Hi, Masataka, On 02/10/2016 03:05 AM, Masataka Ohta wrote: > Joe Touch wrote: > >> Reason #1: IP reassembly is already deployed. > > The reality is that wise operators denied deployment of > stupid idea of extension headers including that for IP > reassembly. > >> - now you want that info even further obscured by another >> layer of encapsulation > > Wrong. The worst kind of obscurity is a transport header at > the end of a chain of 1000 or more IPv6 extension headers. > > Note that the transport header may not be placed in the > first fragment. > > As following a long chain means vulnerability to DOS, there > should be some upper bound on the chain length and the most > reasonable value for the upper bound is 0, because all the > extension headers are useless. RFC7112 imposes some basic constraints: the entire EH chain must be present in the first fragment. Thanks, -- Fernando Gont SI6 Networks e-mail: fgont@xxxxxxxxxxxxxxx PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492