On Wed, Sep 8, 2010 at 8:59 AM, Rémi Després <remi.desp...@free.fr> wrote: > > Le 8 sept. 2010 à 14:52, Christopher Morrow a écrit : > >> On Wed, Sep 8, 2010 at 5:23 AM, Rémi Després <remi.desp...@free.fr> wrote: >>> >>> Le 8 sept. 2010 à 03:18, Brian E Carpenter a écrit : > <<< >>>> Thus >>>> some firewalls *will* decide to clear it, whatever the IETF >>>> wants. >>>> > >>>> This is inevitable, for exactly the same reason that the >>>> diffserv code point is rewriteable at domain boundaries. >>>> >>>> If this is correct, it is futile to assert that the flow label >>>> MUST be delivered unchanged to the destination, because we >>>> cannot rely on this in the real world. >>>> >>>> Are we ready to accept this analysis? >>> >>> IMHO,yes. >>> >>> The consequence could be that a FL: >>> - SHOULD be set by the packet source to a value that generally differs from >>> a flow to another (e.g. a 5-tuple hash) >>> - MAY be reset to zero in intermediate nodes, but only for security reasons >> >> clarifying question: "only for security reasons" >> which are? (some examples at least here, perhaps not in the end-text) > > This was simply in reference to the isolated sentence above (between <<< and > >>>).
ok, thanks. -Chris -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------