On 8/3/2012 4:19 PM, Masataka Ohta wrote: > Joe Touch wrote: > >> Translators violate RFC791. They cannot merely copy the >> low-order bits of the field, since that is insufficiently >> unique, and isn't specified as being generated at the >> IPv6 source in compliance with IPv4 requirements. > > RFC2765 specifies that translators can merely copy the > low-order bits of the field. Yes, but this is not compatible with RFC791. > Moreover, RFC2460 specifies: > > In that case, the IPv6 node > is not required to reduce the size of subsequent packets to less than > 1280, but must include a Fragment header in those packets so that the > IPv6-to-IPv4 translating router can obtain a suitable Identification > value to use in resulting IPv4 fragments. > > That is, RFC2460 guarantees that translators can obtain "a > suitable Identification value" from IPv6 "Fragment header". The case above occurs only when the source gets back a "packet too big" message with a desired MTU less than 1280. Note that this might never happen, in which case there would never be any Fragment header. However, even when it does happen, there is no instruction above about how to construct the header that is compliant with RFC791. Further, the source might already be inserting the fragmentation header (e.g., on a 2KB packet). There's no instruction in how fragment headers are constructed in general that complies with RFC791. Simply using the low 16 bits is not correct. In particular, RFC2460 suggests that its 32-bit counter can wrap once a minute, and that only one such counter might be needed for an endpoint for all connections. In that case, the entire number space wraps twice as fast as RFC791/RFC1122 require for IPv4, and it's half the bit-width, so the low-order bits alone wrap 120,000x faster. > Or, are you saying RFC2460 and RFC2765 violate RFC791? Yes. > I'm afraid you must say so, if you insist on "existing systems > violate the current specification" (quote from abstract of your > draft). > >> It quotes IPv6 examples, but does not propose to change >> IPv6 processing. That may be needed, but that would be >> outside the scope of this doc. > > It is inside the scope because RFC2765 specifies how IPv4 > ID is generated from RFC2460 fragment header, which is, > according to your draft, a violation of RFC791. This document updates RFC791, but does not fix either RFC2460 or RFC2765. This document does not make any statements about how IPv6 generates its IDs. >>> Finally, the IPv6 ID field is >>> 32 bits, but lower 16 bits are required unique per >>> source/destination address pair for >>> IPv6, >> >> That's incorrect as per RFC2460. Other RFCs may violate that >> original spec, but that needs to be cleaned up separately. > > As I stated above, RFC2460 guarantees "a suitable Identification > value" for IPv4 ID is there in IPv6 fragmentation ID. Not the way I interpret the text, especially because there are other ways to generate IDs in RFC2460 that could be translated to IPv4 that might not result from ICMP errors, or that might never have Fragmentation headers anyway. > Or, if you think RFC2460 does not mind ID uniqueness (of IPv4, > at least) so much, RFC791 should not either. I think there are a lot of IETF documents that are not reviewed in the correct context of existing standards. I don't think that applies to this draft, though. Joe