Ran, > In the current global Internet, few router implementers are > comfortable trying to reassemble anywhere in the middle of the > path, in part because of the additional attack surface that > reassembling transit traffic would create. > > Instead, at tunnel egress, any fragments are likely to be > merely decapsulated and then forwarded. So, it is critical > that end systems be able to reassemble fragments as fragments > will continue to exist in the real world.
that would also be a significant change in the IPv6 architecture. IPv6 over IPv6 tunnels do outer fragmentation today (RFC2473) and tunnel egress must perform reassembly. cheers, Ole -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
