[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: raw thoughts on v6 firewalls



    Date:        Wed, 18 Sep 2002 21:40:11 -0700
    From:        <Rod.VanMeter@nokia.com>
    Message-ID:  <4D7B558499107545BB45044C63822DDE01771CA0@mvebe001.americas.nokia.com>

  | Unless I'm suffering total brain failure (never out of
  | the question), every extension header is supposed to have
  | the length in the same place

No, they're not.   Most probably will, but there's no guarantee that
things will always be that way - if only because the standard layout
puts a (smallish) length limit on the size of extension headers.

These things are parsable only if you know their individual syntax.

This (aside from its effect on firewalls) is one of the reasons that
new headers are so hard to deploy, and why there's a pretty good chance,
that, apart from new application protocols, there never will be any new
ones now - anything new will be turned into an option instead.

kre