[MEXT] firewall docs review

[RYUJI WAKIKAWA <ryuji.wakikawa at gmail.com>]

Hi Suresh and authors,

I was asked to review draft-krishnan-mip6-firewall-admin-02 and
draft-krishnan-mip6-firewall-vendor-02.

- Can current filtering mechanism check the IP options field?!
   If yes, the document should mention which IP options are appeared  
for which packets.
   An example is DST Opt for BU and RTHDR for BA.
   Otherwise, the operator might just block all the packets having  
RTHDR option regardless of BA.

For example, in section 3.1 of draft-admin ,
      Destination Address: Address of HA
                                                    <-- adding  Dest  
option (HoA option)?
      Next Header: 50 (ESP)
      Mobility Header Type: 5 (BU)

- missing authentication option and DSMIP support?
    DSMIP will introduce much complexity to firewall setup.

- RO is optional in the RFC3775. I am not sure you can treat
   RO signaling as same as the BU/BA for firewall filters setup.
    It might be good if you provide the minimum set of rules (BU/BA  
only)
   and the full set of rules (All MH signaling).

- why are these two separate documents?

regards,
ryuji
_______________________________________________
MEXT mailing list
MEXT at ietf.org
http://www.ietf.org/mailman/listinfo/mext