Re: [Int-area] Start of WGLC for draft-ietf-intarea-gre-ipv6

Thu, 02 Apr 2015 12:39:59 -0700 

Lucy, Tom, Steward,

I agree with what you are saying and have tried to craft some text that 
addresses all of your comments. Please tell me if the following text does the 
trick.

                                                                                
                                                                        Ron

OLD>
   As stated in [RFC2784], the Checksum field contains the IP (one's
   complement) checksum sum of the all the 16 bit words in the GRE
   header and the payload packet.  Therefore, the checksum does not
   ensure the integrity of the IPv6 delivery header.

  Because the IPv6 delivery header does not include a checksum of its
   own, it is subject to corruption.  However, even if the delivery
   header is corrupted, to likelihood of that corruption resulting in
   misdelivery of the payload is extremely low.
<OLD

NEW>
   As stated in [RFC2784], the GRE header can contain a checksum.
   If present, the GRE header checksum can be used to detect
   corruption of the GRE header and GRE payload.

   The GRE header checksum cannot be used to detect corruption
    of the IPv6 delivery header. Furthermore, the IPv6 delivery header
   does not contain  a checksum or its own. Therefore, no checksum
   can be used to detect corruption of the IPv6 delivery header.

   In one failure scenario, the destination address in the IPv6 delivery
   header is corrupted. As a result, the IPv6 delivery packet is delivered
   to  a node other than the intended GRE egress node. Depending upon
   the state and configuration of that node, it will either:


a)      Drop the packet

b)      De-encapsulate the payload and forward it to its intended destination

c)       De-encapsulate the payload and forward it to a node other than its 
intended destination. For example, the payload might be intended for a node on 
one VPN, but delivered to an identically numbered node in another VPN.


Behaviors a) and b) are acceptable. Behavior c) is not acceptable.

Before deploying GRE over IPv6, network operators should consider the
likelihood of behavior c) in their network. Network operators should deploy
GRE over IPv6 if they can tolerate the risk associated with behavior c).

<NEW

                                         Ron





_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area

Reply via email to