Skip to main content

2. IPv6 Flow Label Specification

The 20-bit Flow Label field in the IPv6 header [RFC2460] is used by a node to label packets of a flow. A Flow Label of zero is used to indicate packets that have not been labeled. Packet classifiers can use the triplet of Flow Label, Source Address, and Destination Address fields to identify the flow to which a particular packet belongs. Packets are processed in a flow-specific manner by nodes that are able to do so in a stateless manner or that have been set up with flow-specific state. The nature of the specific treatment and the methods for flow state establishment are out of scope for this specification.

Flow label values should be chosen such that their bits exhibit a high degree of variability, making them suitable for use as part of the input to a hash function used in a load distribution scheme. At the same time, third parties should be unlikely to be able to guess the next value that a source of flow labels will choose.

In statistics, a discrete uniform distribution is defined as a probability distribution in which each value in a given range of equally spaced values (such as a sequence of integers) is equally likely to be chosen as the next value. The values in such a distribution exhibit both variability and unguessability. Thus, as specified in Section 3, an approximation to a discrete uniform distribution is preferable as the source of flow label values. Intentionally, there are no precise mathematical requirements placed on the distribution or the method used to achieve such a distribution.

Once set to a non-zero value, the Flow Label is expected to be delivered unchanged to the destination node(s). A forwarding node MUST either leave a non-zero flow label value unchanged or change it only for compelling operational security reasons as described in Section 6.1.

There is no way to verify whether a flow label has been modified en route or whether it belongs to a uniform distribution. Therefore, no Internet-wide mechanism can depend mathematically on unmodified and uniformly distributed flow labels; they have a "best effort" quality. Implementers should be aware that the flow label is an unprotected field that might have been accidentally or intentionally changed en route (see Section 6).

Flow Labeling Requirements

To enable the flow label to be used in practice, the following requirements apply to its use:

  • The Flow Label field MUST be set by the source node. Forwarding nodes MUST NOT change the Flow Label value, except as noted in Section 6.1.

  • All packets belonging to the same flow MUST be sent with the same Flow Label value. If a node is not providing any flow-specific treatment, it MUST set the Flow Label to zero.

  • Nodes that do not support the flow label field MUST set it to zero when originating a packet, pass it on unchanged when forwarding a packet, and ignore it when receiving a packet.

The Flow Label is designed to be used by nodes that perform flow-specific handling of packets. Such nodes may include, but are not limited to:

  • Routers performing load distribution
  • Switches performing layer 3/4 load balancing
  • Firewalls and other security devices
  • Quality of Service (QoS) mechanisms
  • Network monitoring and measurement systems
Last updated on