Hi, Eric, On 07/19/2012 07:21 AM, Eric Vyncke (evyncke) wrote: > Two comments: 1) for the transition period (when we could perhaps see > those packets -- even if I have yet to see one!), 'silently' is > perhaps too strong, I would suggest at the bare minimum a dropped > packet counter (else operators would be blind)
Ok. What about the counter? SHOULD? > 2) RFC1858 (the IPv4 > equivalent of your I-D) specifies that routers with an ACL must also > drop those packets and I would think that this should also be the > case here but with a SHOULD for router implementing layer-4 ACL (not > for plain forwarding routers or layer-3 ACL) The caveat here is that it's trivial for a v4 router to figure out whether the upper layer protocol's header is fragmented, but it may be not so trivial for a v6 router to do so (i.e., it would require them to follow the entire IPv6 header chain, which could possibly be a large number of headers. That said, I guess that including the aforementioned requirement for routers, with the granularity you mention ("routers implementing layer-4 ACLs" or some equivalent wording) might work for the wg? Can others please weigh in? Thanks! Best regards, -- Fernando Gont SI6 Networks e-mail: fg...@si6networks.com PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------