Prev: Intermittent vpn problems
Next: Sequence Diagrams from Packet Analyzer logs/output files - Free
From: clemens fischer on 16 Jan 2010 13:40
(sorry for being late)

On Tue-2010/01/05-09:59 Christophe Lohr wrote:

> rfc791 says "The options may appear or not in datagrams. They must be
> implemented by all IP modules (host and gateways). What is optional
> is their transmission in any particular datagram, not their
> implementation."
>
> Does that mean that I am only authorized to: (i) honor this option,
> (ii) either destroy the packets?

As I understand it, you are free to ignore the option, but your IP
stack, which is what rfc791 talks about, _must_ implement it.

There should be a way to simply not honor record-route, eg. by not using
the pointer in that datagram and forwarding it unchanged. There's
a netfilter patch providing a "ipv4options --rr" matcher. I tried to
cobble up an equivalent u32 match, but as the number of IP options is
variable, and some of them, including record-route itself, are as well,
the syntax of u32 is insufficient for that purpose.


clemens
First  |  Prev  | 
Pages: 1 2
Prev: Intermittent vpn problems
Next: Sequence Diagrams from Packet Analyzer logs/output files - Free