On Mon, Jul 30, 2001 at 09:34:46AM +0300, Pekka Savola wrote:
> On Sun, 29 Jul 2001, Brad Chapman wrote:
> > I am currently completing a port of the Netfilter connection
> > tracking subsystem from IPv4 to IPv6. Most of the features in this
> > port are complete, except for fragment handling, which is non-
> > existent. I am also not entirely sure about how to properly parse
> > header chains and extract various extension and layer-4 headers
> > for use by the connection tracking subsystem. Enclosed with this
> > message are my current efforts regarding IPv6 fragmentation and
> > IPv6 header chain parsing.
> > I would appreciate any feedback at all regarding this.
> A comment: it appears some code from IPv4 is not applicable; ip6_refrag
> etc. look a little dubious, for example, as IPv6 fragmentation is always
> end-to-end with fragmentation header (or just avoiding it with PMTU), and
> no (de)fragmentation should happen in the routers. If you haven't
> already, I recomment checking out RFC2460 chapters 4.5 and 5.
> Hope this helps, I'll leave it to the others to comment on header chaining
> issues. (This may be complex as the extension headers' order is not
> fixed; if macros or functions do not exist for handling these, perhaps
> they should be created.)
Also note that headers that are interesting to end-points mostly are
placed after the fragmentation header and are parsed after reassembly.
That is also listed in RFC 2460.