In message <[email protected]>, Masataka Ohta writes: > Mark Andrews wrote: > > >> But, the problem of current IPv6 specification allows for very > >> long extension headers (more than 60KB is allowed), some of > >> which are automatically inserted not under transport/application > >> layer control. > > > > So? Fragmented packets *do* get through the network. Where they > > don't it slows up DNS resolution and the firewall usually gets fixed > > to allow fragments. > > Yes, hopefully within a decade or two, some firewall maybe > fixed. So?
Actually the firewalls get fixed pretty quickly in most cases. > > As for 60K headers, I'll worry about them when they start happening. > > I know most of you have been short sighted to expect too > much in the future. > > But, even today, how much, in your opinion, is the assured-to-be- > safe DNS message size over IPv6 with 1280B of MTU? Well we have space for around 700 bytes of additional header space before EDNS@512 will fail due to fragments being dropped. Now I'm sure one could artificially consume those 700 bytes but for the moment I'm not worried. > Masataka Ohta > > > > >> So, as Fernando Gont wrote: > >>>> While this issue/question may be currently masqueraded by the fact > >>> that we still have IPv4, I wonder what's "the plan" for the IPv6 case > >>> (at some point, we'll have to rely on whatever such plan is). > >> > >> The first thing to do is to obsolete extension headers and > >> related gotcha in IPv6 specification. > >> > >> Even a fragmentation header has annoying requirement. > >> Masataka Ohta > -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
