[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: filtering packets with unknown options

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: filtering packets with unknown options
From: Joe Abley <jabley@ca.afilias.info>
Date: Wed, 12 Jul 2006 15:05:03 -0400
Cc: v6ops@ops.ietf.org
In-reply-to: <909BFECF-2CDA-4092-B065-2CFBD12AA537@muada.com>
References: <909BFECF-2CDA-4092-B065-2CFBD12AA537@muada.com>


On 12-Jul-2006, at 11:33, Iljitsch van Beijnum wrote:

An alternative would be to set the contents of the option to allzero bits, this should be easier to implement than removing theheader from the packet.

For clarity, I presume you mean set the option type in each TLV thefirewall is unhappy about (in all options extension headers thatmight be present) to zero ("skip this option").


It all still smells a bit nasty, though.


Joe

Follow-Ups:
- Re: filtering packets with unknown options
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

References:
- filtering packets with unknown options
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: filtering packets with unknown options
Next by Date: I-D ACTION:draft-ietf-v6ops-icmpv6-filtering-recs-02.txt
Previous by thread: Re: filtering packets with unknown options
Next by thread: Re: filtering packets with unknown options
Index(es):
- Date
- Thread