On Jul 14, 2010, at 8:59 PM, Florian Weimer wrote:
There might be contractual reasons not to enable that feature. 8-/
Ignoring is generally pretty harmless; dropping can break traceroute, RSVP, et. al. Conversely, there are also generally pretty strong contractual reasons not to have one's edge routers go down due to excessive punts. ;>
Some vendors can process options in hardware, though.
True.
It's probably not a high-priority issue for vendors until there are network issues (as opposed to potential problems seen in labs),
This is always true when it comes to security, and especially to availability. That being said, I know that at least one major vendor is cognizant of the header-extenstion issue, and is taking steps to mitigate the associated risk.
so it's going to take quite a bit of time.
Yes, this is always the case, unfortunately.
Demand for devices with some IP-layer inspection capability that can handle (Fast or Gigabit) Ethernet at line rate, no matter what type of frames come in, is also a pretty recent thing, and I would be surprised if vendors can provide such capabilities across their entire relevant product line (where they advertise line-based forwarding).
With large vendors, these things are generally accomplished piecemeal, on a BU-by-BY, product-by-product basis. Unfortunate, but true, nonetheless. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Injustice is relatively easy to bear; what stings is justice. -- H.L. Mencken