Steven Blake wrote: > draft-gont-6man-flowlabel-security assumes that you keep track of every > allocated <src_addr, dst_addr, FL> tuple (the "if(three-tuple is unique) > return flowlabel;" pseudo-code). If you are going to the trouble of > doing this, there is really no reason not to just use a good PRNG to > generate the FL value, and retry upon a 3-tuple collision.
Sorry, that part shouldn't be there (will fix this). It's the result of porting the algorithm from "port randomization" to "flow label randomization". The only state that this algorithm should have is the "counter". Thanks, -- Fernando Gont e-mail: [email protected] || [email protected] PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
