On 2012-04-07 17:17, Joel jaeggli wrote:
> I hesitate to suggest this because I'll probably turn into a pillar of
> salt at some point for harping on it. however...
Just don't look back (towards IPv4).
>
> Getting new extension headers generally parsed is a high bar to get
> over.
I have another concern; this draft appears to state that some
middlebox inserts an extension header into a packet on the fly:
"IPv6 packet staining support consists of labeling datagrams with
security reputation information through the addition of an IPv6
destination option in the packet header by packet manipulation
devices (PMDs) in the carrier or enterprise network."
I'm not aware of any provision in RFC 2460 allowing this, or of any
other extension header that is inserted by a middlebox. The implications
for MTU size and fragmentation are clear.
> That said within one domain of control you might be able to fit a
> subset of the information you're looking to carry into the 20 bits
> available in flow label. 6437 probably provides enough cover/instruction
> to allow for that.
Given that the first paragraph of the Introduction to the draft is almost
identical to the same paragraph in 6437, you may be on to something.
However, it's only conformant if (a) the resulting values belong to a
reasonably uniform distribution and are hard to predict and (b) the method
MUST NOT be used for packets whose flow label is already non-zero.
Brian
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
