Hi,
Sorry for slow response, I had somehow missed your message.
Vijayrajan ranganathan wrote:
But regarding the 2nd solution, I am wondering how vmware and xen
are able to offer a unique MAC address to each virtual OS.
I mean, what address space do these come from?
Both Xen and VMware
In your previous mail you wrote:
Thoughts?
=> I am strongly against changing all IPv6 implementations.
IMHO the simplest solution is to drop UDP packets with zero checksums
(as far as I know all IPv4 implementations use non-zero checksums
per default and some UDP applications, for instance
On 28/07/09 5:29 PM, "Francis Dupont" wrote:
> In your previous mail you wrote:
>
>Thoughts?
>
> => I am strongly against changing all IPv6 implementations.
> IMHO the simplest solution is to drop UDP packets with zero checksums
> (as far as I know all IPv4 implementations use non-ze
On Jul 28, 2009, at 2:24 AM, Lars Eggert wrote:
Hi,
On 2009-7-27, at 18:46, Rémi Després wrote:
A simple solution would IMHO be to complement to the UDP rule in IPv6
as follows:
- IPv6 hosts MUST create UDP datagrams with non-zero checksums.
(Nothing new here.)
- IPv6 hosts SHOULD accept UDP
I also support Francis.
Janos Mohacsi
Network Engineer, Research Associate, Head of Network Planning and Projects
NIIF/HUNGARNET, HUNGARY
Key 70EF9882: DEC2 C685 1ED4 C95A 145F 4300 6F64 7B00 70EF 9882
On Tue, 28 Jul 2009, Francis Dupont wrote:
In your previous mail you wrote:
Thoughts?
On Tue, Jul 28, 2009 at 3:29 AM, Francis
Dupont wrote:
> In your previous mail you wrote:
>
> Thoughts?
>
> => I am strongly against changing all IPv6 implementations.
> IMHO the simplest solution is to drop UDP packets with zero checksums
> (as far as I know all IPv4 implementations use non-zer
All
I strongly recommend that people read section 1 of RFC 2765. Here is some of
the relevant text:
Fragmented IPv4 UDP packets that do not contain a UDP checksum (i.e.
the UDP checksum field is zero) are not of significant use over
wide-areas in the Internet and will not be translated by
> Out of curiosity, what's the signal back to the sender that his/her
> packet was dropped?? NFS (in some implementations) doesn't checksum
> UDP packets, DNS doesn't, there are quite a few things that don't
> checksum UDP packets.
I believe this is normally a function of the operating system, not
(hopefully this time gmail selects the right outbound from addr grr)
On Tue, Jul 28, 2009 at 4:24 AM, wrote:
>> Out of curiosity, what's the signal back to the sender that his/her
>> packet was dropped?? NFS (in some implementations) doesn't checksum
>> UDP packets, DNS doesn't, there are quite a
On Tue, Jul 28, 2009 at 4:30 AM, Christopher
Morrow wrote:
> (hopefully this time gmail selects the right outbound from addr grr)
>
> On Tue, Jul 28, 2009 at 4:24 AM, wrote:
>>> Out of curiosity, what's the signal back to the sender that his/her
>>> packet was dropped?? NFS (in some implementation
On Tue, Jul 28, 2009 at 4:23 AM, Hesham Soliman wrote:
> All
>
> I strongly recommend that people read section 1 of RFC 2765. Here is some of
> the relevant text:
>
> Fragmented IPv4 UDP packets that do not contain a UDP checksum (i.e.
> the UDP checksum field is zero) are not of significant use
In your previous mail you wrote:
On Tue, Jul 28, 2009 at 3:29 AM, Francis
Dupont wrote:
> In your previous mail you wrote:
>
> Thoughts?
>
> => I am strongly against changing all IPv6 implementations.
> IMHO the simplest solution is to drop UDP packets with zero checksu
In your previous mail you wrote:
I strongly recommend that people read section 1 of RFC 2765. Here is some of
the relevant text:
Fragmented IPv4 UDP packets that do not contain a UDP checksum (i.e.
the UDP checksum field is zero) are not of significant use over
wide-areas
On Tue, Jul 28, 2009 at 4:53 AM, Francis
Dupont wrote:
> In your previous mail you wrote:
>
> On Tue, Jul 28, 2009 at 3:29 AM, Francis
> Dupont wrote:
> > In your previous mail you wrote:
> >
> > Thoughts?
> >
> > => I am strongly against changing all IPv6 implementations.
> > I
> I have some dns packets at least that aren't checksumed and do
> traverse a wide-area-network. The work referenced is from at least 10
> years ago, certainly things have changed, we can hope they changed in
> the positive direction, but it's not clear to me that that is the
> case.
On the DNS se
On Tue, Jul 28, 2009 at 4:58 AM, Francis
Dupont wrote:
> In your previous mail you wrote:
>
> I strongly recommend that people read section 1 of RFC 2765. Here is some of
> the relevant text:
>
> Fragmented IPv4 UDP packets that do not contain a UDP checksum (i.e.
> the UDP checksum fie
Hi Fred-
Here are my thoughts after the first read:
1. Im really not sure an IETF document is really needed here. What you wrote
is an example of justification in a manner. I agree some people probably need
some papers to read that will get their minds thinking in an IPv6 sub
delegation man
Le 28 juil. 09 à 09:29, Francis Dupont a écrit :
=> I am strongly against changing all IPv6 implementations.
In this instance, the change is only a backward compatible additional
rule which is not a MUST.
There is no urgency to upgrade any host.
If an IPv6 host becomes capable to receive mo
FYI
Begin forwarded message:
From: IETF I-D Submission Tool
Date: July 28, 2009 11:18:38 AM GMT+02:00
To: f...@cisco.com
Subject: New Version Notification for draft-baker-ipv6-nd-session-
hijack-00
A new version of I-D, draft-baker-ipv6-nd-session-hijack-00.txt has
been successfuly subm
On Jul 28, 2009, at 11:39 AM, Azinger, Marla wrote:
2. I have concern regarding the suggestions in section 2.3 Am I
interpreting this correctly that you are suggesting upstreams do
OSPF over VPN with residential customers?
within their homes?
No, I am suggesting that in a home that has
In your previous mail you wrote:
To take in consideration your (useful) remark, the proposal could be
improved by replacing a SHOULD by a MAY:
- IPv6 hosts MAY accept UDP zero checksums (but of course MUST still
send non-zero UDP checksums).
- v4 to v6 translators MAY either co
Im thinking one step further than the double routers. For example if these
routers are not serviced by something at least the service type of a dedicated
T1 to each router then they would be doing VPN. So there are more requirements
that need to be met here to make OSPF a realistic option.
Th
Fred Baker wrote:
Filename: draft-baker-ipv6-nd-session-hijack
Revision: 00
Title: Session Hijack in Neighbor Discovery
Creation_date: 2009-07-28
WG ID: Independent Submission
Number_of_pages: 5
Abstract:
This memo is to point out a security issue in IPv6 Neighbor
Di
Le 28 juil. 09 à 13:19, Francis Dupont a écrit :
In your previous mail you wrote:
To take in consideration your (useful) remark, the proposal
could be
improved by replacing a SHOULD by a MAY:
- IPv6 hosts MAY accept UDP zero checksums (but of course MUST
still
send non-zero
On 28/07/09 6:49 PM, "Christopher Morrow" wrote:
> On Tue, Jul 28, 2009 at 4:23 AM, Hesham Soliman
> wrote:
>> All
>>
>> I strongly recommend that people read section 1 of RFC 2765. Here is some of
>> the relevant text:
>>
>> Fragmented IPv4 UDP packets that do not contain a UDP checksum (i.
On Tue, Jul 28, 2009 at 05:00:22AM -0400, Christopher Morrow wrote:
> it's 10 years old, from a single network link, in what I suspect was
> VBNS+, so not even today's internet (scale or applications or users or
> traffic levels or uses)
People might want to check "netstat -s" - on some OSes it di
On 2009-7-28, at 10:37, Christopher Morrow wrote:
apologies, I had a tcpdump expr fail :( I do see DNS though with out
checksums, I'll go dig for some more NFS or other UDP on my test
host(s).
Just as a hint: you'll need to look at inbound traffic if your NIC
does checksum offloading, because
Joel Jaeggli wrote:
I did this for the ietf ids sensor and I haven't see any having run it
since noon.
udp[6:2] == 0
I would be interested in some statistics on IPv4 multicast, since I'm
working on IPv4 - IPv6 multicast translation. I think it's more common
to not use checksums for multicast.
On Jul 28, 2009, at 9:52 AM, Stig Venaas wrote:
Joel Jaeggli wrote:
I did this for the ietf ids sensor and I haven't see any having run
it
since noon.
udp[6:2] == 0
I would be interested in some statistics on IPv4 multicast, since I'm
working on IPv4 - IPv6 multicast translation. I think i
It's my understanding that checksum zero udp packets were rare 10 years
ago... how common are they really?
joel
Rémi Després wrote:
>
> Le 28 juil. 09 à 09:29, Francis Dupont a écrit :
>>
>>
>> => I am strongly against changing all IPv6 implementations.
> In this instance, the change is only a b
I did this for the ietf ids sensor and I haven't see any having run it
since noon.
udp[6:2] == 0
joel
Lars Eggert wrote:
> On 2009-7-28, at 10:37, Christopher Morrow wrote:
>> apologies, I had a tcpdump expr fail :( I do see DNS though with out
>> checksums, I'll go dig for some more NFS or othe
As I mentioned at the mic during yesterday's meeting, UDP checksum=0 is
used/seen quite a bit in RTP traffic. Clearly VoIP was rather in its infancy
in 1999 when that study was done. And to be frank, I rather doubt SIP will
successfully work through inline v4-v6 translators anyway, so I'm not
To clarify, my usage of the word "server" was meant to cover "server
only" devices, i.e., ones that don't have individual users using them
to initiate activities like web surfing.
Think rack mounted servers, storage devices, content servers,
etc. There is an entire industry surrounding those platf
On Tue, Jul 28, 2009 at 02:06:45PM -0400, Thomas Narten wrote:
>
> That said, I generally like Brian's proposed text:
I agree.
> >In such situations, RFC4941 SHOULD be implemented. In other cases,
> >RFC4941 provides limited or no benefit.
>
> One possible tweak on the last sentence, h
Hi Chris,
On 2009-07-28 21:03, Christopher Morrow wrote:
>
> ok. my sole point really was 'discard' is not acceptable. if you toss
> away a packet you ought to tell someone you did that.
Er, do your routers do that when they throw away packets due to
congestion?
Brian
--
I'm very happy with Thomas' tweak to my tweak to his words.
Brian
On 2009-07-29 06:06, Thomas Narten wrote:
> To clarify, my usage of the word "server" was meant to cover "server
> only" devices, i.e., ones that don't have individual users using them
> to initiate activities like web surfing.
Maybe you can tell me otherwise, but while the neighbor would not be
able to prove ownership, in an FCFS SAVI environment it seems likely
that it could gain control of the address, the first guy having
relinquished it.
I looked through RFC 3756, and it seemed to me that this was an
additi
Maybe you can help me reword it. What I am getting at is this:
a) within the home, in the example in figure 3, I have four routers
and nine IP subnets. For each router to know where in the home to send
data, the usual thing is for the routers in the home to do is
communicate with the others
38 matches
Mail list logo
