On Wed, 21 Nov 2001 [EMAIL PROTECTED] wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
>
>
> Title : Redundant Address Deletion when Encapsulating IPv6 in
> IPv6
> Author(s) : S. Deering, B. Zill
> Filename : draft-deering-ipv6-encap-addr-deletion-00.txt
> Pages : 6
> Date : 20-Nov-01
>
> In some potentially common uses of IPv6-in-IPv6 encapsulation
> ('tunneling'), a node that is performing an encapsulation or
> decapsulation will also be the source or destination of the packet
> being encapsulated. That can result in the same IPv6 address
> appearing in both the outer (encapsulating) and inner (encapsulated)
> IPv6 headers. This document specifies a method for deleting such
> redundant addresses from an inner header when performing an
> encapsulation, and restoring those addresses when decapsulating,
> resulting in a 16-octet (128-bit) reduction in header overhead,
> per address deleted.
First a note about the applicability.
Saving 16 or 32 bytes in the datagram is IMO basically irrelevant.
What this introduces, though, is interesting: if this is used when
inner/outer addresses should match in some way (difficult to check except
in the decapsulating implementation, not good), one can get an assurance
that no one is forging the addresses -- they're basically immutable.
An example:
IPv6_NO_SRC ==> dest address can be used for tunnel+spoofing
IPv6_NO_DEST ==> source address can be used for tunnel+spoofing
IPv6_NO_ADDRS ==> neither address can be used for tunnel+spoofing
Note: IPv6_NO_ADDRS seems basically only usable if you want to:
1) trick hop limit to make every destination appear as on-link, the
idea of this below
2) trick QoS related bits
I already mentioned my main point, that is, hop limit. This issue should
at least be discussed in some form if nothing else. It would be nice if
there was a way to tunnel packets in such a way that the number of hops
used for tunneling would be reflected in the internal datagram's hop
limit. Usefulness? One could not trick those numerous "hop limit must be
255 checks".
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
