On Tue, 3 Jan 2012, Fernando Gont wrote:
Folks,
The posting of draft-gont-6man-ipv6-atomic-fragments-00.txt triggered
some (unintended) discussion about the usefulness/legitimacy of IPv6
"atomic fragments" (IPv6 packets that contain a Fragmentation Header,
but that have the "More Fragments" bit set to zero).
My understanding is that is quite clear that such packets have been
found in the wild and that a number of things would break if they were
blocked or banned.
That said, I'd like some feedback on the actual proposal in
draft-gont-6man-ipv6-atomic-fragments-00.txt: process the aforementioned
"atomic fragments" as if they were non-fragmented packets. This would
basically eliminate all the security issues and problems normally
associated with framgentation, while still allowing their legitimate use.
I support your proposal. I will do a more thorough review of your draft.
Best Regards,
Janos Mohacsi
Thoughts?
Thanks!
Best regards,
--
Fernando Gont
SI6 Networks
e-mail: fg...@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
