RE: Comments on draft-jinmei-ipv6-rfc2462bis-00.txt
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Comments on draft-jinmei-ipv6-rfc2462bis-00.txt
Christian,
> The section "5.4.5 When Duplicate Address Detection Fails" currently
> says:
>
> A tentative address that is determined to be a duplicate as described
> above, MUST NOT be assigned to an interface and the node SHOULD log a
> system management error. If the address is a link-local address
> formed from an interface identifier, the interface SHOULD be
> disabled.
>
> The part about disabling the interface enables a DOS attack: wait for a
> target to come on line and send a DAD packet, reply with a deliberate
> collision, and poof the target is disconnected from the network.
>
> Proposed resolution: write "MAY be disabled" instead.
I strongly agree, for the reasons you give.
John
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
