Re: Question for IPv6 w.g. on [Re: IPv6 Type 0 Routing Headerissues]

["Ebalard, Arnaud" <Arnaud.Ebalard at eads.net>]

Oy,

Le 13 mai 07 à 18:10, Iljitsch van Beijnum a écrit :

> On 8-mei-2007, at 21:00, Tim Enos wrote:
>
>> I would also prefer that RH0 be silently dropped but could live
>> with an ICMPv6 error message being sent back to the sending host
>
> Why is everyone so in love with silently dropping?
> This only makes troubleshooting harder.
So you use RH0 in your networks ? Just by curiosity : How much ? How  
do you filter it ? Where ? What brands of routers are you using ?

> - source routing can be used for amplification
;-)

> - IPv6 source routing is enabled by default on most implementations
> - IPv6 source routing can't be disabled on some implementations
> - BSD will _forward_ IPv6 source routed packets even when IPv6
> forwarding is disabled
That's no more the case : Look at http://www.natisbad.org/

> - apparently, there is no check whether the same addresses appear
> multiple time in many implementations
Actually, AFAIK, there is no implementation that provides that  
"feature". Anyway, with a O(n^2) complexity in the number of  
addresses (for a basic implementation), this probably explain why it  
is not widely implemented.

Cheers,

a+

-- Arnaud Ebalard
EADS Innovation Works - IT Sec Research Engineer
PGP KeyID:047A5026 FingerPrint:47EB85FEB99AAB85FD0946F30255957C047A5026

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6 at ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------