Re: IPv6 and Tiny Fragments

Fred Baker Sat, 26 Nov 2005 20:16:44 -0800

personally, I think that would simply mean that the tiny fragment attack would come at that size.

Better to simply design TCPs well so that the attack is of minimal effect.

On Nov 24, 2005, at 9:10 PM, Vishwas Manral wrote:

Hi folks,

I have been wondering how IPv6 will deal with the tiny fragment attack, RFC1858.

Is there a minimum non-last fragment size specified for IPv6? With so many extension headers a size of around 80bytes IP Header+ payload may not necessarily be right.

I think, we could specify something closer to 200 bytes, which would mean that we would certainly have the TCP header in the first fragment.

Thanks,
Vishwas

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

Re: IPv6 and Tiny Fragments

Reply via email to