[Bro-Dev] ipv6 fragment reassembling

Seth Hall seth at icir.org
Wed Feb 22 17:11:55 PST 2012

Here is a great article about ipv6 fragment handling.


The article concludes by point out that it looks like the IETF is converging on RFCs that forbid overlapping fragments which should make fragment reassembly much clearer for us.  Current operating systems are of course all over the map in terms of what they actually support of course. :)


Seth Hall
International Computer Science Institute
(Bro) because everyone has a network

More information about the bro-dev mailing list