101
0/240
Loading content...
If the Internet had an instruction manual, it would be the RFC (Request for Comments) series. These documents define how IP addresses work, how web pages are transferred, how email is delivered, and how secure connections are established. Every packet crossing the Internet conforms to behaviors specified in RFCs.
Despite the humble name—a "request for comments" sounds like a draft seeking feedback—RFCs include the most authoritative and rigorous specifications in computing. Every major technology company implements RFCs. Every network engineer references them. Understanding RFCs is essential for professional networking work.
By the end of this page, you will understand the RFC system's history and evolution, how RFCs are structured and categorized, how to read and interpret RFC conventions, and where to find and use RFCs effectively. You'll be equipped to use RFCs as authoritative references throughout your networking career.
The RFC series began before the Internet existed. On April 7, 1969—seven months before the first ARPANET connection—Steve Crocker wrote RFC 1: Host Software, describing initial ideas for ARPANET communication.
The crucial cultural decision:
Crocker chose the name "Request for Comments" deliberately. In his words:
*"The basic ground rules were that anyone could say anything and that nothing was official... The게임 게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임게임
The crucial cultural decision:
Crocker chose the name "Request for Comments" deliberately to lower the barrier to participation and encourage open collaboration:
"The basic ground rules were that anyone could say anything and that nothing was official... We were just graduate students, after all, and we expected that a hierarchy would assert itself."
This collaborative, egalitarian culture persists today. IETF decisions are made through rough consensus, not formal voting or hierarchy.
Evolution timeline:
| Year | Milestone | Significance |
|---|---|---|
| 1969 | RFC 1 | First RFC, ARPANET host software |
| 1971 | RFC 114 | First FTP specification |
| 1981 | RFC 791, 793 | IPv4 and TCP—core Internet protocols |
| 1983 | RFC 882, 883 | Original DNS specification |
| 1996 | RFC 1945 | HTTP/1.0 formalization |
| 1999 | RFC 2616 | HTTP/1.1 (used for 15+ years) |
| 2015 | RFC 7540 | HTTP/2 |
| 2018 | RFC 8446 | TLS 1.3 |
| 2021 | RFC 9000 | QUIC transport protocol |
| 2022 | RFC 9110 | HTTP Semantics (modern HTTP) |
RFC numbering:
RFCs receive sequential numbers that are never reused or recycled. RFC 793 (TCP) will always be RFC 793, even though it's been updated. New versions receive new numbers—RFC 9293 (2022) updates RFC 793 but doesn't replace its number.
As of 2024, over 9,500 RFCs have been published. The rate is approximately 200-300 new RFCs per year.
The IETF has a tradition of humorous April Fools' Day RFCs. RFC 1149 (IP over Avian Carriers—pigeon networking) and RFC 2324 (Hyper Text Coffee Pot Control Protocol) are famous examples. While humorous, they contain technically valid—if impractical—specifications and demonstrate IETF culture.
Not all RFCs are equal. They have different statuses reflecting their maturity and intended purpose. Understanding these categories helps you interpret RFC authority correctly.
RFC Streams:
RFCs can come from different sources (streams):
| Stream | Source | Purpose |
|---|---|---|
| IETF Stream | IETF Working Groups | Internet Standards, BCPs |
| IRTF Stream | Internet Research Task Force | Research experiments |
| IAB Stream | Internet Architecture Board | Architectural guidance |
| Independent Stream | Independent Submissions | Individual contributions |
Standards Track Status:
The most important RFCs are on the Standards Track—the path to becoming full Internet Standards:
Note: The old "Draft Standard" intermediate status was eliminated in 2011 (RFC 6410). Now it's just Proposed Standard → Internet Standard.
Other status types:
| Status | Description | Examples |
|---|---|---|
| Best Current Practice (BCP) | Recommendations for operations or process | BCP 38 (filtering), BCP 72 (security) |
| Informational | Non-normative information—architecture, guidance | Protocol overviews, deployment guidance |
| Experimental | Research-oriented specifications for testing | Novel protocol proposals |
| Historic | No longer recommended, superseded or obsolete | Older protocol versions |
| Unknown | Very old RFCs without formal status | Some pre-1989 RFCs |
Counterintuitively, 'Proposed Standard' is the status of most deployed Internet protocols. TCP remained a 'Proposed Standard' from 1981 until 2022! Getting to 'Internet Standard' requires substantial bureaucratic effort with little practical benefit. Don't dismiss a protocol because it's 'only' Proposed Standard.
RFCs follow a consistent structure that makes them predictable once you learn the conventions. Understanding this structure helps you navigate efficiently.
123456789101112131415161718192021222324
Internet Engineering Task Force (IETF) W. Eddy, Ed.Request for Comments: 9293 MTISTD: 7 August 2022Obsoletes: 793, 879, 2873, 6093, 6429, 6528, 6691Updates: 1011, 1122, 5765Category: Standards TrackISSN: 2070-1721 Transmission Control Protocol (TCP) Abstract This document specifies the Transmission Control Protocol (TCP). TCP is an important transport-layer protocol in the Internet protocol stack, and it has continuously evolved over decades of use and growth of the Internet... Status of This Memo This is an Internet Standards Track document. This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community...Important header fields:
ASCII diagrams:
RFCs traditionally use ASCII art for message format diagrams:
1234567891011121314151617181920212223
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |C|E|U|A|P|R|S|F| | | Offset| Rsrvd |W|C|R|C|S|S|Y|I| Window | | | |R|E|G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | [Options] | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | : : Data : : | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Note that one tick mark represents one bit position.RFC diagrams use a convention where each tick mark is one bit. The numbers 0-31 at the top mark bit positions. Each row is 32 bits (4 bytes). Learning to read these diagrams quickly is an essential RFC skill. Count carefully—off-by-one errors are easy to make.
One of the most important metadocuments is RFC 2119: Key words for use in RFCs to Indicate Requirement Levels. It defines precisely what terms like MUST, SHOULD, and MAY mean in specifications.
When you see these words in ALL CAPS in an RFC, they have specific normative meanings:
| Keyword(s) | Meaning | Compliance Level |
|---|---|---|
| MUST, REQUIRED, SHALL | Absolute requirement. Violations mean non-compliance. | Mandatory |
| MUST NOT, SHALL NOT | Absolute prohibition. Violations mean non-compliance. | Forbidden |
| SHOULD, RECOMMENDED | Strongly recommended, but valid reasons may exist to deviate. | Strong recommendation |
| SHOULD NOT, NOT RECOMMENDED | Strongly discouraged, but valid reasons may exist to do it anyway. | Strong discouragement |
| MAY, OPTIONAL | Truly optional. Implementations may or may not include. | Optional |
Understanding SHOULD:
The SHOULD keyword is often misunderstood. Per RFC 2119:
"There may exist valid reasons in particular circumstances to ignore a particular item, but the full implications must be understood and carefully weighed before choosing a different course."
In other words:
Practical examples:
1234567891011121314151617
# From RFC 9293 (TCP): "A TCP implementation MUST implement a send buffer and store data from SEND calls until it is transmitted and acknowledged." → Every compliant TCP implementation must have a send buffer. "A TCP implementation SHOULD verify the checksum of all received segments." → Implementations should check checksums, but specialized hardware accelerators may skip software verification if the NIC does it. "A TCP implementation MAY implement a 'quiet time' concept..." → This feature is optional; implementations may or may not include it. # The difference matters for compliance testing:- Violate MUST → Implementation is non-conformant- Violate SHOULD → Implementation must document/justify the deviation- Don't implement MAY → Completely acceptableRFC 8174 (2017) clarified that RFC 2119 keywords only have special meaning when in ALL CAPS. Lowercase 'must' or 'should' are just normal English words. This prevents confusion when authors use these words informally. Modern RFCs explicitly cite both RFC 2119 and RFC 8174.
RFCs can be intimidating—major protocol specifications run to hundreds of pages. Here's a systematic approach to reading them effectively.
First reading strategy:
Common challenges and solutions:
| Challenge | Solution |
|---|---|
| Too long (hundreds of pages) | Focus on sections relevant to your question |
| Dense technical language | Read Terminology section; look up unfamiliar terms |
| References other RFCs | Follow normative references for prerequisites |
| Old formatting (plain text) | Use the HTMLized version at tools.ietf.org |
| Errata/corrections | Check rfc-editor.org/errata for document corrections |
| Multiple related RFCs | Find the RFC that says "Obsoletes" the others |
Using the HTMLized versions:
The RFC Editor provides enhanced HTML versions with:
Access at: https://www.rfc-editor.org/rfc/rfc{number}.html
IETF Datatracker:
For the full lifecycle, use datatracker.ietf.org:
The best way to truly understand an RFC is to implement part of it. Write a minimal HTTP/1.1 client following RFC 9112. Parse a DNS message per RFC 1035. Implementation exposes ambiguities and edge cases that passive reading misses. Many RFC authors say they found spec bugs only when trying to implement.
Understanding how RFCs are created helps you evaluate their authority and anticipate changes.
From Idea to RFC:
Stage details:
1. Internet-Draft (I-D):
draft-{author/wg}-{topic}-{version}draft-ietf-quic-transport-342. Working Group Development:
3. Last Calls:
4. IESG Review:
5. RFC Editor Processing:
Timeline: Major protocol RFCs typically take 2-5 years from first draft to publication.
Internet-Drafts (I-Ds) are explicitly working documents with no formal status. They bear the warning: 'Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time.' Do not cite I-Ds as authoritative; wait for RFC publication.
The RFC series spans many domains. Here are the most important families for networking professionals:
Core Internet Protocols:
| Protocol | Current RFC(s) | Obsoletes | Notes |
|---|---|---|---|
| IPv4 | RFC 791 (1981) | — | Still the foundation, with many updates |
| IPv6 | RFC 8200 (2017) | RFC 2460 | Current IPv6 specification |
| ICMP (IPv4) | RFC 792 (1981) | — | Ping, traceroute, error messages |
| ICMPv6 | RFC 4443 (2006) | RFC 2463 | IPv6 control messages |
| TCP | RFC 9293 (2022) | RFC 793 + many | Modern consolidated TCP spec |
| UDP | RFC 768 (1980) | — | Remarkably stable, one-page spec |
Application Protocols:
| Protocol | Current RFC(s) | Notes |
|---|---|---|
| HTTP/1.1 | RFC 9110-9112 (2022) | Semantics, Caching, Messaging |
| HTTP/2 | RFC 9113 (2022) | Binary framing, multiplexing |
| HTTP/3 | RFC 9114 (2022) | HTTP over QUIC |
| QUIC | RFC 9000-9002 (2021) | Transport, recovery, TLS |
| DNS | RFC 1034-1035 + many | Base spec + extensive extensions |
| SMTP | RFC 5321 (2008) | Email transfer |
| TLS 1.3 | RFC 8446 (2018) | Modern secure transport |
Routing Protocols:
| Protocol | Current RFC(s) | Usage |
|---|---|---|
| BGP-4 | RFC 4271 (2006) | Internet backbone routing |
| OSPFv2 | RFC 2328 (1998) | Interior gateway (link-state) |
| OSPFv3 | RFC 5340 (2008) | OSPF for IPv6 |
| RIPv2 | RFC 2453 (1998) | Simple distance-vector |
| IS-IS | RFC 1195 (+ many) | Large ISP networks |
The Internet Standards Index (STD 1, RFC 9100) lists all current Internet Standards with their STD numbers. STD 7 = TCP, STD 13 = DNS, etc. An STD number is stable even as the underlying RFCs are revised.
The Internet Assigned Numbers Authority (IANA) maintains registries of protocol parameters specified in RFCs. When an RFC defines values that need central allocation, IANA manages them.
What IANA manages:
IANA Considerations section:
Every RFC that defines new protocol constants must include an "IANA Considerations" section specifying:
Registration policies:
| Policy | Meaning |
|---|---|
| Private Use | Designated range for private/experimental use |
| First Come First Served | Minimal documentation; approved quickly |
| Expert Review | Designated expert evaluates requests |
| Specification Required | Must have permanent, publicly available spec |
| IETF Review | Requires IETF consensus (Last Call) |
| Standards Action | Requires Standards Track RFC |
123456789101112
Service Name Port Number Transport Protocol Description Reference----------- ----------- ------------------ ----------- ---------http 80 tcp World Wide Web HTTP RFC 9112http 80 udp World Wide Web HTTP RFC 9112https 443 tcp http protocol over TLS RFC 9110https 443 udp http protocol over TLS RFC 9110ssh 22 tcp SSH Remote Login RFC 4251domain 53 tcp Domain Name Server RFC 1035domain 53 udp Domain Name Server RFC 1035smtp 25 tcp Simple Mail Transfer RFC 5321 # Access the registry: https://www.iana.org/assignments/service-names-port-numbersAll IANA registries are publicly available at iana.org. When you need to look up a port number, media type, or protocol parameter, IANA registries are the authoritative source. They're updated regularly as new registrations are approved.
With 9,500+ RFCs, finding the right one for your needs requires knowing the tools available.
Primary resources:
| Resource | URL | Best For |
|---|---|---|
| RFC Editor | rfc-editor.org | Authoritative source, search, HTML versions |
| IETF Datatracker | datatracker.ietf.org | Full lifecycle, drafts, WG info, relationships |
| tools.ietf.org | tools.ietf.org | HTMLized RFCs, diff between versions |
| RFC Index | rfc-editor.org/rfc-index.html | Browse by number, status, topic |
| IANA Registries | iana.org | Find RFCs that define specific values |
Search strategies:
1. If you know the protocol name:
2. If you need to implement something:
3. If you're debugging interoperability:
Common pitfalls:
For quick lookups: rfc-editor.org/info/rfc{number} gives you the current definitive info page for any RFC, including its status, updates, and obsoleted-by information. Example: rfc-editor.org/info/rfc791 for the IPv4 spec.
We've thoroughly explored the RFC ecosystem—the foundational documentation of Internet protocols. This knowledge equips you to use RFCs as the authoritative references they are.
Module complete:
You've now completed the Protocols and Standards module. You understand what protocols are, how they're structured into stacks, who creates and maintains them, and how to use the RFC system effectively.
This foundational knowledge prepares you for the detailed study of specific protocols in subsequent modules—from physical layer signaling to application layer semantics. Every protocol you encounter will build on the concepts established here.
Congratulations! You've mastered the foundational concepts of protocols and standards. You can now define protocols, identify their elements, understand layered architecture, navigate the standards ecosystem, and use RFCs as authoritative references. These skills are essential for every networking topic that follows.