IETF Logo Mail Archive

Re: [v6ops] WG Doc? draft-gont-v6ops-ipv6-ehs-packet-drops

Fernando Gont <fgont@si6networks.com> Fri, 18 March 2016 12:00 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 08FCA12D641 for <v6ops@ietfa.amsl.com>; Fri, 18 Mar 2016 05:00:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.309
X-Spam-Level:
X-Spam-Status: No, score=-0.309 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_03_06=1.592, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eh0Hy3lftlIC for <v6ops@ietfa.amsl.com>; Fri, 18 Mar 2016 05:00:34 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E31CF12D514 for <v6ops@ietf.org>; Fri, 18 Mar 2016 05:00:33 -0700 (PDT)
Received: from [172.20.15.144] (port-213-160-6-163.static.qsc.de [213.160.6.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id 692EB801C6; Fri, 18 Mar 2016 13:00:28 +0100 (CET)
To: Lorenzo Colitti <lorenzo@google.com>, joel jaeggli <joelja@bogus.com>
References: <A277BE71-BD70-4AFE-97DA-F224D7DBBCB8@cisco.com> <CALx6S353ognNHWnjbNSdW5hb_e6Hv3LqLa_r+e9yEW4F=cjH=A@mail.gmail.com> <56E6FC18.1060304@foobar.org> <CALx6S35pcSj_LLnDWJ68KwSYiHeu6FwrXTaR4N2xE6aY7MRO1A@mail.gmail.com> <CAHw9_iLbqEvsw0x4dDcA3Zy3SXKUROcQuy5nSynsL9Xi+xrZLg@mail.gmail.com> <566C93D0-62FF-4700-BC05-7F9AF12AF1BD@employees.org> <56E892B8.9030902@foobar.org> <394925FE-FAB1-4FFC-B1CF-4F64CC58F613@employees.org> <56E94275.20700@foobar.org> <3AE1DE20-D735-4262-A3FB-7C01F30BAFA2@employees.org> <56E96F74.7000206@foobar.org> <CALx6S37zP4UvCtBJsvnPN6OmDB0OQDMfRrJNy1XF0t4COStUjQ@mail.gmail.com> <EE17974D-EDA4-4732-B29E-B2B3BC36DB86@employees.org> <56E9A16B.4030605@si6networks.com> <A2634C00-EBF8-48DA-9604-790F5213F536@employees.org> <34E270CB-AEB4-4034-99B8-1E6AB528CF67@employees.org> <3AE9BA3C-E7B6-4C0F-B6B4-5A737485123D@employees.org> <8e822f51-fc8c-8dc4-bb38-f089a6e7742a@bogus.com> <CAKD1Yr2vCMtEXAhMOGr4wG4O9N1094pu=vNeqqFfBJ7KLTt3bw@mail.gmail.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <56EBBC7E.8060602@si6networks.com>
Date: Fri, 18 Mar 2016 05:29:50 -0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <CAKD1Yr2vCMtEXAhMOGr4wG4O9N1094pu=vNeqqFfBJ7KLTt3bw@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/v6ops/PD7aq4Zp4z2uNrALtVz7dJj1e3g>
Cc: "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] WG Doc? draft-gont-v6ops-ipv6-ehs-packet-drops
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Mar 2016 12:00:37 -0000

On 03/17/2016 09:10 PM, Lorenzo Colitti wrote:
> On Fri, Mar 18, 2016 at 6:53 AM, joel jaeggli <joelja@bogus.com
> <mailto:joelja@bogus.com>> wrote:
> 
>     > how is this "problem" any different from:
>     >  - "unknown" L4 header
> 
>     unknown is rather different than unfound if you're actually attempting
>     to parse the header chain. you still have a binary decision to make with
>     respect to forwarding or not.
> 
> From the point of view of security, I don't see a difference. Not found
> should be treated as unknown anyway.

Dropping as a result of unfound is unintended effect. That's the point.

-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email