[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TOS copying considered harmful
>> Having two specifications for packets with protocol type 4 inside IP
>> should be avoided if at all possible.
>Now this I agree with. Especially since the IPsec RFCs themselves seem to
>be very confused about this.
for reference, here's a little list of specs which talks about
protocol type 4/41 encapsulation. not sure if it is complete.
(from KAME sys/netinet/ip_encap.c)
itojun
/*
* My grandfather said that there's a devil inside tunnelling technology...
*
* We have surprisingly many protocols that want packets with IP protocol
* #4 or #41. Here's a list of protocols that want protocol #41:
* RFC1933 configured tunnel
* RFC1933 automatic tunnel
* RFC2401 IPsec tunnel
* RFC2473 IPv6 generic packet tunnelling
* RFC2529 6over4 tunnel
* mobile-ip6 (uses RFC2473)
* 6to4 tunnel
* Here's a list of protocol that want protocol #4:
* RFC1853 IPv4-in-IPv4 tunnelling
* RFC2003 IPv4 encapsulation within IPv4
* RFC2344 reverse tunnelling for mobile-ip4
* RFC2401 IPsec tunnel
* Well, what can I say. They impose different en/decapsulation mechanism
* from each other, so they need separate protocol handler. The only one
* we can easily determine by protocol # is IPsec, which always has
* AH/ESP/IPComp header right after outer IP header.
*
* So, clearly good old protosw does not work for protocol #4 and #41.
* The code will let you match protocol via src/dst address pair.
*/
Follow-Ups:
References: