Folks, The posting of draft-gont-6man-ipv6-atomic-fragments-00.txt triggered some (unintended) discussion about the usefulness/legitimacy of IPv6 "atomic fragments" (IPv6 packets that contain a Fragmentation Header, but that have the "More Fragments" bit set to zero).
My understanding is that is quite clear that such packets have been found in the wild and that a number of things would break if they were blocked or banned. That said, I'd like some feedback on the actual proposal in draft-gont-6man-ipv6-atomic-fragments-00.txt: process the aforementioned "atomic fragments" as if they were non-fragmented packets. This would basically eliminate all the security issues and problems normally associated with framgentation, while still allowing their legitimate use. Thoughts? Thanks! Best regards, -- Fernando Gont SI6 Networks e-mail: fg...@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------