Ethereal-users: Re: [Ethereal-users] extension headers ipv6

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Guy Harris <guy@xxxxxxxxxx>
Date: Thu, 31 Oct 2002 11:42:05 -0800
On Wed, Oct 30, 2002 at 03:15:47PM -0800, Michele Bustos wrote:
> Here's one for ethereal!
> Here is a packet with a TOTALLY incorrect checksum.  The "other" trace
> program never flagged it as incorrect.  Ethereal gives the same malformed
> error!

Same problem as the last packet.  Please fix whatever generates those
ICMPv6 packets to put an IPv6 packet into the ICMPv6 packet after the
ICMPv6 checksum.

By the way, does your IPv6 conformance test suite check to make sure
ICMPv6 error messages contain at least some of what appears to be an
invoking message?  It turns out that, according to section 2.4 of RFC
2463, implementations MUST include that information:

	2.4 Message Processing Rules

	   Implementations MUST observe the following rules when processing  
	   ICMPv6 messages (from [RFC-1122]):

			...

	    (c) Every ICMPv6 error message (type < 128) includes as much of the
	        IPv6 offending (invoking) packet (the packet that caused the
	        error) as will fit without making the error message packet
	        exceed the minimum IPv6 MTU [IPv6].

	    (d) In those cases where the internet-layer protocol is required to
	        pass an ICMPv6 error message to the upper-layer process, the
	        upper-layer protocol type is extracted from the original packet
	        (contained in the body of the ICMPv6 error message) and used to
	        select the appropriate upper-layer process to handle the error.

	        If the original packet had an unusually large amount of
	        extension headers, it is possible that the upper-layer protocol
	        type may not be present in the ICMPv6 message, due to truncation
	        of the original packet to meet the minimum IPv6 MTU [IPv6]
	        limit.  In that case, the error message is silently dropped
	        after any IPv6-layer processing.

That's not SHOULD, it's MUST.  (And RFC 2460 "Internet Protocol, Version
6 (IPv6) Specification" says, in section 5:

	5. Packet Size Issues
  
	   IPv6 requires that every link in the internet have an MTU of 1280
	   octets or greater.  On any link that cannot convey a 1280-octet
	   packet in one piece, link-specific fragmentation and reassembly must
	   be provided at a layer below IPv6.

so one cannot excuse the lack of any invoking message information by
saying putting any there would make the ICMPv6 packet bigger than the
minimum IPv6 MTU, as the offending packets were *well* under that limit.)