Mauro,
>
> and this is what rfc2460 (section 4.0) says:
>
> ... to proceed to the next header. Therefore, extension headers must
> be processed strictly in the order they appear in the packet; a
> receiver must not, for example, scan through a packet looking for a
> particular kind of extension header and process that header prior to
> processing all preceding ones.
>
> it seems to me that there is at least one situation in which ipv6
> extension headers should be skipped - before a packet is sent back
> within an icpmv6 error message, the kernel must be sure that it is not
> an icmp error message.
>
> i think there are many other situations in which low-level network programs
> need to access payload data without processing extension headers. the
> problems are two:
>
> 1) ipv6 standards do not seem to permit this
> 2) there is not a standard way to skip ext. headers
>
> imho this wg should consider the following solutions:
>
> 1) permit to programs the skip of the ext. headers IF AND ONLY IF
> they are only interested in collecting data for error reporting
> purposes.
> 2) provide a standard macro that returns protocol id of the upper
> layer protocol and the offset of the payload from the beginning of
> the packet, to be included in the next version of
> draft-ietf-ipngwg-rfc2292bis.
>
I think that you are interpreting the text in RFC2460 too literally.
It was never the intension of that text to prevent kernel or application
code from fast forwarding through malformed extension headers in order
to determine if it was legal to send an ICMPv6 error or not. It absolutely
wasn't intended to prevent an application or kernel from fast forwarding
through extension headers in datagrams that were returned as part of
the offending datagram in an ICMPv6 error message.
The intention was to guarantee that the headers would be processed in order
during the initial processing of the datagram. If an error is detected
along the way there is nothing that prevents you from fast-forwarding
through the rest of the broken header(s) to check the contents of the terminal
header in the datagram. Once an error is detected nothing else in the
datagram should be processed.
I don't think that we need to change anything in 2460 to make this clear(er).
Tim Hartrick
Mentat Inc.
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
