On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote: > A New Internet-Draft is available from the on-line Internet-Drafts directories. > > > Title : Redundant Address Deletion when Encapsulating IPv6 in > IPv6 > Author(s) : S. Deering, B. Zill > Filename : draft-deering-ipv6-encap-addr-deletion-00.txt > Pages : 6 > Date : 20-Nov-01 > > In some potentially common uses of IPv6-in-IPv6 encapsulation > ('tunneling'), a node that is performing an encapsulation or > decapsulation will also be the source or destination of the packet > being encapsulated. That can result in the same IPv6 address > appearing in both the outer (encapsulating) and inner (encapsulated) > IPv6 headers. This document specifies a method for deleting such > redundant addresses from an inner header when performing an > encapsulation, and restoring those addresses when decapsulating, > resulting in a 16-octet (128-bit) reduction in header overhead, > per address deleted.
First a note about the applicability. Saving 16 or 32 bytes in the datagram is IMO basically irrelevant. What this introduces, though, is interesting: if this is used when inner/outer addresses should match in some way (difficult to check except in the decapsulating implementation, not good), one can get an assurance that no one is forging the addresses -- they're basically immutable. An example: IPv6_NO_SRC ==> dest address can be used for tunnel+spoofing IPv6_NO_DEST ==> source address can be used for tunnel+spoofing IPv6_NO_ADDRS ==> neither address can be used for tunnel+spoofing Note: IPv6_NO_ADDRS seems basically only usable if you want to: 1) trick hop limit to make every destination appear as on-link, the idea of this below 2) trick QoS related bits I already mentioned my main point, that is, hop limit. This issue should at least be discussed in some form if nothing else. It would be nice if there was a way to tunnel packets in such a way that the number of hops used for tunneling would be reflected in the internal datagram's hop limit. Usefulness? One could not trick those numerous "hop limit must be 255 checks". -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------