Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt

To: Joe Abley <jabley at ca.afilias.info>
Subject: Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
From: gnn at neville-neil.com
Date: Thu, 10 May 2007 16:30:44 -0700
Cc: Brian Haberman <brian at innovationslab.net>, IETF IPv6 Mailing List <ipv6 at ietf.org>
In-reply-to: <ED9B698C-6892-4FE8-87FD-02372C4DA338@ca.afilias.info>
List-help: <mailto:ipv6-request@ietf.org?subject=help>
List-id: "IP Version 6 Working Group \(ipv6\)" <ipv6.ietf.org>
List-post: <mailto:ipv6@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
References: <31D43DED-5BEE-4730-8FCB-476FA9EE1A97@eads.net> <46432309.1020902@innovationslab.net> <m2tzukn0xp.wl%gnn@neville-neil.com> <ED9B698C-6892-4FE8-87FD-02372C4DA338@ca.afilias.info>
User-agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (Shijō) APEL/10.7 Emacs/22.0.95 (i386-apple-darwin8.8.2) MULE/5.0 (SAKAKI)

At Thu, 10 May 2007 17:09:31 -0400,
Joe Abley wrote:
> 
> 
> The above sentences far more closely resemble what I meant to write,  
> compared to the text that actually appeared in the draft :-)
> 
> I note that KAME's response to this is similar, but it's not clear
> to me that it's precisely identical: a patched KAME implementation
> treats the type 0 routing header as an unknown routing header
> (according to <http://www.kame.net/newsletter/20070502/>). This
> suggests to me that a patched KAME implementation will process a
> datagram containing RH0, but that RH0 header(s) in the datagram will
> not be acted upon. I would welcome corrections to my feeble
> assumptions in this area (I have done no tests, nor read any source
> code to confirm).
> 
> A packet containing RH0 presumably is intended not to be processed
> on the system identified by the destination address field; if it
> was, no RH0 would be present. This suggests to me that "MUST drop"
> is the right thing, rather than "process as if RH0 was not there";
> in addition, if we assume that today any packet with RH0 is likely
> to be malicious, any processing of a packet containing RH0 which has
> the potential to result in backscatter seems like it should properly
> be avoided.

The Kame folks can comment on the current state of their change, they
made a couple of them.  In FreeBSD 6 an 5 (the stable branches) we
have a sysctl to turn processing on and off.  In 7 (aka HEAD or
CURRENT) we treat the RH0 as unknown.  Code diffs can be seen here:

HEAD:

http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/route6.c.diff?r1=1.12;r2=1.13;f=h

STABLE:

http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/route6.c.diff?r1=1.11.2.1;r2=1.11.2.2;f=h

Best,
George

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6 at ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

Follow-Ups:
- Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
  - From: Jun-ichiro itojun Hagino 2.0

References:
- Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
  - From: Ebalard, Arnaud
- Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
  - From: Brian Haberman
- Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
  - From: George V. Neville-Neil
- Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
  - From: Joe Abley

Prev by Date: Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
Next by Date: Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
Previous by thread: Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
Next by thread: Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
Index(es):
- Date
- Thread

Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.