The socket structures for IPv6 sockets have a couple of "mostly useless" fields such as the scope id (which you only need to disambiguate link-local addresses) and flow info.
When trying to figure out whether I can actually scratch that seemingly useless info (not logging more than absolutely necessary in the DB, and 128bit addresses are already big enough), it turned out that flow info may not be all that useless at all.
Apparently, you have the option of setting it to a zero value, in which case it is ignored and packets are routed to the destination socket based on destination address and port. Or, you can set it to a chosen non-zero value, in which case the IP stack considers the packet being part of some group of packets that somehow belong together (a "flow").
It seems that hardly anyone uses flow info (there is very little info available, many people seem to consider it deprecated or useless or don't understand what it does) or assume that getaddrinfo will fill in something meaningful that they don't really have to bother about. It does, too, ... it fills in zero.
There exists, however, at least one person with name Black who suggests using flow info as a transport-layer nonce to prevent spoofing attacks. Also, according to the RFC, routers are strongly encouraged not to route packets that belong to the same flow via different routes.
The former does not truly convince me, but the latter actually sounds very interesting. If you can hint routers not to route your packets via alternating routes, you should be able to effectively minimize the number of duplicates you get at the receiving end. That alone might be enough of a reason to always set the flow control field to some random value when initiating a connection. If you only have IPv4 on one of the ends, it'll come out as zero anyway and be ignored, but if both ends are IPv6, this should really help some.
Is that assumption right?
As for being used as a transport-layer nonce, I would guess that if someone can figure that you have a connection of sorts on some port/address combination (which is necessary to spoof packets in the first place), then he can obviously read your traffic. Otherwise, how would he know? So the nonce would be trivially known and spoofable. Or am I making a wrong assumption there?
Edited by samoth, 18 December 2013 - 08:45 AM.