On Wed, Oct 26, 2011 at 2:59 PM, Ben Pfaff <b...@nicira.com> wrote: > Navindra Yadav pointed out in a discussion over on an ONF issue tracker > that first/later fragment isn't as useful with IPv6: the TCP/UDP port > numbers aren't necessarily in the first fragment, because other > intermediate extension headers can follow the fragment header. > > Any idea what we should do about this?
This is always true, even for IPv4. You could have a fragment that is split very quickly after the IP header or simply a truncated packet. You always have to be prepared for these cases, so I don't think there is anything to be done. >From a parsing perspective, the distinction between first/later fragment isn't about policy on what comes later: with the later fragments you simply have no idea how to interpret the data that follows the fragment header because you don't know what you're looking at. So the fragment status bits are just reporting reality, it's up the controller to decide what to do for policy. Short of doing full reassembly there's really isn't any additional information to be had. Also, while it is possible for an entire fragment to be filled up with extension headers this seems likely to be extremely rare in practice to me, similar to splitting an IPv4 packet before the L4 headers. _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
