[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Shim-header in every re-located packet [Re: Design decisions made at the interim SHIM6 WG meeting]




The last sentence does not follow. Firewalls may accept just fine packets with a shim6 extension header but no data, but could (and I'd expect many WOULD) drop packets with shim6 ext header WITH data.


Why??

But if that's true: all the more reason to support suppressing the shim header for rewritten packets. :-)

The same said firewalls could be dropping packets that are part
of a TCP stream that was not initiated through this firewall...

Either that or Pekka's dropping example would cause significant
problem for Shim6. I'm not sure Iljitsch's optimization is the answer,
because it does not work in all cases.

--Jari