Re: [Fwd: draft-conta-ipv6-flow-label-02.txt]

Wed, 15 Aug 2001 06:11:45 -0700 

I didn't hear the presentation since I was sick. But yes, the draft
analyses all those ideas and rejects them - the surviving proposal
is to use the PHB ID. I will comment on that in response to Steve's
message.

The pseudorandom case works for intserv and is irrelevant to diffserv.

   Brian

Jun-ichiro itojun Hagino wrote:
> 
> >The traffic class field is not enough. If you have to re-classify traffic at
> >an administrative boundary, then by definition at that point the traffic class
> >field is inadequate; you need more information. The advantage that IPv6 has
> >is that even when the header is partly hidden by IPSEC, the flow label is
> >available to carry additional semantics. The actual proposal is to use the
> >PHB identifier which has end to end semantics.
> 
>         I heard the presentation differently.  in IETF51 presentation Alex
>         Conta made the following proposals, at least:
>         - putting PHB value
>                 not trustworthy.
>         - putting total extension header length
>                 if the originator lies about the value, intermediate routers
>                 can go panic.
>         - putting port/addr/whatever encoded
>                 if the originator lies about the value, theft-of-service
>                 happens.
>         none of these values are trustworthy, since originator can lie about
>         those.  because these values are not trustworthy, intermediate routers
>         need to get those values by normal ways (by chasing extension header
>         chain, or whatevr), and therefore, flow label value is just wasted.
> 
>         I particularly don't like the idea of putting total extension header
>         length.  as soon as it gets deployed bad guys can mount various attacks.
> 
>         So, back to my original posting, I vote for end-to-end pseudorandom
>         20bit value.  intermediate router MAY use it to hash the traffic,
>         that's all.
> 
> itojun
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page:                      http://playground.sun.com/ipng
FTP archive:                      ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------

Reply via email to