> I guess this means that if an ICMP error message is generated then > the chunk of the original packet quoted by the ICMP error should > reflect the e2e flow label?
Absolutely. If that is not done then the implementation or solution is not compliant to 3697 is my view. > > Using the flow label to validate recieved ICMP error messages is > quite appealing in light of draft-gont-tcpm-icmp-attacks-03. It > could also be used for validating ICMP messages generated by UDP > packets, where sequence numbers are not available but a flow label > could be set. Interesting data point and off the top of my head I agree. /jim > > David. > -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
