Re: I-D Action: draft-ietf-6man-oversized-header-chain-01.txt

[Fernando Gont <fgont@si6networks.com>]

Hi, Eric,

Thanks so much for your feedback! -- Please find my comments inline...
On 07/17/2012 07:35 AM, Eric Vyncke (evyncke) wrote:
> As I said in Paris, very useful I-D which is really important for stateless firewalls (read switch ACL).
> 
> Two minor comments:
> - section 2.0 I would also explicitly add ICMP in addition to UDP & TCP 

How about e.g. s/UDP/ICMPv6/, since, after all, "UDP" was just there as
an example? (I'd prefer to do this rather to add yet another protocol,
since it might lead people to think that the list is exhaustive.. when
it's not).


> (as ICMP is not really an upper-layer protocol as it is the control engine of the network layer)

>From the point of view of encapsulation, I view ICMP as an upper layer
protocol -- although it clearly provides a function at lower layers.

A similar example would be BGP, which is an "app" protocol, but provides
functions for the network layer.


> - not sure whether an upper-layer header could strictly be part on the IPv6 extension header chain (at least not per RFC 2460)

Well, I'd consider the upper-layer header being part of the "ipv6 header
chain" (*) since they are identified with the same namespace used for
extension headers.

(*) I've just skimmed through RFC 2460, and it doesn't mention/define
the term "header chain".


Two possible options:
1) Leave the doc "as is"

2) s/IPv6 header chain/header chain/
This one might address the issue you've raised, but then some might
argue that "the entire header chain could also mean that e.g. an
app-layer header should be included".


I'd rather stick with 1, but I'm certainly open to suggestions. Thoughts?



> Even as the I-D is, it is ready for WGLC IMHO

Thanks!

Best regards,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492