RE: Routing loop attacks using IPv6 tunnels

To: "Gabi Nakibly" <gnakibly at yahoo.com>, "v6ops" <v6ops at ops.ietf.org>
Subject: RE: Routing loop attacks using IPv6 tunnels
From: "Templin, Fred L" <Fred.L.Templin at boeing.com>
Date: Mon, 24 Aug 2009 13:53:00 -0700
Cc: ipv6 at ietf.org, secdir at ietf.org
Delivered-to: ipv6 at core3.amsl.com
In-reply-to: <39C363776A4E8C4A94691D2BD9D1C9A106514554 at XCH-NW-7V2.nw.nos.boeing.com>
List-archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-help: <mailto:ipv6-request@ietf.org?subject=help>
List-id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-post: <mailto:ipv6@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
References: <475898.88672.qm at web45510.mail.sp1.yahoo.com> <39C363776A4E8C4A94691D2BD9D1C9A106514554 at XCH-NW-7V2.nw.nos.boeing.com>
Thread-index: AcoksCuqHixy6VRJRM+9z8CEAFFcGAAKv6pgAAhXLcA=
Thread-topic: Routing loop attacks using IPv6 tunnels

Slight correction:

>     if (dst == "*::0200:5efe:<my_ipv4_addr>")
> 	  drop_pkt(); /* attack #3 mitigation */

should be:

  if (dst == "<foreign_prefix>::0200:5efe:<my_ipv4_addr>")
    drop_pkt(); /* attack #3 mitigation */

Fred
fred.l.templin at boeing.com

Follow-Ups:
- RE: Routing loop attacks using IPv6 tunnels
  - From: Templin, Fred L

References:
- Re: Routing loop attacks using IPv6 tunnels
  - From: Gabi Nakibly
- RE: Routing loop attacks using IPv6 tunnels
  - From: Templin, Fred L

Prev by Date: RE: Routing loop attacks using IPv6 tunnels
Next by Date: Re: I-D Action:draft-axu-addr-sel-00.txt
Previous by thread: RE: Routing loop attacks using IPv6 tunnels
Next by thread: RE: Routing loop attacks using IPv6 tunnels
Index(es):
- Date
- Thread

RE: Routing loop attacks using IPv6 tunnels

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.