[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP Error Messages + Vocabulary

To: james woodyatt <jhw@apple.com>
Subject: Re: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP Error Messages + Vocabulary
From: Rémi Després <remi.despres@free.fr>
Date: Fri, 12 Mar 2010 14:05:13 +0100
Cc: IPv6 Operations <v6ops@ops.ietf.org>
In-reply-to: <D5EAA555-09C2-4583-9F4C-02DB882A3CCA@apple.com>
References: <D6F5ACD2-EB43-477E-9F48-AC3EDB3F7EB4@apple.com> <E4D58FF5-3728-46CD-9E20-F28EADC4D174@free.fr> <D5EAA555-09C2-4583-9F4C-02DB882A3CCA@apple.com>

1.
Le 11 mars 2010 à 21:17, james woodyatt a écrit :
> ...
>> - Forwarded error messages ... must be more general than just Destination Unreachable: they must include in particular Packet Too Big notifications which are essential for IPv6 path-MTU discovery.
> 
> Agreed, but I'm now inclined to remove all four of those recommendations and insert an explicit recommendation into the "Stateless Filters" section that cites RFC 4890 and specifically references section 4.3.1 "Traffic The Must Not Be Dropped".
> 
> Does anyone object to that revision?

No objection, and active support for this approach.
(You are right, ICMP is at the IP layer, not at the transport layer.)


2.
The draft uses "interior" and "exterior", while the traditional vocabulary for NATs is AFAIK "internal" and "external" (e.g. in RFC 4787).
A suggestion would be to align the vocabulary. 


RD

References:
- I-D.ietf-v6ops-cpe-simple-security-09
  - From: james woodyatt <jhw@apple.com>
- Re: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP Error Messages
  - From: james woodyatt <jhw@apple.com>

Prev by Date: Re: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP Error Messages
Next by Date: RE: Routing loop attacks using IPv6 tunnels
Previous by thread: Re: I-D.ietf-v6ops-cpe-simple-security-09 - ICMP Error Messages
Next by thread: Re: I-D.ietf-v6ops-cpe-simple-security-09
Index(es):
- Date
- Thread