Hi Robert,
On 24-May-20 22:22, Robert Raszuk wrote:
> Hi Ron,
>
> I have one small question on the Destination Option Header you keep
> referencing to carry for example VPN demux instructions.
>
> As DOH follows Fragment Header it is indeed inspected before CRH.
>
> So please kindly clarify what is there in the IPv6 packet header which would
> stop each segment endpoint (during the transit over SR anchors) which
> destination is obviously in DA of the arriving packet not to inspect DOH and
> not trying to execute it ?
>
> If you could please also provide reference to RFC8200 defining it.
I think you are playing with words a bit here. 8200 says:
"The Destination Options header is used to carry optional information
that need be examined only by a packet's destination node(s)."
That clearly means that other nodes *do not need* to examine the DOH, so they
can simply skip over it. Because it isn't encrypted, of course they physically
can examine it if they want to waste CPU cycles, but they *do not need* to do
so. Since they are not the destination node, obviously the information in the
DOH is not intended for them. If it isn't obvious that they are not intended to
act on that information, I don't know why we bother to write RFCs at all.
Regards
Brian
_______________________________________________
spring mailing list
spring@ietf.org
https://www.ietf.org/mailman/listinfo/spring
