On Apr 16, 2010, at 12:43, Suresh Krishnan wrote: > > As James chimed in, we let the draft expire because there was no clear > consensus in the WG as to the need to define new extension headers. We have > addressed all the comments received from the WG in the last version the > draft. We can refresh the draft and request the chairs for adoption, provided > we see somebody trying to define or seeing a need to define a new extension > header.
In other words, it appears to be the sense of the working group that the presence of an unrecognized next header value currently precludes the possibility of identifying whether there is an unrecognized extension header interposed between the IPv6 header and the upper-layer transport header. It's important to note that 'unrecognized' does not mean 'undefined' here-- it just means 'undefined when the packet analyzer was made' which is not precisely the same thing. Going back to Mr. Carpenter's message about extracting the 5-tuple from IPv6 packets, it seems pretty clear that the logical consequence of the above is that we have only two real alternatives available: A) strongly recommend that all hosts set the flow label, so that we can use the 3-tuple {source address, dest address, flow label}, B) change our mind about whether we need a standard format for generic extension headers, so that we have some hope of always being able to find the 5-tuple even when we cannot process the interposing extension header. For the record, I *strongly* prefer option A over option B. On the other hand, if we go with option B, then that will allow greater flexibility in using RFC 3692 protocol numbers in the face of stateful packet filters like those described in I-D.ietf-v6ops-cpe-simple-security, making them less of an interference than they would otherwise be. -- james woodyatt <j...@apple.com> member of technical staff, communications engineering -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------