[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mech-v2-05pre

To: Fred Templin <osprey67@yahoo.com>
Subject: Re: mech-v2-05pre
From: Pekka Savola <pekkas@netcore.fi>
Date: Fri, 27 Aug 2004 08:56:32 +0300 (EEST)
Cc: Vladislav Yasevich <vladislav.yasevich@hp.com>, "O.L.N.Rao" <olnrao@samsung.com>, Radhakrishnan Suryanarayanan <rkrishnan.s@samsung.com>, Erik Nordmark <Erik.Nordmark@sun.com>, <v6ops@ops.ietf.org>, Alex Conta <aconta@txc.com>
In-reply-to: <20040826221525.52846.qmail@web80508.mail.yahoo.com>

On Thu, 26 Aug 2004, Fred Templin wrote:
> Drop silently? Drop and send an ICMPv4 error? Drop and send
> an ICMPv6 error? Drop and do something else? By specifying
> drop here, the behavior needs to be clearly spelled out to
> avoid interoperability issues.

It should be obvious that it's "silent discard" but that can be 
spelled out if necessary.

> It seems both unambiguous and correct to say that if the version
> is "6" and the payload is not at least 40 bytes, the packet MUST
> be silently discarded. (Reason: there is no error from the IPv4
> perspective, and there is not enough information to construct an
> ICMPv6 error.) The same cannot be said for versions other than
> "6", which argues for declaring out of scope.

I can't see your point.  Protocol-41 is meant to transport *IPv6*
packets -- that's why it's protocol 41.  Your point would be valid (I
think) if we were specifying a more generic tunnel (like GRE), which
doesn't specify the protocol of the inner payload, but we aren't.. so
it seems fair to say that anything in the payload that's not IPv6 is
an error, and must be dealt with (and it's just a question where it's
specified clearly enough who needs to deal with it).

Again, this doesn't matter in practice at all (AFAICS) unless one
intents to devise a new IP protocol almost exactly like IPv6 which
must be tunneled across unmodified protocol-41 configured tunnel 
implementations.

FWIW, I personally understand Vlad's concern that checking is really
the job of the IPv6 code, not the "Layer 2" code, but in this case 1)
when tunnels have a bigger chance of transmitting bogus packets, 2)
the protocol-41 already specifies that the content is IPv6, and 3) we
already specify a lot of check in the layer 3 contents, this should
not be a big issue to make sure that the implementor doesn't forget to
check the version & length.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Follow-Ups:
- Re: mech-v2-05pre
  - From: Fred Templin <osprey67@yahoo.com>

References:
- Re: mech-v2-05pre
  - From: Fred Templin <osprey67@yahoo.com>

Prev by Date: Re: mech-v2-05pre
Next by Date: Re: I-D ACTION:draft-asadullah-v6ops-bb-deployment-scenarios-00.txt
Previous by thread: Re: mech-v2-05pre
Next by thread: Re: mech-v2-05pre
Index(es):
- Date
- Thread