3.2.5.2.2 Receiving a Packet from a Client

The HTTP entity body is received as a byte stream; therefore, the IP-HTTPS server MUST delimit the IPv6 packet boundaries using the Payload Length field in the IPv6 header. The IP-HTTPS server MUST discard non-IPv6 packets and SHOULD terminate the IP-HTTPS session with the offending client.

If the Authentication Mode on the IP-HTTPS server is set to None, the following processing MUST be enforced on the IP-HTTPS server to ensure that unauthenticated IP-HTTPS client peers do not abuse the IP-HTTPS link.

  • All link-local unicast packets MUST be dropped unless the destination is the server itself.

  • When a multicast packet is received, the IP-HTTPS server MUST drop the packet except in the following conditions:

    • Router Solicitation packets MUST NOT be dropped.

    • When a Neighbor Solicitation packet with an unspecified source address and a solicited-node multicast destination address is received from a client, the following processing MUST be done.

      If the target address in the Neighbor Solicitation packet is being used by another client (determined by checking the Neighbor Cache), the packet MUST NOT be forwarded, but a multicast Neighbor Advertisement (NA) MUST be created as if the IP-HTTPS server were the client with the target address (for example, the Router flag MUST NOT be set). The NA MUST NOT contain a Target Link-Layer option. Then the NA MUST be sent back over the HTTP connection.

  • If the Authentication Mode is set to Certificates, the following processing MUST be done.

    • When a multicast packet is received, the IP-HTTPS server MUST forward the packet to all other IP-HTTPS clients, except in the following conditions:

      • When the packet is either a multicast Neighbor Advertisement packet, or a Neighbor Solicitation packet with an unspecified source address and a solicited-node multicast destination address:

        • If the Target Address in the packet is present in at least one entry in the Neighbor Cache, then the packet SHOULD NOT<4> be forwarded to a client that has no such entry in the Neighbor Cache.

Show: