[Ipsec] draft-ietf-ipsec-rfc2402bis-07.txt ... Suggest moving the "Flow Label" IPv6 base header field to "immutable" and protecting with AH
"John Spence, CCSI, CCNA, CISSP" <jspence@native6.com> Sat, 11 September 2004 20:33 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA07986 for <ipsec-archive@lists.ietf.org>; Sat, 11 Sep 2004 16:33:13 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1C6EUp-00056q-40; Sat, 11 Sep 2004 16:29:19 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1C1Gym-0002N6-P3 for ipsec@megatron.ietf.org; Sun, 29 Aug 2004 00:07:44 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id AAA29043 for <ipsec@ietf.org>; Sun, 29 Aug 2004 00:07:42 -0400 (EDT)
Received: from www.native6.com ([168.103.150.210] helo=hestia.native6.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1C1H0G-0007Ms-V6 for ipsec@ietf.org; Sun, 29 Aug 2004 00:09:17 -0400
Received: from JOHNIBMLAPTOP (c-24-16-70-119.client.comcast.net [24.16.70.119]) (authenticated bits=0) by hestia.native6.com (8.12.8/8.12.8) with ESMTP id i7T47CJ1013728 for <ipsec@ietf.org>; Sat, 28 Aug 2004 21:07:12 -0700
Message-Id: <200408290407.i7T47CJ1013728@hestia.native6.com>
From: "John Spence, CCSI, CCNA, CISSP" <jspence@native6.com>
To: ipsec@ietf.org
Date: Sat, 28 Aug 2004 21:07:13 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
Thread-Index: AcSNfam2Dsakoyr4SbiG3bCN7NIGKw==
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 3e15cc4fdc61d7bce84032741d11c8e5
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Sat, 11 Sep 2004 16:29:17 -0400
Subject: [Ipsec] draft-ietf-ipsec-rfc2402bis-07.txt ... Suggest moving the "Flow Label" IPv6 base header field to "immutable" and protecting with AH
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP Security <ipsec.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
Sender: ipsec-bounces@ietf.org
Errors-To: ipsec-bounces@ietf.org
Content-Transfer-Encoding: 7bit
The flow label in IPv6 is chosen by the source node, and must be delivered to the ultimate destination without having been changed in transit, unlike the DSCP or ECN QoS-related fields for IPv6. I suggest, since it is constant end-to-end, the field be moved to "immutable" and protected by AH. -------------- from draft-ietf-ipsec-rfc2402bis-07 ---------- 3.3.3.1.2.1 Base Header Fields The IPv6 base header fields are classified as follows: Immutable Version Payload Length Next Header Source Address Destination Address (without Routing Extension Header) Mutable but predictable Destination Address (with Routing Extension Header) Mutable (zeroed prior to ICV calculation) DSCP (6 bits, see RFC2474 [NBBB98]) ECN (2 bits, see RFC3168 [RFB01]) Flow Label Hop Limit -------------- from RFC 3697 -------------- 2. IPv6 Flow Label Specification The 20-bit Flow Label field in the IPv6 header [IPv6] is used by a source to label packets of a flow. A Flow Label of zero is used to indicate packets not part of any flow. Packet classifiers use the triplet of Flow Label, Source Address, and Destination Address fields to identify which flow a particular packet belongs to. Packets are processed in a flow-specific manner by the nodes that have been set up with flow-specific state. The nature of the specific treatment and the methods for the flow state establishment are out of scope for this specification. The Flow Label value set by the source MUST be delivered unchanged to the destination node(s). ------------------------------- John Spence, CCSI, CCNA, CISSP Native6, Inc. IPv6 Training and Consulting jspenceNOSPAM@native6.com www.native6.com ------------------------------- _______________________________________________ Ipsec mailing list Ipsec@ietf.org https://www1.ietf.org/mailman/listinfo/ipsec
- [Ipsec] draft-ietf-ipsec-rfc2402bis-07.txt ... Su… John Spence, CCSI, CCNA, CISSP
- Re: [Ipsec] draft-ietf-ipsec-rfc2402bis-07.txt ..… Stephen Kent
- Re: [Ipsec] draft-ietf-ipsec-rfc2402bis-07.txt ..… Francis Dupont
- Re: [Ipsec] draft-ietf-ipsec-rfc2402bis-07.txt ..… Stephen Kent
- [Ipsec] draft-ietf-ipsec-rfc2402bis-07.txt ... Su… John Spence, CCSI, CCNA, CISSP