> At the time of bringing up the amplification attacks i had also
> brought up the issue of
> http://tools.ietf.org/html/draft-manral-v6ops-tiny-fragments-issues-02 .
>
> I would want to know if this issue needs to looked further by IPv6.
my take on this is that, for non-final fragment, the packet size must
not be smaller than 1280 bytes. there's no valid use for smaller
fragments (unless you have special network with MTU < 1280).
KAME node will not generate such packets/fragments, but KAME node would
accept those packets happily.
any ideas?
itojun
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
