ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms

• Previous message (by thread): ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms
• Next message (by thread): ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> From: Saku Ytti <saku at ytti.fi>
> Sent: Tuesday, March 12, 2019 6:14 PM
> 
> On Tue, Mar 12, 2019 at 8:09 PM <adamv0025 at netconsultings.com> wrote:
> 
> > Yes right, but the lookup principle is the same either you look at IPv6 flow
> label or you look at the Entropy label.
> 
> Correct, FAT, Entropy and IPv6 Flow Label are all in principle same, a way for
> source node to communicates what constitutes a flow. And in every case,
> there is no guarantee implementation has any performance gains, as
> implementation may choose to do normal flow speculation in addition of
> doing the fast thing.
> 
That's right, and I didn't test that by sending forged packets (with conflicting L3+L4 keys and flow label) at the DUT to see if DUT uses L3+L4 keys or indeed relies on the flow information.

adam

• Previous message (by thread): ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms
• Next message (by thread): ICMPv6 "too-big" packets ignored (filtered ?) by Cloudflare farms
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]