On Thu, Nov 06, 2008 at 10:32:40PM -0500, Martin d Anjou wrote:
>>> Is wireshark able to "jump" over the unknwon extension header (using
>>> the Hdr Ext Len) and keep searching for next headers and eventually
>>> find L4 protocols like TCP?
>>
>> No - is anything *else* able to do so?
>>
>> [explanation deleted]
>>
>> This doesn't seem to suggest that skipping over unknown headers is
>> necessarily the right thing to do.
>
> I agree with your conclusion. An "unknown" ipv6 extension header could be
> a new layer 4 protocol, or a new ipv6 extension header whose second byte
> is not the Hdr Ext Len, which makes "jumping over it" the wrong thing to
> do.
>
> And like you, I don't see any "correct" thing to do with unknown ipv6
> extension header, so it does not seem like Sake Blok's "fix" is the right
> thing to do either:
ACK I jumped in too quick (I had in my mind that unknown extension
headers should be skipped, but I mixed the extension headers up with
the hop-by-hop/destination options, which sometimes can be skipped)
Any objections to reverting the patch?
>> I committed a patch in SVN 26722 that fixes this issue...
>
> Sorry Sake... Although I can probably use your commit to patch my local
> copy for the time being, so thanks a lot for that!
You're welcome :-)
> Now, any advice for me? Write a dissector for my "unknown" extension
> header therefore making it a known one? I am just trying to put out an
> extension header whose length I can control easily, but the content does
> not matter.
I'm not sure what you want to accomplish, but you might want to use
a standard Hop-by-Hop options header or a Distination Options header.
Within that extension header you can add options and direct whether
systems that don't know your option skip the option or discard the
packet altogether...
Cheers,
Sake
