[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 Fragment Overlap not Forbidden

While writing the recent draft on NAT-PT deprecation, I had occasion to
review RFC1838 and RFC3128 which relate to security threats with fragmented
IPv4 packets.  One of the problems was that the IPv4 specification allowed
for fragments to overlap.  It appears that the general assumption is that
IPv6 stacks would not allow fragments to overlap but looking at RFC2460 the
reconstruction algorithm specification does not forbid overlaps. If RFC2460
gets revved this point should be included.



Elwyn B Davies

        Routing and Addressing Strategy Prime & IPv6 Core Team Leader
        CTO Office, Portfolio Integration		Solutions Ready

        Nortel Networks plc			Email:
        Harlow Laboratories     		ESN
        London Road, Harlow,    		Direct Line
        Essex, CM17 9NA, UK     		Fax
        Registered Office: 			Maidenhead Office Park,
Westacott Way,
        Company No. 3937799			Maidenhead, Berkshire, SSL6
This message may contain information proprietary to Nortel Networks plc so
unauthorised disclosure, copying or distribution of its contents is strictly
"The Folly is mostly mine"
and the opinions are mine and not those of my employer.	a

IETF IPv6 working group mailing list
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6