Hi Hemant, Hemant Singh (shemant) wrote: > Suresh, > > Introduction para of your draft says "However, some intermediate nodes > such a firewalls, may need to look at the transport layer header fields > in order to make a decision to allow or deny the packet." > > Well, isn't the sentence suggesting that the firewall drops the packet?
No. I am not sure why you think that. The truth is that firewalls exist and they make decisions to allow/deny packets based on configured policy. > Also, seeing the term "intermediate", I had to check RFC 2460 and hence > questioned if even an intermediate node was legal to inspect and process > an EH that was not HBH. It may make sense to clarify RFC 2460 is this > regard. From my reading of RFC2460, it is not legal for an intermediate node to read other EHs than the HBH. But that does not stop any intermediate node, like a firewall, from doing so. What can we do about it? Ban firewalls? > > Also, in response to your latest email that suggested new text, I don't > like the "all IPv6 extension headers". I would rather have it as "all > the new IPv6 extension headers". OK. > > Anyhow, didn't you hear in the 6man at IETF 71 that there has been no EH > defined in the past 10 years (or maybe one), so why does one need this > draft? Of course I heard that, but it does not matter. History is not a good predictor of the future. Pick from one of the following options and then we can argue further on this. 1) We will have no more extension headers: In this case make a recommendation to not use extension headers but use destination options instead. Right now RFC2460 mentions both EHs and DOs as expansion mechanisms and someone can base their protocol design on EHs. 2) We will have more extension headers: Specify a standard format for them. Thanks Suresh -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
