Hi Hemant, > <hs>Of course, firewall vendors will be biased towards inspecting an EH > that is not the HBH. But that is not what RFC 2460 says. Here is text > from RFC 2460 that clearly says, no intermediate node will > inspect/process any EH besides the HBH. > > [With one exception, extension headers are not examined or processed > by any node along a packet's delivery path, until the packet reaches > the node (or each of the set of nodes, in the case of multicast) > identified in the Destination Address field of the IPv6 header.] > > Pardon my ignorance, but I need to see an explicit RFC that says > firewalls being intermediate nodes, are allowed to inspect an EH that is > not HBH and that RFC should also say that the RFC updates RFC 2460. > </hs> It is not just firewalls, like I have mentioned earlier. In case there are two routes to a destination which are of Equal cost (ECMP), a router actually does load balancing by calculating a hash based on the inner header fields like 5-tuple fields. I think this is basic to just about any router and not firewalls itself.
Thanks, Vishwas -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
