[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 2401bis Issue # 84 -- DROP'd outbound packet



 In your previous mail you wrote:

   IPv6:
   
   Type  Name                                       Reference
   ----  -------------------------                  ---------
      1   Destination Unreachable                    [RFC2463]
   
=> draft-ietf-ipngwg-icmp-v3-02.txt is more up to date.

          Codes
           0 - no route to destination
           1 - communication with destination
               administratively prohibited
           2 - (not assigned)

=> reassigned to "beyond scope of source address"

           3 - address unreachable
           4 - port unreachable
   
   
   b2. the IPsec system was unable to set up the SA required by the SPD 
   entry matching the packet because the IPsec peer at the other end of 
   the exchange could not be contacted.  The type should be destination 
   unreachable, but what codes should we use?
   
   IPv4	Type = 3 (destination unreachable)
   	Code = ??
   
   IPv6	Type = 1 (destination unreachable)
   	Code = ??
   
=> IMHO the code should follow the reason why the IPsec peer could not
be contacted with code 1 by default?

Regards

Francis.Dupont@xxxxxxxxxxxxxxxx