IETF Logo Mail Archive

Re: [v6ops] Last Call: <draft-ietf-v6ops-ra-guard-implementation-04.txt> (Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard)) to Best Current Practice

Ronald Bonica <rbonica@juniper.net> Thu, 31 May 2012 16:05 UTC

Return-Path: <rbonica@juniper.net>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 727EC11E8094 for <v6ops@ietfa.amsl.com>; Thu, 31 May 2012 09:05:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -106.438
X-Spam-Level:
X-Spam-Status: No, score=-106.438 tagged_above=-999 required=5 tests=[AWL=0.161, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oExiVmLpo2oo for <v6ops@ietfa.amsl.com>; Thu, 31 May 2012 09:05:54 -0700 (PDT)
Received: from exprod7og110.obsmtp.com (exprod7og110.obsmtp.com [64.18.2.173]) by ietfa.amsl.com (Postfix) with ESMTP id 5215911E8091 for <v6ops@ietf.org>; Thu, 31 May 2012 09:05:52 -0700 (PDT)
Received: from P-EMHUB01-HQ.jnpr.net ([66.129.224.36]) (using TLSv1) by exprod7ob110.postini.com ([64.18.6.12]) with SMTP ID DSNKT8eW37b6sA1wPcEWe/H4p8dKytAY0Vjh@postini.com; Thu, 31 May 2012 09:05:54 PDT
Received: from p-emfe02-wf.jnpr.net (172.28.145.25) by P-EMHUB01-HQ.jnpr.net (172.24.192.35) with Microsoft SMTP Server (TLS) id 8.3.213.0; Thu, 31 May 2012 09:04:57 -0700
Received: from EMBX01-WF.jnpr.net ([fe80::1914:3299:33d9:e43b]) by p-emfe02-wf.jnpr.net ([fe80::c126:c633:d2dc:8090%11]) with mapi; Thu, 31 May 2012 12:04:08 -0400
From: Ronald Bonica <rbonica@juniper.net>
To: Fernando Gont <fgont@si6networks.com>
Date: Thu, 31 May 2012 12:04:07 -0400
Thread-Topic: [v6ops] Last Call: <draft-ietf-v6ops-ra-guard-implementation-04.txt> (Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard)) to Best Current Practice
Thread-Index: Ac0/RSV95x4ssIk4R36HQkHoTpVeAwAAdTXQ
Message-ID: <13205C286662DE4387D9AF3AC30EF456D76C45028B@EMBX01-WF.jnpr.net>
References: <7BAC243D-7B55-460E-B36C-52CA83F12B78@gmail.com> <4FC6AAD4.4090108@si6networks.com> <13205C286662DE4387D9AF3AC30EF456D76C44FF13@EMBX01-WF.jnpr.net> <4FC7864D.8000307@si6networks.com> <13205C286662DE4387D9AF3AC30EF456D76C450163@EMBX01-WF.jnpr.net> <4FC7934B.4010205@si6networks.com>
In-Reply-To: <4FC7934B.4010205@si6networks.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "v6ops@ietf.org" <v6ops@ietf.org>, RJ Atkinson <rja.lists@gmail.com>
Subject: Re: [v6ops] Last Call: <draft-ietf-v6ops-ra-guard-implementation-04.txt> (Implementation Advice for IPv6 Router Advertisement Guard (RA-Guard)) to Best Current Practice
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 31 May 2012 16:05:55 -0000

Wfm!

> -----Original Message-----
> From: Fernando Gont [mailto:fgont@si6networks.com]
> Sent: Thursday, May 31, 2012 11:51 AM
> To: Ronald Bonica
> Cc: RJ Atkinson; v6ops@ietf.org
> Subject: Re: [v6ops] Last Call: <draft-ietf-v6ops-ra-guard-
> implementation-04.txt> (Implementation Advice for IPv6 Router
> Advertisement Guard (RA-Guard)) to Best Current Practice
> 
> Hi, Ron,
> 
> On 05/31/2012 12:16 PM, Ronald Bonica wrote:
> > 1) Hosts MUST NOT fragment ICMPv6 Router Solicitation, Router
> > Advertisement, Neighbor Solicitation, Neighbor Advertisement or
> > Redirect messages.
> 
> This one is correct.
> 
> Note that in draft-gont-6man-nd-extension-headers, we're currently
> saying "SHOULD NOT", but this should probably be changed to "MUST NOT",
> as you indicate.
> 
> 
> 
> > 1) Hosts MUST NOT fragment any other ICMPv6 message unless the IPv6
> > header, all extension headers, the ICMPv6 type, code, and checksum
> are
> > included in the first fragment
> 
> This one is a subset of "3)" below, so need for special requirements
> here -- i.e., we don't need to make ICMPv6 a special case.
> 
> 
> 
> > 3) Hosts MUST NOT fragment packets carrying any next-layer protocol
> > unless the IPv6 header, all extension headers, the entire next-layer
> > protocol header are included in the first fragment. TCP and UDP are
> > examples of next-layer protocols.
> 
> This is correct.
> 
> We have expressed this requirement (in
> draft-gont-6man-oversized-header-chain-01.txt) as:
> 
>    All IPv6 packets MUST contain the entire IPv6 header chain within
> the
>    first "assumed Path-MTU" bytes of the packet.  If a packet is
>    fragmented, the first fragment of the packet (i.e., that with a
>    Fragment Offset of 0) must contain the entire IPv6 header chain
>    within the first "assumed Path-MTU" [RFC1981] [RFC4821] bytes of the
>    packet.
> 
> 
> > Do I have this right?
> 
> Yes.
> 
> Cheers,
> --
> Fernando Gont
> SI6 Networks
> e-mail: fgont@si6networks.com
> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
> 
>

v2.23.0 | Report a Bug | By Email