On Jun 10, 2013 8:34 PM, "Brian E Carpenter" <[email protected]> wrote: > > On 11/06/2013 15:21, cb.list6 wrote: > > On Jun 10, 2013 7:23 PM, "Fernando Gont" <[email protected]> wrote: > >> Folks, > >> > >> We're currently editing the aforementioned I-D. So far, the I-D just > >> required that the entire IPv6 header chain be present in the first > > fragment. > >> Based on recent/ongoing discussions on the 6man and v6ops lists, there > >> seems to be quite a few folks pushing the idea of limiting the size f > >> the IPv6 header chain to some value (typically in the order of a few > >> hundred bytes). > >> > >> An earlier version of draft-ietf-6man-oversized-header-chain limited the > >> header chain to 1280 bytes, but this requirement was later removed. > >> > >> However, since then a number of folks have produced real world data > >> which indicates that packets "won't make it to the destination node" if > >> the header chain is larger than a few hundred bytes, and I believe that, > >> overall, our understanding of the problem and situation has increased > >> since then. > >> > >> My question to th wg is: > >> > >> 1) Do we want to limit the size of the IPv6 header chain? > >> > >> 2) If so, which limit should we pick? > >> > > > > It's not the size, it is how you use it. > > > > I would suggest "common types" be permitted (tcp, udp, sctp, icmpv6, frag, > > esp, ah) while anything else must be behind an esp. This ensures all > > parties agree that further arbitrary headers will only be processed by the > > concenting end systems. > > Truly, you won't get consensus for that; it isn't realistic. I think we're > already very near consensus on an unconstrained limit in the 128/256 > area. > > Brian >
Concenus from who? Ghosts of protocols past? Or what one fellow calls the "ipv6 priesthood" Is this yet another RA vs DHCPv6 disconnect? But what does 128/256 mean to a network operator? Load balancer or fw or router vendor? I believe meaningful guidance must be provided in terms of permutations that can be expressed in what the common folk call an "access list". Simply saying that there can be arbitrary chaining of x bytes long does not benefit anyone in a practical way, afaik. CB > > > > CB > >> Thanks! > >> > >> Best regards, > >> -- > >> Fernando Gont > >> SI6 Networks > >> e-mail: [email protected] > >> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 > >> > >> > >> > >> > >> -------------------------------------------------------------------- > >> IETF IPv6 working group mailing list > >> [email protected] > >> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > >> -------------------------------------------------------------------- > > > > > > ------------------------------------------------------------------------ > > > > -------------------------------------------------------------------- > > IETF IPv6 working group mailing list > > [email protected] > > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > > --------------------------------------------------------------------
-------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
