IETF Logo Mail Archive

IPv6 Fragment Overlap not Forbidden

"Elwyn Davies" <elwynd@nortelnetworks.com> Thu, 23 September 2004 14:26 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA16881 for <ipv6-web-archive@ietf.org>; Thu, 23 Sep 2004 10:26:43 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CAUfK-0000Ot-Mo for ipv6-web-archive@ietf.org; Thu, 23 Sep 2004 10:33:47 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CAUVJ-0004D2-Kw; Thu, 23 Sep 2004 10:23:25 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CAUSt-0003yV-AF for ipv6@megatron.ietf.org; Thu, 23 Sep 2004 10:20:55 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA16529 for <ipv6@ietf.org>; Thu, 23 Sep 2004 10:20:52 -0400 (EDT)
Received: from zctfs063.nortelnetworks.com ([47.164.128.120]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CAUZb-0000J8-5D for ipv6@ietf.org; Thu, 23 Sep 2004 10:27:57 -0400
Received: from zctfc040.europe.nortel.com (zctfc040.europe.nortel.com [47.164.129.95]) by zctfs063.nortelnetworks.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id i8NEKG916467 for <ipv6@ietf.org>; Thu, 23 Sep 2004 16:20:16 +0200 (MEST)
Received: by zctfc040.europe.nortel.com with Internet Mail Service (5.5.2653.19) id <TJ1G5N7P>; Thu, 23 Sep 2004 16:20:15 +0200
Message-ID: <8F20221FB47FD51190AD00508BCF36BA0D45800D@znsgy0k3.europe.nortel.com>
From: Elwyn Davies <elwynd@nortelnetworks.com>
To: "'ipv6@ietf.org'" <ipv6@ietf.org>
Date: Thu, 23 Sep 2004 16:20:14 +0200
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21c69d3cfc2dd19218717dbe1d974352
Subject: IPv6 Fragment Overlap not Forbidden
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "IP Version 6 Working Group \(ipv6\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Sender: ipv6-bounces@ietf.org
Errors-To: ipv6-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0ddefe323dd869ab027dbfff7eff0465

While writing the recent draft on NAT-PT deprecation, I had occasion to
review RFC1838 and RFC3128 which relate to security threats with fragmented
IPv4 packets.  One of the problems was that the IPv4 specification allowed
for fragments to overlap.  It appears that the general assumption is that
IPv6 stacks would not allow fragments to overlap but looking at RFC2460 the
reconstruction algorithm specification does not forbid overlaps. If RFC2460
gets revved this point should be included.

Regards,
Elwyn 

----------------------------------------------------------------------------
------

Elwyn B Davies

        Routing and Addressing Strategy Prime & IPv6 Core Team Leader
        CTO Office, Portfolio Integration		Solutions Ready


        Nortel Networks plc			Email:
elwynd@nortelnetworks.com
        Harlow Laboratories     		ESN
6-742-5498
        London Road, Harlow,    		Direct Line
+44-1279-405498
        Essex, CM17 9NA, UK     		Fax
+44-1279-402047
        Registered Office: 			Maidenhead Office Park,
Westacott Way,
        Company No. 3937799			Maidenhead, Berkshire, SSL6
3QH
----------------------------------------------------------------------------
This message may contain information proprietary to Nortel Networks plc so
any
unauthorised disclosure, copying or distribution of its contents is strictly
prohibited.
----------------------------------------------------------------------------
"The Folly is mostly mine"
and the opinions are mine and not those of my employer.	a
============================================================================
======



--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email