IETF Logo Mail Archive

Re: Moving forward draft-ietf-6man-oversized-header chain?

Fernando Gont <fgont@si6networks.com> Thu, 07 February 2013 17:36 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0242F21F857C for <ipv6@ietfa.amsl.com>; Thu, 7 Feb 2013 09:36:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.422
X-Spam-Level:
X-Spam-Status: No, score=-3.422 tagged_above=-999 required=5 tests=[AWL=0.177, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VRPXto2uk3fS for <ipv6@ietfa.amsl.com>; Thu, 7 Feb 2013 09:36:42 -0800 (PST)
Received: from web01.jbserver.net (web01.jbserver.net [93.186.182.34]) by ietfa.amsl.com (Postfix) with ESMTP id 03BBB21F8467 for <ipv6@ietf.org>; Thu, 7 Feb 2013 09:36:42 -0800 (PST)
Received: from 95-132-17-190.fibertel.com.ar ([190.17.132.95] helo=[192.168.1.113]) by web01.jbserver.net with esmtpsa (TLSv1:DHE-RSA-CAMELLIA256-SHA:256) (Exim 4.80.1) (envelope-from <fgont@si6networks.com>) id 1U3VOF-0005Do-D2; Thu, 07 Feb 2013 18:36:12 +0100
Message-ID: <5113E5EF.3020306@si6networks.com>
Date: Thu, 07 Feb 2013 14:35:43 -0300
From: Fernando Gont <fgont@si6networks.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2
MIME-Version: 1.0
To: Karl Auer <kauer@biplane.com.au>
Subject: Re: Moving forward draft-ietf-6man-oversized-header chain?
References: <51100B9E.2040503@si6networks.com> <2CF4CB03E2AA464BA0982EC92A02CE2501E907F7@BL2PRD0512MB646.namprd05.prod.outlook.com> <9B7C0D23-4EC3-4C87-913F-C6CB24CCAD8B@cisco.com> <5112F99B.7090604@si6networks.com> <5113602B.5090709@gmail.com> <1360226247.5572.43.camel@karl> <51137074.2030707@bogus.com> <1360233264.5572.46.camel@karl>
In-Reply-To: <1360233264.5572.46.camel@karl>
X-Enigmail-Version: 1.4.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Feb 2013 17:36:43 -0000

On 02/07/2013 07:34 AM, Karl Auer wrote:
>>> Coming in very late and this has probably already been thought of, but
>>> the ESP header *is* effectively a payload, and may need to be
>>> fragmented.
>> everything after the esp header is payload for everyone other than the 
>> intended recipient, who has more headers to unwrap once the payload has 
>> been decrypted.
> 
> Er - yes. I just meant that you can't take the hard line that "headers
> shall not be fragmented" (not that Brian was saying that) when at least
> one header may have to be. There will only be more headers to unwrap in
> tunnel mode.

>From the pov of this I-D, ESP is the "upper layer protocol". So as long
as you have everythin till the ESP header in the first fragment, you're
fine.

I could add a clarification, if you want (for instance, I added
something along those lines in draft-ietf-v6ops-ra-guard-implementation)

Thanks!
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email