[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

mech-v2: processing of non-ipv6 packets [Re: mech-v2-05pre]

To: v6ops@ops.ietf.org
Subject: mech-v2: processing of non-ipv6 packets [Re: mech-v2-05pre]
From: Pekka Savola <pekkas@netcore.fi>
Date: Fri, 27 Aug 2004 22:40:51 +0300 (EEST)
In-reply-to: <20040827133012.26030.qmail@web80507.mail.yahoo.com>

On Fri, 27 Aug 2004, Fred Templin wrote:
> I thought about it more, and the only way a decapsulator should be able
> to receive an encapsulated packet with version = 6 and length less than 40
> is if the act of encapsulation itself were the source of the truncated packet
> (or, if the packet were somehow truncated in the IPv4 network). Reason is
> that truncated packets would be discarded by IPv6 long before ever reaching
> the encapsulator's IPv6-in-IPv4 tunnel driver.

Yes.

> Some implementors might see
> this as reason for sending an ICMPv4 error, so if we want it to be "drop silent"
> this needs to be clarified.

If e.g., checksum (of v4) fails, there's no ICMP error, so there
shouldn't be one now.

> About versions other than 6, if you want to argue that having something
> other than 6 is an error, then that would suggest sending some sort of
> error message - but it's not clear exactly what kind of error could be sent?
> (ICMPv6 "parameter problem"? Some kind of ICMPv4? Other?)

No, I don't think sending an ICMP message is needed, because the
link-layer is supposed to be v6-only.  The close analogy is that if
you receive an ethernet frame with the IPv6 type, but the protocol is
not in fact IP version 6, no error is sent.  There's no use sending
error messages on packets which the sender should know are bogus.

So, I think we just disagree about this and need to get more input.  
Let's consider three options:

 1) something like the current text, disallowing non-IPv6 packets:

  If the payload is not at least 40 bytes in length (i.e., the minimum
  IPv6 packet), the packet MUST be silently discarded.  Likewise, if 
  the version encoded in the first 4 bits of the encapsulated packet 
  is not "6", the packet MUST be silently discarded.

 (support from O.L.N.Rao and Radhakrishnan Suryanarayanan)

 2) something like you proposed, leaving non-ipv6 unspecified:

  If the version encoded in the first 4 bits of the encapsulated packet
  is "6", and the payload is not at least 40 bytes in length (i.e., the
  minimum IPv6 packet), the packet MUST be silently discarded.  Further
  processing for packets with version other than "6" is out of scope.

 (support from Fred Templin)

 3) leave everything out, let the IPv6 code deal with this.

 (support from Vlad Yasevich)

What do others think?

Personally, either 1) or 3) seems best to me.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

Follow-Ups:
- Re: mech-v2: processing of non-ipv6 packets [Re: mech-v2-05pre]
  - From: Pekka Savola <pekkas@netcore.fi>
- Re: mech-v2: processing of non-ipv6 packets [Re: mech-v2-05pre]
  - From: JINMEI Tatuya / 神明達哉 <jinmei@isl.rdc.toshiba.co.jp>

References:
- Re: mech-v2-05pre
  - From: Fred Templin <osprey67@yahoo.com>

Prev by Date: Re: mech-v2-05pre
Next by Date: Document Action: 'Application Aspects of IPv6 Transition' to Informational RFC
Previous by thread: Re: mech-v2-05pre
Next by thread: Re: mech-v2: processing of non-ipv6 packets [Re: mech-v2-05pre]
Index(es):
- Date
- Thread