a client, the "sender-SMTP," and a server, the
"receiver-SMTP." These transactions pass (1) the message
proper, which is composed of header and body, and (2) SMTP
source and destination addresses, referred to as the
"envelope."
In the Internet model for electronic mail, the local file
Internet Engineering Task Force [Page 46]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
system is used for communication between the SMTP programs
that perform inter-host message transfers and the user
agent (UA) programs with which users read and compose
mail. Thus, the receiver-SMTP is assumed to deliver a
message to the target user specified in the envelope by
writing the message into a file; for example, it might
simply append the message to the user's "mail file." The
user will subsequently read the mail from this file by
running a UA program. Similarly, to originate mail the
user creates a file using the UA program, and this file is
passed to the sender-SMTP for transmission.
The envelope is constructed at the originating site,
typically when the message is first queued for
transmission by the sender-SMTP program. The envelope
addresses may be derived from information in the message
header, or supplied by the UA (e.g., to implement a bcc:
request), or derived from local configuration information
(e.g., expansion of a mailing list). The SMTP envelope
cannot in general be re-derived from the header at a later
hop in the message transmission path, so the envelope is
transmitted separately from the message itself using the
MAIL and RCPT commands of SMTP.
The text of RFC-821 suggests that mail is to be delivered
to an individual user at a host. With the advent of the
domain system and of mail routing using mail-exchange (MX)
resource records, implementors should now think of
delivering mail to a user at a domain, which may or may
not be a particular host. This DOES NOT change the fact
that SMTP is a host-to-host mail exchange protocol, and it
has no important effect on the SMTP model.
5.2.2 Canonicalization: RFC-821 Section 3.1
The domain names that a Sender-SMTP sends in MAIL and RCPT !
commands SHOULD have been "canonicalized," i.e., they must be !
fully-qualified principal names or domain literals, not !
nicknames. A canonicalized name either names a host directly !
or is resolvable into a host name using MX records; it cannot !
be a CNAME. !
5.2.3 VRFY and EXPN Commands: RFC-821 Section 3.3
A receiver-SMTP MUST implement VRFY and SHOULD implement EXPN #
(this requirement overrides RFC-821). However, there MAY be #
configuration information to disable VRFY and EXPN in a #
particular installation; this might even allow EXPN to be #
Internet Engineering Task Force [Page 47]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
disabled for selected lists. #
DISCUSSION:
SMTP users and administrators make regular use of these
commands for diagnosing mail delivery problems. EXPN has
been controversial: it is useful for diagnosing mail
loops, but some feel that it represents a significant
privacy and perhaps even a security exposure.
5.2.4 SEND, SOML, and SAML Commands: RFC-821 Section 3.4
An SMTP MAY implement the commands to send to a user's terminal
(SEND, SOML, and SAML).
DISCUSSION:
It has been suggested that the use of mail relaying
through an MX record is inconsistent with the intent of
SEND to deliver a message immediately and directly to a
user's terminal. However, a mail relay that is unable to
write directly to the user terminal can return a "251 User
Not Local" reply to the RCPT following a SEND, to inform
the originator of possibly deferred delivery.
5.2.5 HELO Command: RFC-821 Section 3.5
The User-SMTP MUST ensure that the <domain> parameter in a HELO
command is a valid principal host domain name for the client
host. In particular, the Server-SMTP will not have to perform
MX resolution on this name in order to validate the HELO
parameter.
The HELO receiver MAY verify that the HELO parameter really
corresponds to the IP address of the sender. However, the
receiver MUST NOT refuse to accept a message, even if the
sender's HELO command fails verification.
DISCUSSION:
Note that verifying the HELO parameter requires a domain
name lookup and may therefore take considerable time. An
alternative tool for tracking bogus mail sources is
suggested below (see "DATA Command").
IMPLEMENTATION:
When HELO parameter validation fails, a suggested
procedure is to insert a note about the unknown
authenticity of the sender into the message header (e.g.,
in the "Received:" line).
Internet Engineering Task Force [Page 48]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
5.2.6 Mail Relay: RFC-821 Section 3.6
We distinguish a mail "relay," which forwards a message within @
an SMTP mail environment, from a mail "gateway," which passes a @
message between different environments. The rules for mail @
gateways are discussed in Section 5.3.7. @
An SMTP MAY support relaying, i.e., support a multi-hop <path> !
in the RCPT command, and a User Agent MAY allow a user to enter !
an RFC-822 <route> address. !
A mail relay host MUST add its name to the reverse source route
in the reverse-path within the SMTP envelope of a forwarded
message. It MUST also add an appropriate "Received:" line to
the header of the message, but it SHOULD NOT alter any other
header field.
DISCUSSION: !
Source-routing for mail delivery is generally unnecessary !
within the Internet mail environment. This is the result !
of an explicit architectural decision to use universal !
naming rather than source routing for mail. As a result, !
SMTP uses end-to-end connectivity and the DNS provides a !
global domain name space. MX records handle the major !
cases where source routing might otherwise be needed. !
Thus, within the Internet mail environment a simple !
"user@domain" address should almost always suffice. Note !
that there are other mail environments that also use SMTP !
and RFC-822 but employ source routes. Each mail !
environment may be different in this respect, and in fact !
there is a rich diversity of mail routing schemes in the !
world. Source routes for extra-Internet environments can !
generally be buried in the "Local-part" of the address (to !
the left of the "@") while mail traverses the Internet. !
When the mail reaches the appropriate mail gateway, it !
will interpret the local-part and build the necessary !
address or route for the target mail environment; see !
Section 5.2.7. !
Source routing may occasionally be needed to manually !
route mail around some failure. The use of explicit SMTP !
mail relaying for this purpose is not encouraged, and in !
fact it is unlikely to be successful, as many host systems !
currently do not support relaying. Instead, we suggest !
the use of the "%-hack" if source-routing absolutely !
cannot be avoided within the Internet; see the Discussion !
in Section 5.2.15. !
Internet Engineering Task Force [Page 49]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
5.2.7 RCPT Command: RFC-821 Section 4.1.1
A host that supports a receiver-SMTP MUST support the reserved
mailbox "Postmaster".
The receiver-SMTP MAY try to verify RCPT parameters as the !
arrive; however, RCPT responses MUST NOT be delayed beyond a !
reasonable time (see Section 3.5.2). !
Therefore, a "250 OK" response to a RCPT does not necessarily !
imply that the delivery address(es) are valid. Errors found !
after message acceptance will be reported by mailing a !
notification message to an appropriate address (see Section !
5.2.3). !
DISCUSSION: !
Reporting destination mailbox errors to the Sender-SMTP !
before mail is transferred is generally desirable to save !
time and network bandwidth. However, the conditions under !
which a RCPT parameter will be validated immediately is an !
engineering design choice. For example, the "reasonable" !
delay requirement generally means that mailing list !
verification should be deferred until after the message !
has been transferred and accepted, since it can take a !
very long time to expand a large mailing list. !
An implementation might or might not choose to defer !
validation of addresses that are non-local and therefore !
require a DNS lookup. If a DNS lookup is performed but a !
soft domain system error (e.g., timeout) occurs, validity !
must be assumed for the RCPT. !
5.2.8 DATA Command: RFC-821 Section 4.1.1
The receiver-SMTP MUST insert a "Received:" line (called a |
"time stamp line" in RFC-821) at the beginning of a message. |
In this line: |
* The FROM field SHOULD contain both (1) the name of the |
source host as presented in the HELO command and (2) a |
domain literal containing the IP address of the source, |
determined from the TCP connection. |
* The ID field MAY contain an "@" as suggested in RFC-822, |
but this is not required. |
* The FOR field MAY contain a list of <path> entries when |
multiple RCPT commands have been given. |
Internet Engineering Task Force [Page 50]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
When the receiver-SMTP makes (1) the "final delivery" of a !
message or (2) acts as a gateway to forward the message into a !
different mail environment, then it MUST pass the MAIL TO: !
address from the SMTP envelope with the message, for use if an !
error notification message must later be sent (see Section !
5.3.3). This information may be passed as a parameter or in a !
Return-Path: line inserted at the beginning of the message. !
DISCUSSION:
Including both the source host and the IP source address
in the Received: line may provide enough information for
tracking illicit mail sources and eliminate a need to
explicitly verify the HELO parameter.
Note that the final reply to the DATA command depends only @
upon the successful transfer and storage of the message. @
Any problem with the destination address(es) must either @
(1) have been reported in an SMTP error reply to the RCPT @
command(s), or (2) be reported in a later error message @
mailed to the originator. @
5.2.9 SMTP Replies: RFC-821 Section 4.2
A new reply code is defined for the VRFY command:
252 Cannot VRFY user (e.g., info is not local), but will
take message for this user and attempt delivery.
A receiver-SMTP SHOULD send only the reply codes listed in |
section 4.2.2 of RFC-821 or in this document. A receiver-SMTP |
SHOULD use the text shown in examples in RFC-821 whenever |
appropriate. |
A sender-SMTP MUST determine its actions only by the reply |
code, not by the text (except for 251 and 551 replies); any |
text, including no text at all, must be acceptable. The space |
(blank) following the reply code is considered part of the |
text. Whenever possible, a sender-SMTP SHOULD test only the |
first digit of the reply code, as specified in Appendix E of |
RFC-821. |
DISCUSSION:
Interoperability problems have arisen with SMTP systems
using reply codes that are not listed explicitly in RFC-
821 Section 4.3 but are legal according to the theory of
reply codes explained in Appendix E.
Internet Engineering Task Force [Page 51]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
5.2.10 Transparency: RFC-821 Section 4.5.2
Implementors MUST be sure that their mail systems always add
and delete periods to ensure message transparency.
5.2.11 WKS Use in MX Processing: RFC-974, p. 5
RFC-974 [SMTP:3] recommended that the domain system be queried
for WKS ("Well-Known Service") records, to verify that each
proposed mail target does support SMTP. Later experience has
shown that WKS is not widely supported, so the WKS step in MX
processing SHOULD NOT be used.
The following are notes on RFC-822, organized by section of that
document.
5.2.12 RFC-822 Time Zones: RFC-822 Section 5
The military time zones are incorrect: they count the wrong way
from UT (the signs are reversed).
There is a strong trend towards the use of numeric timezone
indicators, and implementations SHOULD use numeric timezones
instead of timezone names. However, all implementations MUST
accept either notation. If non-numeric timezones are used,
they MUST be exactly as defined in RFC-822.
Also note that there is a typo on the definition of "zone" in |
the syntax summary of appendix D; the correct definition occurs |
in Section 3. |
5.2.13 RFC-822 Syntax Change: RFC-822, Page 27
The syntactic definition of "mailbox" in RFC-822 is hereby
changed to:
mailbox = addr-spec ; simple address
/ [phrase] route-addr ; name & addr-spec
That is, the phrase preceding a route address is now optional.
This change makes the following header field legal, for
example:
From: <craig@nnsc.nsf.net>
Internet Engineering Task Force [Page 52]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
5.2.14 RFC-822 Syntax Errors: RFC-822 Section 6.1
Errors in formatting or parsing 822 addresses are unfortunately
common. This section mentions only the most common errors. A
user agent MUST accept all valid RFC-822 address formats, and
MUST NOT generate an illegal address syntax.
o A common error is to leave out the semicolon after a group
identifier.
o Some systems fail to fully-qualify domain names in !
messages they send out. All domain names in message !
headers SHOULD be fully-qualified when mail is transmitted !
across the Internet. !
In particular, systems often fail to fully-qualify the !
From: address; this prevents a "reply" command in the User !
Agent from automatically constructing a return address.
o Some systems mis-parse multiple source routes such as:
@relay1,@relay2,@relay3:user@domain.
5.2.15 RFC-822 Local-part: RFC-822 Section 6.2
The basic mailbox address specification has the form: "local-
part@domain". Here "local-part", sometimes called the "left-
hand side" of the address, is domain-dependent.
A host that is sending or relaying the message, i.e., that is
not the destination host implied by the right-hand side
"domain", MUST NOT interpret the "local-part" of the address.
When mail is to be gatewayed from the Internet mail environment
into a foreign mail environment (see Section 5.2.7), routing
information for that foreign environment MAY be embedded within
the "local-part" of the address. The gateway will then
interpret this local part appropriately for the foreign mail
environment.
DISCUSSION:
By undocumented convention, an embedded source route is
often encoded in the "local-part" using "%" as separator,
for example:
user%domain%relay3%relay2@relay1
Internet Engineering Task Force [Page 53]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
This is commonly known as the "%-hack". As discussed in
Section 5.2.6, we suggest its use for those unusual cases
where source routing is needed within the Internet mail
environment.
5.2.16 Domain Literals: RFC-822 Section 6.2.3
A mailer MUST be able to accept and parse an Internet domain
literal whose content ("dtext"; see RFC-822) is a dotted-
decimal host address. This satisfies the requirement of
Section 2.1 for the case of mail.
An SMTP MUST accept and recognize a domain literal referring to |
itself. |
5.3 SPECIFIC ISSUES
5.3.1 SMTP Queueing Strategies
The common structure of a host SMTP implementation includes
user mailboxes, one or more areas for queueing messages in
transit, and one or more daemon processes for sending and
receiving mail. The exact structure will vary depending on the
needs of the users on the host and the number and size of
mailing lists supported by the host. We describe several
optimizations that have proved helpful, particularly for
mailers supporting high traffic levels.
Any queueing strategy MUST include:
o Timeouts on all activities. See Section 5.3.2.
o Never sending error messages in response to error
messages.
5.3.1.1 Sending Strategy
The general model of the sender-SMTP is one or more
processes that periodically attempt to transmit outgoing
mail. In a typical system, the program that composes a
message has some method for requesting immediate attention
for a new piece of outgoing mail, while mail that cannot be
transmitted immediately MUST be queued and periodically
retried by the sender. A mail queue entry will include not
only the message itself but also the envelope information.
Internet Engineering Task Force [Page 54]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
Retries continue until the message is transmitted or the
sender gives up; the give-up time generally needs to be at
least 4-5 days. The parameters to the retry algorithm MUST
be configurable.
When the same message is to be delivered to several users on
the same host, only one copy of the message SHOULD be
transmitted. That is, the sender-SMTP should use the
command sequence: RCPT, RCPT,... RCPT, DATA instead of the
sequence: RCPT, DATA, RCPT, DATA,... RCPT, DATA.
Implementation of this efficiency feature is strongly urged.
The sender MUST delay retrying a particular destination
after one attempt has failed. In general, the retry
interval SHOULD be at least 30 minutes; however, more
sophisticated and variable strategies may be beneficial when
the sender-SMTP can determine the reason for nondelivery.
DISCUSSION:
Experience suggests that failures are typically
transient (the target system has crashed), favoring a
policy of two connection attempts in the first hour the
message is in the queue, and then backing off to once
every two or three hours.
The sender-SMTP can shorten the queueing delay by
cooperation with the receiver-SMTP. In particular, if
mail is received from a particular address, it is good
evidence that any mail queued to send to that host can
now be sent.
The strategy may be further modified as a result of
multiple addresses per host (see Section 5.3.4), to
optimize delivery time vs. resource usage.
A sender SHOULD keep a list of hosts it cannot reach and
corresponding timeouts, rather than just retrying queued
mail items.
DISCUSSION:
A sender-SMTP may have a large queue of messages for
each unavailable destination host, and if it retried
all these messages in every retry cycle, there would be
excessive Internet overhead and the daemon would be
blocked for a long period. Note that an SMTP can
generally determine that a delivery attempt has failed
only after a timeout of a minute or more; a one minute
timeout per connection will result in a very large
Internet Engineering Task Force [Page 55]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
delay if it is repeated for dozens or even hundreds of
queued messages.
Similarly, the sender-SMTP MAY support multiple concurrent
outgoing mail transactions to achieve timely delivery.
However, some limit SHOULD be imposed to protect the host
from devoting all its resources to mail.
The use of the different addresses of a multihomed host is
discussed below.
5.3.1.2 Receiving strategy
The receiver-SMTP SHOULD attempt to keep a pending listen on
the SMTP port at all times. This will require the support
of multiple incoming TCP connections for SMTP. Some limit
MAY be imposed.
IMPLEMENTATION:
When the receiver-SMTP receives mail from a particular
host address, it could notify the sender-SMTP to retry
any mail pending for that host address.
5.3.2 Timeouts in SMTP
There are two approaches to timeouts in the sender-SMTP: (a)
limit the time for each SMTP command separately, or (b) limit
the time for the entire SMTP dialogue for a single mail
message. A sender-SMTP SHOULD use option (a), per-command
timeouts. Timeouts SHOULD be easily reconfigurable, preferably |
without recompiling the SMTP code. |
DISCUSSION:
Timeouts are an essential feature of an SMTP
implementation. If the timeouts are too long (or worse,
there are no timeouts), Internet communication failures or
software bugs in receiver-SMTP programs can tie up senders
indefinitely. If the timeouts are too short, resources
will be wasted with attempts that time out part way
through message delivery.
If option (b) is used, the timeout has to be very large, |
e.g., an hour, to allow time to expand very large mailing |
lists. The timeout may also need to increase linearly |
with the size of the message, to account for the time to |
transmit a very large message. A large fixed timeout |
leads to two problems: a failure can still tie up the |
sender for a very long time, and very large messages may |
Internet Engineering Task Force [Page 56]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
still spuriously time out (which is a wasteful failure!). |
Using the recommended option (a), a timer is set for each
SMTP command and for each buffer of the data transfer.
The latter means that the overall timeout is inherently
proportional to the size of the message.
We now present some specific recommendations for per-command
timeouts, based on extensive experience with busy mail-relay
hosts.
o Initial 220 Message
A Sender-SMTP process needs to distinguish between a
failed TCP connection and a delay in receiving the initial
220 greeting message. Many receiver-SMTPs will accept a
TCP connection but delay delivery of the 220 message until
their system load will permit more mail to be processed.
Senders SHOULD wait at least 5 minutes for the 220 message
after the TCP connection is opened.
o MAIL Command
Senders SHOULD wait at least 5 minutes for the reply to a
MAIL command.
o RCPT Command
Senders SHOULD wait at least 5 minutes for the reply to a
RCPT command. (A longer timeout would be required if
processing of mailing lists and aliases were not deferred
until after the message was accepted).
o DATA Initiation
Senders SHOULD wait at least 2 minutes for the "354 Start
Input" reply to a DATA command.
o Data Block
Senders SHOULD wait at least 3 minutes for the completion |
of each TCP SEND call transmitting a chunk of data.
o DATA Termination
Senders SHOULD wait at least 10 minutes for the "250 OK"
reply. When the receiver gets the final period terminating
the message data, it typically performs processing to
Internet Engineering Task Force [Page 57]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
deliver the message to a user mailbox. A spurious timeout
at this point would be very wasteful, since the message
has been successfully sent.
A receiver-SMTP SHOULD have a timeout of at least 5 minutes
while it is awaiting the next command from the sender.
5.3.3 Reliable Mail Receipt
When the receiver-SMTP accepts a piece of mail (by sending a
"250 OK" message in response to DATA), it is accepting
responsibility for delivering or relaying the message. It must
take this responsibility seriously, i.e., it MUST NOT lose the
message for frivolous reasons, e.g., because the host later
crashes or because of a predictable resource shortage.
However, some delivery failures after the message is accepted
by SMTP will be unavoidable. For example, it may be impossible
for the receiver-SMTP to validate all the delivery addresses in
RCPT command(s) due to a "soft" domain system error or because
the target is a mailing list (see earlier discussion of RCPT).
If there is a delivery failure after acceptance of a message, !
the receiver-SMTP MUST formulate and mail a notification !
message. This notification SHOULD be sent using a null ("<>") !
reverse path in the envelope; see Section 3.6 of RFC-821. The !
recipient of this notification SHOULD be determined according !
to the following rules: !
(1) Use the address from the Return-Path: line. However, if !
this address is null ("<>"), the receiver-SMTP MUST NOT !
send a notification. !
(2) If there is no Return-Path: line, use the address from the !
Sender: field of the 822 header. However, if this address !
is null ("<>"), the receiver-SMTP MUST NOT send a !
notification. !
(3) If there is no Sender: field in the header, use the !
address from the Reply-To: field of the 822 header. !
(4) If there is no Reply-To: field, use the address from the !
From: field of the 822 header. !
To avoid receiving duplicate messages as the result of
timeouts, an SMTP MUST seek to minimize the time required to
Internet Engineering Task Force [Page 58]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
respond to the final "." that ends a message transfer. See
RFC-1047 [SMTP:4] for a discussion of this problem.
5.3.4 Reliable Mail Transmission
To transmit a message, a sender-SMTP will determine the IP
address of the target host from the destination address in the
envelope. Specifically, it will map the string to the right of
the "@" sign into an IP address. This mapping or the transfer
itself may fail with a soft error (see Section 6.1.4.2), so a
sender-SMTP MUST be able to requeue outgoing mail and move on
to other requests when soft errors are encountered.
When it succeeds, the mapping can result in a list of
alternative delivery addresses rather than a single address,
because of (a) multiple MX records, (b) multihoming, or both.
To provide reliable mail transmission, the sender-SMTP MUST be
able to try (and retry) each of the addresses in this list in
order, until a delivery attempt succeeds. However, there MAY |
also be a configurable limit on the number of alternate |
addresses that can be tried. In any case, a host SHOULD try at |
least two addresses. |
The following information is to be used to rank the host
addresses:
(1) Multiple MX Records -- these contain a preference
indication that should be used in sorting. If there are
multiple destinations with the same preference and there
is no clear reason to favor one (e.g., by address
preference), then the sender-SMTP SHOULD pick one at
random to spread the load across multiple mail exchanges
for a specific organization; note that this is a
refinement of the procedure in [DNS:3].
(2) Multihomed host -- The destination host (perhaps taken
from the preferred MX record) may be multihomed, in which
case the domain name resolver will return a list of
alternative IP addresses. It is the responsibility of the
domain name resolver interface (see Section 6.1.3.4 below)
to have ordered this list by decreasing preference, so
SMTP can try them in the order presented.
DISCUSSION:
Although the capability to try multiple alternative
addresses is required, there may be circumstances where
specific installations want to limit or disable the use of
Internet Engineering Task Force [Page 59]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
alternative addresses. The subject of whether a sender
should attempt retries using the different addresses of a
multihomed host has been controversial. The main argument
for using the multiple addresses is that it maximizes the
probability of timely delivery, and indeed sometimes the
probability of any delivery; the counterargument is that
it may result in unnecessary resource use.
Note that the resource usage is strongly determined also
by the sending strategy discussed in Section 5.3.1.
5.3.5 Domain Name Support
SMTP implementations MUST use the mechanism defined in Section
6.1 for mapping between domain names and IP addresses. This
means that every SMTP MUST include support for the Internet
DNS.
In particular, a sender-SMTP MUST support the MX record scheme
[SMTP:3]. See also Section 7.4 of [DNS:2] for information on
domain name support for SMTP.
5.3.6 Mailing Lists and Aliases
An SMTP-capable host SHOULD support both the alias and the list
form of address expansion for multiple delivery.
DISCUSSION:
An important mail facility is a mechanism for transforming
or "expanding" a pseudo-mailbox address into a list of
destination mailbox addresses, to obtain multi-destination
delivery of a single message. When a message is sent to
such a pseudo-mailbox (sometimes called an "exploder"),
copies are forwarded or redistributed to each mailbox in
the expanded list. We classify such a pseudo-mailbox as
an "alias" or a "list", depending upon the expansion
rules:
(a) Alias
To expand an alias, the recipient mailer simply
replaces the pseudo-mailbox address in the envelope
with each of the expanded addresses in turn; the
envelope and the message body are left unchanged.
The message is then delivered or forwarded to each
expanded address.
Internet Engineering Task Force [Page 60]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
(b) List
To expand a list, the recipient mailer again replaces
the pseudo-mailbox address in the envelope with each
of the expanded addresses in turn. However, when the
message is delivered or forwarded to each expanded
address, the return address in the envelope ("MAIL
FROM:") MUST be changed to be the address of a person
who administers the list. The message body is left
unchanged and in particular, the "From" field of the
message is unaffected.
The return address in the envelope is changed so that
all error messages generated by the final deliveries
will be returned to the list administrator, not to
the message originator, who generally has no control
over the contents of the list and will typically find
error messages annoying.
The list may be said to operate by "redistribution"
rather than "forwarding." A useful conceptual model
(not necessarily an implementation approach) is this:
a mailing list is a UA function, not an SMTP
function. Thus, the message is originally delivered
into the mailbox of a UA daemon belonging to the
mailing list administrator; this UA daemon remails
the message to each entry in the list.
5.3.7 Mail Gatewaying
Gatewaying mail between different mail environments, i.e.,
different mail formats and protocols, is complex and does not
easily yield to standardization. See for example [SMTP:5a],
[SMTP:5b]. However, some general guidelines may be given for a
gateway between the Internet and another mail environment:
o Header fields MAY be rewritten when necessary as messages
are gatewayed across mail environment boundaries.
DISCUSSION:
The other mail systems gatewayed to the Internet
generally use a subset of RFC-822 headers. However,
some of them do not have an equivalent to the SMTP
envelope. Therefore, when a message leaves the
Internet environment, it is generally necessary to
fold the SMTP envelope information into the message
Internet Engineering Task Force [Page 61]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
header.
A possible solution would be to create new header
fields to carry the envelope information (e.g., "X-
SMTP-MAIL:" and "X-SMTP-RCPT:"). However, this would
require changes in mail programs in the foreign
environment.
o From the Internet side, the gateway SHOULD accept all |
valid address formats in SMTP commands and in RFC-822 |
message fields and all valid RFC-822 messages. |
DISCUSSION:
It is often tempting to restrict the range of
addresses accepted at the mail gateway to simplify
the translation into addresses for the remote
environment. This practice is based on the
assumption that mail users have control over the
addresses their mailers send to the mail gateway. In
practice, however, users have little control over the
addresses that are finally sent; their mailers are
free to change addresses into any legal RFC-822
format.
o The gateway MUST ensure that all header fields of a
message that it forwards into the Internet meet the
requirements for Internet mail. In particular, all
addresses in "From:", "To:", "Cc:", etc., fields must be
transformed (if necessary) to satisfy RFC-822 syntax, and
they must be effective and useful for sending replies.
o The translation algorithm used to convert mail from the
Internet protocols to another environment's protocol
SHOULD ensure that error messages are delivered to the
sender listed in the SMTP envelope, not to the sender
listed in the "From:" field of the RFC-822 message.
DISCUSSION:
Internet mail lists usually place the address of the
mail list maintainer in the envelope but leave the
original message header intact (with the "From:"
field containing the original sender). This yields
the behavior the average recipient expects: a reply
to the header gets sent to the original sender, not
to a mail list maintainer; however, errors get sent
Internet Engineering Task Force [Page 62]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
to the maintainer (who can fix the problem) and not
the sender (who probably cannot).
5.3.8 Maximum Message Size
DISCUSSION:
Note that SMTP does not define a maximum size of a
message, but some systems have practical limitations.
Users are expected to show good judgment when they send
large messages.
5.4 SMTP REQUIREMENTS SUMMARY
| | | | |S| |
| | | | |H| |F
| | | | |O|M|o
| | |S| |U|U|o
| | |H| |L|S|t
| |M|O| |D|T|n
| |U|U|M| | |o
| |S|L|A|N|N|t
| |T|D|Y|O|O|t
FEATURE |SECTION | | | |T|T|e
-----------------------------------------------|----------|-|-|-|-|-|--
| | | | | | |
Receiver-SMTP: | | | | | | |
Implement VRFY |5.2.3 |x| | | | |
Implement EXPN |5.2.3 | |x| | | |
EXPN, VRFY configurable |5.2.3 | | |x| | |
Implement SEND, SOML, SAML |5.2.4 | | |x| | |
Verify HELO parameter |5.2.5 | | |x| | |
Refuse message with bad HELO |5.2.5 | | | | |x|
| | | | | | |
Support "postmaster" |5.2.7 |x| | | | |
Process RCPT when received (except lists) |5.2.7 | | |x| | |
Long delay of RCPT responses |5.2.7 | | | | |x|
Add Received: line |5.2.8 |x| | | | |
Received: line include domain literal |5.2.8 | |x| | | |
Pass Return-Path info (final deliv/gwy) |5.2.8 |x| | | | |
Send only official reply codes |5.2.9 | |x| | | |
Send text from RFC-821 when appropriate |5.2.9 | |x| | | |
| | | | | | |
Delete "." for transparency |5.2.10 |x| | | | |
Accept and recognize self domain literal |5.2.16 |x| | | | |
Keep pending listen on SMTP port |5.3.1 | |x| | | |
Provide limit on concurrency |5.3.1 | | |x| | |
Avoidable delivery failure after "250 OK" |5.3.3 | | | | |x|
Internet Engineering Task Force [Page 63]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
Post-"250 OK" err sent to envelope addr |5.3.3 |x| | | | |
Send error msg to null address |5.3.3 | | | | |x|
| | | | | | |
Sender-SMTP: | | | | | | |
Canonicalized domain names in MAIL, RCPT |5.2.2 |x| | | | |
Implement SEND, SOML, SAML |5.2.4 | | |x| | |
Send valid principal host name in HELO |5.2.5 |x| | | | |
Send to first in forward path |5.2.6 |x| | | | |
Use only reply code to determine action |5.2.9 | |x| | | |
Use only high digit of reply code when poss. |5.2.9 |x| | | | |
Add "." for transparency |5.2.10 |x| | | | |
Interpret 'local-part' of address |5.2.15 | | | | |x|
| | | | | | |
Timeouts on all activities |5.3.1 |x| | | | |
Error message about error message |5.3.1 | | | | |x|
Retry messages after soft failure |5.3.1 |x| | | | |
Giveup time at least 4-5 days |5.3.1 | |x| | | |
Configurable retry parameters |5.3.1 |x| | | | |
Multiple RCPT's for same DATA |5.3.1 | |x| | | |
Delay before retry |5.3.1 |x| | | | |
Retry once per each queued dest host |5.3.1 | |x| | | |
Support multiple concurrent transactions |5.3.1 | | |x| | |
Provide limit on concurrency |5.3.1 | |x| | | |
| | | | | | |
Per-command timeouts |5.3.2 | |x| | | |
Timeouts easily reconfigurable |5.3.2 | |x| | | |
Recommended delay for initial 220 msg |5.3.2 |x| | | | |
Return err msg if cannot deliver |5.3.2 |x| | | | |
Minimize acceptance delay (RFC-1047) |5.3.3 |x| | | | |
Able to try alternate addresses |5.3.4 |x| | | | |
Rank alternate addresses |5.3.4 |x| | | | |
Configurable limit on alternate tries |5.3.4 | | |x| | |
Try at least two alternates addresses |5.3.4 | |x| | | |
Load-split across equal MX alternates |5.3.4 | |x| | | |
Use the Domain Name System |5.3.5 |x| | | | |
Use WKS records |5.2.11 | | | |x| |
Support MX records |5.3.5 |x| | | | |
| | | | | | |
Mail relays: | | | | | |
SMTP act as mail relay |5.2.6 | | |x| | |
Relay update return path |5.2.6 |x| | | | |
Relay add Received: line to header |5.2.6 |x| | | | |
Relay alter other header field(s) |5.2.6 | | | |x| |
| | | | | | |
Mailing list and aliases | | | | | | |
Support |5.3.6 | |x| | | |
Report mail list error to local admin. |5.3.6 |x| | | | |
| | | | | | |
Internet Engineering Task Force [Page 64]
***DRAFT RFC*** APPLICATIONS LAYER -- MAIL May 22, 1989
Mail Gateways: | | | | | | |
Rewrite header fields when necessary |5.3.7 | | |x| | |
Accept full RFC-822 on Internet side |5.3.7 | |x| | | |
Send only valid RFC-822 on Internet side |5.3.7 |x| | | | |
Deliver error msgs to envelope addr |5.3.7 | |x| | | |
| | | | | | |
User Agent and SMTP -- RFC-822 | | | | | | |
Allow user to enter <route> address |5.2.6 | | |x| | |
Generate numeric timezones |5.2.12 | |x| | | |
Accept all timezones |5.2.12 |x| | | | |
Use non-num timezones from RFC-822 |5.2.12 |x| | | | |
Omit phrase before route-addr |5.2.13 | | |x| | |
Accept all RFC-822 address formats |5.2.14 |x| | | | |
Generate invalid RFC-822 address format |5.2.14 | | | | |x|
Fully-qualified domain names in header |5.2.14 | |x| | | |
Embed foreign mail env info in local-part |5.2.15 | | |x| | |
Accept and parse dot.dec. domain literals |5.2.16 |x| | | | |
Internet Engineering Task Force [Page 65]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
6. SUPPORT SERVICES
6.1 DOMAIN NAME TRANSLATION
6.1.1 INTRODUCTION
Every host MUST implement a resolver for the Domain Name System
(DNS) and a mechanism using this DNS resolver to convert host
names to IP addresses and vice-versa [DNS:1, DNS:2].
DISCUSSION:
The DNS creates a distributed database used primarily for
the translation between host names and host addresses.
Implementation of DNS software is required. The DNS
consists of two logically distinct parts, name servers and
resolvers (although implementations often combine these
two logical parts in the interest of efficiency) [DNS:2].
Domain name servers store authoritative data about certain
sections of the database and answer queries about the
data. Domain resolvers query domain name servers for data
on behalf of user processes. Every host therefore needs a
DNS resolver; some host machines will also need to run
domain name servers. Since no name server has complete
information, in general a resolver will have to query more
than one name server to resolve a query.
A host MAY also implement an alternative host name translation @
mechanism that searches a local Internet host table. A @
publically-available host table is maintained by the DDN @
Network Information Center (DDN NIC), with a format documented @
in [DNS:4]. This table can be retrieved from the DDN NIC using @
a protocol described in [DNS:5]. Hosts using this protocol
MUST use the VERSION command to check if the table has changed
before requesting the entire table with the ALL command. The
VERSION identifier MUST be treated as an arbitrary string and
tested only for equality; no numerical sequence may be assumed.
The rest of Section 6.1 is concerned only with the DNS.
DISCUSSION:
Internet host name translation was originally performed by
searching local copies of a table of all hosts. This
table has became too large to update and distribute in a
timely manner, and too large to fit into some hosts, so
the DNS was invented.
Use of a host table may still be required by some
Internet Engineering Task Force [Page 66]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
administrative domains or isolated internets. A host
table may also be used as a backup function to the DNS.
The DDN NIC host table includes administrative information
that is not needed for host operation and is therefore not
currently included in the DNS database. Examples include
network and gateway entries. However, some of this
additional information will be added to the DNS in the
future.
Use of the host table instead of the DNS will prevent
access to a growing number of hosts and facilities; the
DDN NIC table contains only about 10% of the Internet
hosts that are accessible through the DNS. Furthermore,
MX services are not available from a host table.
6.1.2 PROTOCOL WALK-THROUGH
An implementor must study references [DNS:1] and [DNS:2]
carefully. They provide a thorough description of the theory,
protocol, and implementation of the domain name system, and
reflect several years of experience.
6.1.2.1 Negative Response Caching: RFC-1034 Section 4.3.4
All DNS name servers and resolvers SHOULD implement negative
response caching.
DISCUSSION:
Experience has shown that negative response caching is
an important performance enhancement.
6.1.2.2 Unused Fields: RFC-1035 Section 4.1.1
Unused fields in a query or response message MUST be zero.
6.1.2.3 Compression: RFC-1035 Section 4.1.4
Name servers MUST use compression in replies.
DISCUSSION:
Compression is essential to avoid overflowing UDP
datagrams.
6.1.2.4 Host Name Syntax: RFC-952, Page 1
The syntax of a legal Internet host name, which is more
restrictive than domain name syntax, was defined in RFC-952
Internet Engineering Task Force [Page 67]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
[DNS:4]. One aspect of the definition of the syntax of a
host name is obsolete and MUST be changed: the first
character may be either alphabetic or numeric, now.
6.1.3 SPECIFIC ISSUES
6.1.3.1 Resolver Implementation
A name resolver SHOULD be able to multiplex concurrent
requests if the host supports concurrent processes.
In implementing a DNS resolver, one of two different models
MAY optionally be chosen: a full-service resolver, or a stub
resolver.
(A) Full-Service Resolver
A full-service resolver is a complete implementation of
the resolver service, and is capable of dealing with
communication failures, failure of individual name
servers, location of the proper name server for a given
name, etc. It must satisfy the following requirements:
o The resolver MUST implement a local caching
function to avoid repeated remote access for
identical requests, and MUST time out information
in the cache. |
o The resolver MUST implement retransmission |
controls to insure that it does not waste |
communication bandwidth, and MUST impose finite |
bounds on the resources consumed to respond to a |
single request. See [DNS:2] pages 43-44 for |
specific recommendations.
o The resolver SHOULD be configurable with start-up
information pointing to multiple root name servers
and multiple name servers for the local domain.
This insures that the resolver will be able to
access the whole name space in normal cases, and
will be able to access local domain information
should the local network become disconnected from
the rest of the Internet.
(B) Stub Resolver
Internet Engineering Task Force [Page 68]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
A "stub resolver" relies on the services of a recursive
name server on the connected network or a "nearby"
network. This scheme allows the host to pass on the
burden of the resolver function to a name server on
another host. This model is often essential for less
capable hosts, such as PCs, and is also recommended
when the host is one of several workstations on a local
network, because it allows all of the workstations to
share the cache of the recursive name server and hence
reduce the number of domain requests exported by the
local network.
At a minimum, the stub resolver MUST be capable of
directing its requests to redundant recursive name
servers. Note that recursive name servers are allowed
to restrict the sources of requests that they will
honor, so the host administrator must verify that the
service will be provided. Stub resolvers MAY implement
caching if they choose, but if so, MUST timeout cached
information.
6.1.3.2 Transport Protocols
DNS resolvers and recursive servers MUST support UDP, and
SHOULD support TCP, for sending (non-zone-transfer) queries.
Specifically, a DNS resolver or server that is sending a
non-zone-transfer query MUST send a UDP query first. If the
Answer section of the response is truncated and if the
requester supports TCP, it SHOULD try the query again using
TCP.
DNS servers MUST be able to service UDP queries and SHOULD
be able to service TCP queries. A name server MAY limit the
resources it devotes to TCP queries, but it SHOULD NOT
refuse to service a TCP query just because it would have
succeeded with UDP.
By private agreement, name servers and resolvers MAY arrange
to use TCP for all traffic between themselves.
TCP MUST be used for zone transfers.
A DNS server MUST have sufficient internal concurrency that
it can continue to process UDP queries while awaiting a
query or performing a zone transfer on an open TCP
connection [DNS:2].
Internet Engineering Task Force [Page 69]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
A server MUST support a UDP query that is delivered using an
IP broadcast or multicast address.
DISCUSSION:
UDP is preferred over TCP for queries because UDP
queries have much lower overhead, both in packet count
and in connection state. The use of UDP is essential
for heavily-loaded servers, especially the root
servers. UDP also offers additional robustness, since
a resolver can attempt several UDP queries to different
servers for the cost of a single TCP query.
It is theoretically possible for the response to an MX
query to exceed the size of a UDP datagram, although a
correct implementation (e.g, using compression) will
typically require truncation only when the number of MX
or NS response records exceeds 10-15. A mailer must not
use a truncated list of MX records, since doing so
could easily create a mail loop.
However, it is also clear that some new DNS record |
types defined in the future will contain information |
exceeding the 512 byte limit that applies to UDP, and |
hence will require TCP. |
Thus, resolvers and name servers should implement TCP
services as a backup to UDP today, with the knowledge
that they will require the TCP service in the future.
Responsible practices can make UDP suffice in the vast
majority of cases. Name servers must use compression
in replies. Resolvers must differentiate truncation of
the Additional section of a reply (which only loses
extra information) from truncation of the Answer
section (which for MX records is a fatal error).
Database administrators should list only a reasonable
number of primary names in lists of name servers, MX
alternatives, etc.
6.1.3.3 Source Quench
When a resolver or server receives a Source Quench for a
query it has issued, it SHOULD take steps to reduce the rate
of querying that server in the near future. A server MAY
ignore a Source Quench that it receives as the result of
sending a response datagram.
IMPLEMENTATION:
Internet Engineering Task Force [Page 70]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
One recommended action to reduce the rate is to send
the next query attempt to an alternate server, if there
is one available. Another is to lengthen the retry
interval for the same server.
6.1.3.4 Multihomed Hosts
When the host name-to-address function encounters a host
with multiple addresses, it SHOULD rank or sort the
addresses using knowledge of the immediately connected
network number(s) and any other applicable performance or
history information.
DISCUSSION:
The different addresses of a multihomed host generally
imply different Internet paths, and some paths may be
preferable to others in performance, reliability, or
administrative restrictions. There is no general way
for the domain system to determine the best path. A
recommended approach is to base this decision on local
configuration information set by the system
administrator.
IMPLEMENTATION: |
The following scheme has been used:
(a) Incorporate into the host configuration data a
Network-Preference List, that is simply a list of
networks in preferred order. This list may be
empty if there is no preference.
(b) When a host name is mapped into a list of IP
addresses, these addresses should be sorted by
network number, into the same order as the
corresponding networks in the Network-Preference
List. IP addresses whose networks do not appear
in the Network-Preference List should be placed at
the end of the list.
6.1.3.5 Extensibility
DNS software MUST support all well-known, class-independent
formats [DNS:2], and SHOULD be written to minimize the
trauma associated with the introduction of new well-known
types and local experimentation with non-standard types.
Except for the compression of domain names inside DNS
Internet Engineering Task Force [Page 71]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
messages, and the translation between printable (i.e. master
file) and internal formats for Resource Records (RRs), DNS
software MUST be written to be independent of data types.
DISCUSSION:
The data types and classes used by the DNS are
extensible, and thus new types will be added and old
types deleted or redefined.
Compression relies on knowledge of the format of data
inside a particular RR. Hence compression must only be
used for the contents of well-known, class-independent
RRs, and must never be used for class-specific RRs or
RR types that are not well-known. The owner name of an
RR is always eligible for compression.
A name server may acquire, via zone transfer, RRs that
the server doesn't know how to convert to printable
format. A resolver can receive similar information as
the result of queries. For proper operation, this data
must be preserved, and hence the implication is that
DNS software cannot use textual formats for internal
storage.
6.1.3.6 Status of RR Types
Name servers MUST be able to load all RR types except MD and
MF from configuration files. The MD and MF types are
obsolete and MUST NOT be implemented; in particular, name
servers MUST NOT load these types from configuration files.
Types A, CNAME, MX, PTR, NS, and SOA are used throughout the
Internet and MUST be implemented.
The TXT and WKS types MAY be implemented. They have not |
been widely used by Internet sites, and as a result, |
applications cannot rely on their existence in the DNS. |
The remaining RR types (MB, MG, MR, NULL, MINFO and RP) are
considered experimental, and applications that use the DNS
cannot expect these RR types to be supported by most
domains. Furthermore these types are subject to
redefinition.
Internet Engineering Task Force [Page 72]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
6.1.4 DNS USER INTERFACE
6.1.4.1 DNS Administration
This document is concerned with design and implementation
issues in host software, not with administrative or
operational issues. However, administrative issues are of
particular importance in the DNS, since errors in particular
segments of this large distributed database can cause poor
or erroneous performance for many; these issues are
discussed in [DNS:6] and [DNS:7].
6.1.4.2 Domain Service User Interface
Hosts MUST provide an interface to the domain system for all
application programs running on the host. This interface
will typically direct requests to a system process to
perform the resolver function [DNS:1, 6.1:2].
At a minimum, the basic interface MUST support a request for |
all information of a specific type and class associated with |
a specific name, and it MUST return either the requested |
information, a hard error code, or a soft error indication.
When there is no error, the basic interface MUST return the
complete reply information without modification, deletion,
or ordering, so that the basic interface will not need to be
changed to accommodate new data types.
The soft error indication is an essential part of the
interface, since it may not always be possible to access
particular information from the DNS. After a query has been
retransmitted several times without a reply, an
implementation MUST give up and return a soft error to the
application.
A host MAY provide other DNS interfaces tailored to
particular functions, transforming the raw domain data into
formats more suited to these functions. In particular, a
host SHOULD provide a DNS interface to facilitate
translation between host addresses and host names.
6.1.4.3 Search Lists
User interfaces to the DNS MAY provide search list
facilities, to provide abbreviations for commonly-used
names.
If search lists are provided, then:
Internet Engineering Task Force [Page 73]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
(1) There MUST be some convention for denoting that a name
is already complete, so that no search list will be
applied. A trailing dot is the usual method.
(2) The interface SHOULD require that a name contain at
least one interior dot before trying matches outside
the local domain(s).
(3) Resolvers MUST support negative caching (see Section
6.1.2.1).
(4) Conversion of an abbreviation MUST be done exactly
once, and MUST be done in the context in which the name
was entered.
DISCUSSION:
If a search list includes suffixes outside the local
domain, then care must be taken to insure against
excessive traffic to foreign servers and the attendant
delays that will be seen by local users. For example,
if the root is in the search list, it should be after
any local domains to prevent unnecessary root server
queries.
Search lists are often per-user or per-process, and the
abbreviation must be expanded in the corresponding
context. For example, if an abbreviation is used in a
mail program for a destination, the abbreviation should
be expanded into a full domain name and stored in the
queued message with an indication that it is already
complete. Otherwise, the abbreviation might be
expanded with a mail system search list, not the
user's, or a name could grow due to repeated
canonicalizations attempts interacting with wildcards.
Finally, administrative denial of search list
facilities may be warranted in some cases, to prevent
abuse of the DNS.
6.1.5 DOMAIN NAME SYSTEM REQUIREMENTS SUMMARY
Internet Engineering Task Force [Page 74]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
| | | | |S| |
| | | | |H| |F
| | | | |O|M|o
| | |S| |U|U|o
| | |H| |L|S|t
| |M|O| |D|T|n
| |U|U|M| | |o
| |S|L|A|N|N|t
| |T|D|Y|O|O|t
FEATURE |SECTION | | | |T|T|e
-----------------------------------------------|-----------|-|-|-|-|-|--
DOMAIN NAME SERVICE | | | | | | |
Implement DNS name-to-address conversion |6.1.1 |x| | | | |
Implement DNS address-to-name conversion |6.1.1 |x| | | | |
Support conversions using host table |6.1.1 | | |x| | |
Use VERSION to determine if changed |6.1.1 |x| | | | |
VERSION is arbitrary string |6.1.1 |x| | | | |
-----------------------------------------------|-----------|-|-|-|-|-|--
GENERAL DNS ISSUES | | | | | | |
Support Negative Response Caching |6.1.2.1 | |x| | | |
Unused fields zero |6.1.2.2 |x| | | | |
Use compression in replies |6.1.2.3 |x| | | | |
Allow host name begin with num or alpha |6.1.2.4 |x| | | | |
Transport Protocols: | | | | | | |
Support UDP queries |6.1.3.2 |x| | | | |
Support TCP queries |6.1.3.2 | |x| | | |
Use UDP first for sending queries |6.1.3.2 |x| | | | |1
Try TCP if UDP answers are truncated |6.1.3.2 | |x| | | |
Use TCP for zone transfers |6.1.3.2 |x| | | | |
TCP usage not block UDP queries |6.1.3.2 |x| | | | |
Support broadcast or multicast queries |6.1.3.2 |x| | | | |
Client handle Source Quench |6.1.3.3 | |x| | | |
Server ignore Source Quench |6.1.3.3 | | |x| | |
Support all well-known, class-indep. types |6.1.3.5 |x| | | | |
Easily expand type list |6.1.3.5 | |x| | | |
Implementation independent of data types |6.1.3.5 |x| | | | |2
-----------------------------------------------|-----------|-|-|-|-|-|--
RESOLVER ISSUES | | | | | | |
| | | | | | |
Resolver support multiple concurrent requests |6.1.3.1 | |x| | | |
Full-service resolver: |6.1.3.1 | | |x| | |
- Local caching |6.1.3.1 |x| | | | |
- Information in local cache times out |6.1.3.1 |x| | | | |
- Retransmission controls |6.1.3.1 |x| | | | |
- Bound resoures used |6.1.3.1 |x| | | | |
- Init. with > 2 root/local servers |6.1.3.1 | |x| | | |
Stub resolver: |6.1.3.1 | | |x| | |
- Use redundant recursive name servers |6.1.3.1 |x| | | | |
Internet Engineering Task Force [Page 75]
***DRAFT RFC*** SUPPORT SERVICES -- DOMAINS May 22, 1989
- Local caching |6.1.3.1 | | |x| | |
- Information in local cache times out |6.1.3.1 |x| | | | |
Support for remote multi-homed hosts: | | | | | | |
Sort multiple addresses by preference list |6.1.3.4 | |x| | | |
| | | | | | |
-----------------------------------------------|-----------|-|-|-|-|-|--
NAME SERVER ISSUES | | | | | | |
| | | | | | |
Load all RR types (except MD and MF) |6.1.3.6 |x| | | | |
Load MD or MF type |6.1.3.6 | | | | |x|
Implement A,CNAME,MX,PTR,NS,SOA |6.1.3.6 |x| | | | |
Implement TXT, WKS |6.1.3.6 | | |x| | |
-----------------------------------------------|-----------|-|-|-|-|-|--
USER INTERFACE TO RESOLVER | | | | | | |
Regular interface |6.1.4.2 | | | | | |
All programs have access to interface |6.1.4.2 |x| | | | |
Ask for all info for given name |6.1.4.2 |x| | | | |
Returns info without modification, or error |6.1.4.2 |x| | | | |
If soft error, give up & return code |6.1.4.2 |x| | | | |
Special interfaces |6.1.4.2 | | |x| | |
Name<->Address translation |6.1.4.2 | |x| | | |
| | | | | | |
Search lists for common abbreviations |6.1.4.1 | | |x| | |
Bypass search list for complete names |6.1.4.1 |x| | | | |
At least one dot for remote lookup |6.1.4.1 | |x| | | |
Conversion exactly once |6.1.4.1 |x| | | | |
Conversion in proper context |6.1.4.1 |x| | | | |
-----------------------------------------------|-----------|-|-|-|-|-|--
-----------------------------------------------|-----------|-|-|-|-|-|--
1. Unless there is private agreement between particular resolver and
particular server.
2. For exceptions, see Section 6.1.3.5.
Internet Engineering Task Force [Page 76]
***DRAFT RFC*** SUPPORT SERVICES -- INITIALIZATION May 22, 1989
6.2 HOST INITIALIZATION
6.2.1 INTRODUCTION
This section discusses the initialization of host software
across a connected network, or more generally across an
Internet path. This is necessary for a diskless host, and may
optionally be used for a host with disk drives. For a diskless
host, the initialization process is called "network booting"
and is controlled by a bootstrap program located in a boot ROM.
To initialize a diskless host across the network, there are two
distinct phases:
(1) Configure the IP layer.
Diskless machines often have no permanent storage in which
to store network configuration information, so that
sufficient configuration information must be obtained
dynamically to support the loading phase that follows.
This information must include at least the IP addresses of
the host and of the boot server. To support booting
across a gateway, the address mask and a list of default
gateways are also required.
(2) Load the host system code.
During the loading phase, an appropriate file transfer
protocol is used to copy the system code across the
network from the boot server.
A host with a disk may perform the first step, dynamic
configuration. This is important for microcomputers, whose
floppy disks allow network configuration information to be
mistakenly duplicated on more than one host. Also,
installation of new hosts is much simpler if they automatically
obtain their configuration information from a central server,
saving administrator time and decreasing the probability of
mistakes.
6.2.2 REQUIREMENTS
6.2.2.1 Dynamic Configuration
A number of protocol provisions have been made for dynamic
configuration.
o ICMP Information Request/Reply messages
Internet Engineering Task Force [Page 77]
***DRAFT RFC*** SUPPORT SERVICES -- INITIALIZATION May 22, 1989
This obsolete message pair was designed to allow a host
to find the number of the network it is on.
Unfortunately, it was useful only if the host already
knew the host number part of its IP address,
information that hosts requiring dynamic configuration
seldom had.
o Reverse Address Resolution Protocol (RARP) [BOOT:4]
RARP is a link-layer protocol for a broadcast medium
that allows a host to find its IP address given its
link layer address. Unfortunately, RARP does not work
across IP gateways and therefore requires a RARP server
on every network. In addition, RARP does not provide
any other configuration information.
o ICMP Address Mask Request/Reply messages (see Section
3.2.2.9)
These ICMP messages allow a host to learn the address
mask for a particular network interface. |
o BOOTP Protocol [BOOT:2] |
This protocol allows a host to determine the IP |
addresses of the local host and the boot server, the |
name of an appropriate boot file, and optionally the |
address mask and list of default gateways. To locate a |
BOOTP server, the host broadcasts a BOOTP request using |
UDP. Ad hoc gateway extensions have been used to |
transmit the BOOTP broadcast through gateways, and in |
the future the IP Multicasting facility will provide a |
standard mechanism for this purpose. |
The suggested approach to dynamic configuration is to use
the BOOTP protocol with the extensions defined in "BOOTP
Vendor Information Extensions" RFC-1084 [BOOT:3]. RFC-1084
defines some important general (not vendor-specific)
extensions. In particular, these extensions allow the
address mask to be supplied in BOOTP; we RECOMMEND that the
address mask be supplied in this manner.
DISCUSSION:
Historically, subnetting was defined long after IP, and
so a separate mechanism (ICMP Address Mask messages)
was designed to supply the address mask to a host.
However, the IP address mask and the corresponding IP
Internet Engineering Task Force [Page 78]
***DRAFT RFC*** SUPPORT SERVICES -- INITIALIZATION May 22, 1989
address conceptually form a pair, and for operational
simplicity they ought to be defined at the same time
and by the same mechanism, whether a configuration file
or a dynamic mechanism like BOOTP.
Note that BOOTP is not sufficiently general to specify
the configurations of all interfaces of a multihomed
host. A multihomed host must either use BOOTP
separately for each interface, or configure one
interface using BOOTP to perform the loading, and
perform the complete initialization from a file later.
Application layer configuration information is expected
to be obtained from files after loading of the system
code.
6.2.2.2 Loading Phase
A suggested approach for the loading phase is to use TFTP
[5.3:1] [BOOT:1] between the IP addresses established by
BOOTP.
TFTP to a broadcast address SHOULD NOT be used, for reasons |
explained in Section 4.2.3.4. |
6.2.3 SYSTEM INITIALIZATION REQUIREMENTS SUMMARY
(none)
Internet Engineering Task Force [Page 79]
***DRAFT RFC*** SUPPORT SERVICES -- MANAGEMENT May 22, 1989
6.3 REMOTE MANAGEMENT
6.3.1 INTRODUCTION
The Internet community has recently put considerable effort |
into the development of network management protocols. The |
result has been a two-pronged approach [MGT:1]: the Simple |
Network Management Protocol (SNMP) [MGT:4] was chosen as the |
short-term management protocol, and the Common Management |
Information Protocol over TCP (CMOT) [MGT:5] was chosen for the |
longer-term. |
Both SNMP and CMOT operate on a Management Information Base |
(MIB) [MGT:3], which defines a collection of management values. |
By reading and setting these values, a remote application may |
query and change the state of a system. A single standard MIB |
has been defined for use by both management protocols, while |
the Structure of Management Information (SMI) [MGT:2] defines |
the datatypes used in the MIB. |
In order to be managed using one of these protocols, a host |
will need to implement an appropriate management agent. An |
Internet host SHOULD include an agent for either SNMP or CMOT, |
and each protocol module SHOULD implement the relevant |
variables defined in the most recent standard MIB. |
6.3.2 PROTOCOL WALK-THROUGH
The MIB is intended to cover both hosts and gateways, although
there may be detailed differences in MIB application to the two
cases. This section contains the appropriate interpretation of
the MIB for hosts. It is likely that later versions of the MIB
will include more entries for host management.
A managed host must implement the following groups of MIB
object definitions: System, Interfaces, Address Translation,
IP, ICMP, TCP, and UDP.
The following specific interpretations apply to hosts:
o ipInHdrErrors
Note that the error "time-to-live exceeded" can occur in a
host only when it is forwarding a source-routed datagram.
o ipOutNoRoutes
This object counts datagrams discarded because no route
Internet Engineering Task Force [Page 80]
***DRAFT RFC*** SUPPORT SERVICES -- MANAGEMENT May 22, 1989
can be found. This may happen in a host if all the
default gateways in the host's configuration are down.
o ipFragOKs, ipFragFails, ipFragCreates
A host that does not implement intentional fragmentation
(see "Fragmentation" section of HRUL) MUST return the
value zero for these three objects.
o icmpOutRedirects
For a host, this object MUST always be zero, since hosts
do not send Redirects.
o icmpOutAddrMaskReps
For a host, this object MUST always be zero, unless the
host is an authoritative source of address mask
information.
o ipAddrTable
For a host, the "IP Address Table" object is effectively a
table of logical interfaces.
o ipRoutingTable
For a host, the "IP Routing Table" object is effectively a
combination of the host's Routing Cache and the static
route table described in "Routing Outbound Datagrams"
section of HRUL.
Within each ipRouteEntry, ipRouteMetric1...4 normally will
have no meaning for a host and SHOULD always be -1, while
ipRouteType will normally have the value "remote."
Since destinations on the connected network are not
expected to appear in the Route Cache (see "Routing
Outbound Datagrams section of HRUL), there are not
expected to be any entries with ipRouteType of "direct."
DISCUSSION:
The current MIB does not include Type-of-Service in an
ipRouteEntry, but a future revision is expected to make
this addition.
We also expect the MIB to be expanded to allow the remote
Internet Engineering Task Force [Page 81]
***DRAFT RFC*** SUPPORT SERVICES -- MANAGEMENT May 22, 1989
management of applications (e.g., the ability to partially
reconfigure mail systems). Network service applications
such as mail systems should therefore be written with the
"hooks" for remote management.
6.3.3 MANAGEMENT REQUIREMENTS SUMMARY
| | | | |S| |
| | | | |H| |F
| | | | |O|M|o
| | |S| |U|U|o
| | |H| |L|S|t
| |M|O| |D|T|n
| |U|U|M| | |o
| |S|L|A|N|N|t
| |T|D|Y|O|O|t
FEATURE |SECTION | | | |T|T|e
-----------------------------------------------|-----------|-|-|-|-|-|--
Support SNMP or CMOT agent |6.3.1 | |x| | | |
Implement specified objects in standard MIB |6.3.1 | |x| | | |
Internet Engineering Task Force [Page 82]
***DRAFT RFC*** SUPPORT SERVICES -- MANAGEMENT May 22, 1989
7. REFERENCES
This section lists the primary references with which every
implementer must be thoroughly familiar. It also lists some
secondary references that are suggested additional reading.
INTRODUCTORY REFERENCES
[INTRO:1] "Requirements for Internet Hosts -- Communications Layer,"
IETF Host Requirements Working Group, R. Braden, Ed., xxxx 1989.
[INTRO:2] "DDN Protocol Handbook," NIC-50004, NIC-50005, NIC-50006,
(three volumes), SRI International, December 1985.
[INTRO:3] "Official Internet Protocols," J. Reynolds and J. Postel,
RFC-1011, May 1987.
This document is republished periodically with new RFC numbers;
the latest version must be used.
[INTRO:4] "Protocol Document Order Information," O. Jacobsen and J.
Postel, RFC-980, March 1986.
[INTRO:5] "Assigned Numbers," J. Reynolds and J. Postel, RFC-1010,
May 1987.
This document is republished periodically with new RFC numbers;
the latest version must be used.
Secondary Introductory References:
[INTRO:8] "Internetwork Applications using the DARPA Protocol
Suite," J. Postel, Proceedings INFOCOM 85, IEEE, Washington DC,
March 1985. Also available as ISI-RS-85-151.
TELNET REFERENCES
[TELNET.1] "Telnet Protocol Specification," J. Postel and J.
Reynolds, RFC-854, May 1983.
[TELNET:2] "Telnet Option Specification," J. Postel and J. Reynolds,
RFC-855, May 1983.
Internet Engineering Task Force [Page 83]
***DRAFT RFC*** SUPPORT SERVICES -- MANAGEMENT May 22, 1989
[TELNET:3] "Telnet Binary Transmission," J. Postel and J. Reynolds,
RFC-856, May 1983.
[TELNET:4] "Telnet Echo Option," J. Postel and J. Reynolds, RFC-857,
May 1983.
[TELNET:5] "Telnet Suppress Go Ahead Option," J. Postel and J.
Reynolds, RFC-858, May 1983.
[TELNET:6] "Telnet Status Option," J. Postel and J. Reynolds, RFC-
859, May 1983.
[TELNET:7] "Telnet Timing Mark Option," J. Postel and J. Reynolds,
RFC-860, May 1983.
[TELNET:8] "Telnet Extended Options List," J. Postel and J.
Reynolds, RFC-861, May 1983.
[TELNET:9] "Telnet End-Of-Record Option," J. Postel, RFC-855,
December 1983.
[TELNET:10] "Telnet Terminal-Type Option," J. VanBokkelen, RFC-1091,
February 1989. |
[TELNET:11] "Telnet Protocol", MIL-STD-1782, U.S. Department of |
Defense, May 1984. |
This document is intended to describe the same protocol as RFC- |
854. In case of conflict, RFC-854 takes precedence, and the |
present document takes precedence over both. |
[TELNET:12] "Telnet Window Size Option", D. Waitzman, RFC-1073, |
October 1988. |
[TELNET:13] "Telnet Terminal Speed Option", C. Hedrick, RFC-1079, |
December 1988. |
[TELNET:14] "Telnet Remote Flow Control Option", C. Hedrick, RFC- |
1080, November 1988. |
Secondary Telnet References:
[TELNET:15] "SUPDUP Protocol," M. Crispin, RFC-734, October 1977.
[TELNET:16] "Telnet SUPDUP Option," M. Crispin, RFC-736, October
1977.
Internet Engineering Task Force [Page 84]
***DRAFT RFC*** SUPPORT SERVICES -- MANAGEMENT May 22, 1989
[TELNET:17] "Data Entry Terminal Option," J. Day, RFC-732, June 1977.
[TELNET:18] "TELNET Data Entry Terminal option -- DODIIS
Implementation," A. Yasuda and T. Thompson, RFC-1043, February
1988.
FTP REFERENCES
[FTP:1] "File Transfer Protocol," J. Postel and J. Reynolds, RFC-
959, October 1985.
[FTP:2] "Document File Format Standards," J. Postel, RFC-678,
December 1974.
[FTP:3] "File Transfer Protocol," MIL-STD-1780, U.S. Department of
Defense, May 1984.
This document is based on an earlier version of the FTP
specification (RFC-765) and is obsolete.
TFTP REFERENCES
[TFTP:1] "The TFTP Protocol Revision 2," K. Sollins, RFC-783, June
1981.
MAIL REFERENCES
[SMTP:1] "Simple Mail Transfer Protocol," J. Postel, RFC-821, August
1982.
[SMTP:2] "Standard For The Format of ARPA Internet Text Messages,"
D. Crocker, RFC-822, August 1982.
This document obsoleted an earlier specification, RFC-733.
[SMTP:3] "Mail Routing and the Domain System," C. Partridge, RFC-
974, January 1986.
This RFC describes the use of MX records, a mandatory extension
to the mail delivery process.
[SMTP:4] "Duplicate Messages and SMTP," C. Partridge, RFC-1047,
Internet Engineering Task Force [Page 85]
***DRAFT RFC*** SUPPORT SERVICES -- MANAGEMENT May 22, 1989
February 1988.
[SMTP:5a] "Mapping between X.400 and RFC 822," S. Kille, RFC-987,
June 1986.
[SMTP:5b] "Addendum to RFC-987," S. Kille, RFC-???, September 1987.
The two preceding RFC's define a proposed standard for
gatewaying mail between the Internet and the X.400 environments. |
[SMTP:6] "Simple Mail Transfer Protocol," MIL-STD-1781, U.S. |
Department of Defense, May 1984. |
This specification is intended to describe the same protocol as |
does RFC-821. However, MIL-STD-1781 is incomplete; in |
particular, it does not include MX records [SMTP:3]. |
DOMAIN NAME SYSTEM REFERENCES |
[DNS:1] "Domain Names - Concepts and Facilities," P. Mockapetris, |
RFC-1034, November 1987. |
This document and the following one obsolete RFC-882, RFC-883, |
and RFC-973. |
[DNS:2] "Domain Names - Implementation and Specification," RFC-1035, |
P. Mockapetris, November 1987. |
[DNS:3] "Mail Routing and the Domain System," C. Partridge, RFC-974, |
January 1986. |
[DNS:4] "DoD Internet Host Table Specification," K. Harrenstein, |
RFC-952, M. Stahl, E. Feinler, October 1985. |
Secondary DNS References: |
[DNS:5] "Hostname Server," K. Harrenstein, M. Stahl, E. Feinler, |
RFC-953, October 1985. |
[DNS:6] "Domain Administrators Guide," M. Stahl, RFC-1032, November |
1987. |
Internet Engineering Task Force [Page 86]
***DRAFT RFC*** SUPPORT SERVICES -- MANAGEMENT May 22, 1989
[DNS:7] "Domain Administrators Operations Guide," M. Lottor, RFC- |
1033, November 1987. |
SYSTEM INITIALIZATION REFERENCES |
[BOOT:1] "Bootstrap Loading Using TFTP," R. Finlayson, RFC-906, June |
1984. |
[BOOT:2] "Bootstrap Protocol (BOOTP)," W. Croft and J. Gilmore, RFC- |
951, September 1985. |
[BOOT:3] "BOOTP Vendor Information Extensions," J. Reynolds, RFC- |
1084, December 1988. |
Note: this RFC revised and obsoleted RFC-1048.
[BOOT:4] "A Reverse Address Resolution Protocol," R. Finlayson, T.
Mann, J. Mogul, and M. Theimer, RFC-903, June 1984.
MANAGEMENT REFERENCES
[MGT:1] "IAB Recommendations for the Development of Internet Network
Management Standards," V. Cerf, RFC-1052, April 1988.
[MGT:2] "Structure and Identification of Management Information for
TCP/IP-based internets," M. Rose and K. McCloghrie, RFC-1065,
August 1988.
[MGT:3] "Management Information Base for Network Management of
TCP/IP-based internets," M. Rose and K. McCloghrie, RFC-1066,
August 1988.
[MGT:4] "A Simple Network Management Protocol," J. Case, M. Fedor,
M. Schoffstall, and J. Davin, RFC-1067, August 1988.
[MGT:5] "The Common Management Information Services and Protocol
over TCP/IP," ?????, RFC-YYY [[FILL IN BEFORE PUBLICATION]]
Internet Engineering Task Force [Page 87]