Subject: Re: latest ipfilter, IPv6 handling
To: Darren Reed <firstname.lastname@example.org>
From: None <email@example.com>
Date: 03/29/2001 02:30:35
>In some email I received from Jun-ichiro itojun Hagino, sie wrote:
>> ip6->ip6_plen can be 0 if the packet is IPv6 jumbogram, you will
>> want to do something about it.
>Do you mean >64k jumbograms ? I'd like to see one get sent first.
>On Solaris, with fiber channel and an MTU of 65420, I end up with
>~9k packets because of internal buffering problems.
regardless of you see the packet or not you need to check about it,
and do something (simply reject it or whatever).
>> on KAME platforms, may need to take care of embedded scope identifiers.
>> in sin6.sin6_addr.s6_addr16.
>What are you saying here ? They're not already included ?
i guess i need to look at it with more care. hold on.
>> why ip6_hlim is set to 127?
>Got to set it to something! Is there an equivalent to tcp_ttl for
setting it to IPDEFTTL is the most appropriate at this moment.
there will be some IANA standard table clarification.
>> packet size may possibly overrun mbuf, on certain operating systems
>> (like MSIZE == 128 and sizeof(void *) == 8).
>In send_reset(), it is ONLY IPv6 + TCP.
>You're telling me that'll overflow 128 bytes ?!
>Likewise, I don't see anything that does anything with "sizeof(void *)"/
MHLEN = MSIZE - sizeof(a couple of pointers and integers).
TCP header (including option part) can take up to 64 bytes.
IPv6 header occupies 40 bytes.
if 40 + 64 > MHLEN, you are dead.