Received: (from majordomo@localhost)
	by oss.sgi.com (8.11.2/8.11.3) id f72DOHl20987
	for netdev-outgoing; Thu, 2 Aug 2001 06:24:17 -0700
Received: from sabre-wulf.nvg.ntnu.no (IDENT:root@sabre-wulf.nvg.ntnu.no [129.241.210.67])
	by oss.sgi.com (8.11.2/8.11.3) with SMTP id f72DOFV20983
	for <netdev@oss.sgi.com>; Thu, 2 Aug 2001 06:24:15 -0700
Received: from tyrell.nvg.ntnu.no ([IPv6:::ffff:129.241.210.70]:9484 "EHLO
	tyrell.nvg.ntnu.no" ident: "root" whoson: "-unregistered-")
	by sabre-wulf.nvg.ntnu.no with ESMTP id <S436405AbRHBNWJ>;
	Thu, 2 Aug 2001 15:22:09 +0200
Received: (from venaas@localhost)
          by tyrell.nvg.ntnu.no (8.9.3/8.8.4)
	  id PAA07332; Thu, 2 Aug 2001 15:22:08 +0200
Date: 	Thu, 2 Aug 2001 15:22:08 +0200
From: Stig Venaas <venaas@nvg.ntnu.no>
To: Imran Patel <ipatel@crosswinds.net>
Cc: Brad Chapman <kakadu@earthlink.net>,
   Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>, netdev@oss.sgi.com
Subject: Re: IPv6 fragmentation and IPv6 header parsing
Message-ID: <20010802152208.A14571@nvg.ntnu.no>
References: <200107312208.CAA00330@mops.inr.ac.ru> <004701c11b15$77c5cf00$4d61a4ca@zombie>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <004701c11b15$77c5cf00$4d61a4ca@zombie>; from ipatel@crosswinds.net on Thu, Aug 02, 2001 at 11:08:50AM +0530
Sender: owner-netdev@oss.sgi.com
Precedence: bulk

On Thu, Aug 02, 2001 at 11:08:50AM +0530, Imran Patel wrote:
> > >    I am currently completing a port of the Netfilter connection
> > > tracking subsystem from IPv4 to IPv6. Most of the features in this
> > > port are complete, except for fragment handling,
> >
> > This is the last thing to complete transition from IPv6 back
> > to IPv4 wickedness. :-)
> 
> On the contrary, it might be useful for transition from IPv4 to IPv6 ;-)
> IPv6 connection tracking is useful for NAT-PT. However, other options on top
> of IPv6 conntrack like masquerading, v6-v6 NAT, etc look useless and silly.

I agree, only IPv6 related NAT worth thinking about is NAT-PT. But you
should only need to check port numbers on the IPv4 side, on the IPv6
side you should only be interested in the IPv6 address, so no need to
defragment IPv6. You may need to defragment in the other direction for
two reasons I think. First of all to know the port number, secondly to
stay above the minimum IPv6 MTU.

Stig