Hi Dale, Thank you very much for the reply. I am specifying the Geneve Authentication Option (GAO) that authenticates the Geneve Header as well as some Geneve Options and part of the Geneve Payload ( inner packet).
>From your response I understand that Geneve Options are not expected to be reordered, nor to be modified beyond IP options. It sounds reasonable to have Geneve Options NOT covered by the authentication before the GAO and those covered by GAO after. This is ways easier to parse then to define an ordered list of covered options, and it makes it also clear for on path Geneve elements. Note that this is the way IP options covered by the authentication are designated as well. Anyone thinking this is not a good idea, please feel free to comment. Yours, Daniel On Wed, Jun 14, 2017 at 8:54 PM, Dale R. Worley <[email protected]> wrote: > Daniel Migault <[email protected]> writes: > > The Geneve Header can include some options. > > > > I am wondering if the options are all provided by the tunnel terminating > > point (NVE), or if we have to consider the following cases: > > - on path Geneve elements can include/remove/update Geneve options on > > the fly > > - on path Geneve elements can re-order the options > > I look at this question as parallel to the question "On a path, can the > options in an IP header be added/removed/updated/reordered?" > > And the answer to that is that in general, IP options aren't intended to > be modified in transit. But there are some headers (such as Source > Route) that are *intended* to be modified in transit. And some transit > devices are intended to modify IP options. It depends on the specifics > of the situation, and the options involved. > > Dale > > _______________________________________________ > nvo3 mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/nvo3 >
_______________________________________________ nvo3 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nvo3
