[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[MEXT] Issue #18 ["Home Address Option & ICMP / Binding errors"], part 2 of 3: "Receiving ICMP Errors"

To: mext <mext at ietf.org>
Subject: [MEXT] Issue #18 ["Home Address Option & ICMP / Binding errors"], part 2 of 3: "Receiving ICMP Errors"
From: "Charles E. Perkins" <charles.perkins at earthlink.net>
Date: Tue, 26 May 2009 10:04:53 -0700
Delivered-to: mext at core3.amsl.com
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=E7hLQdFIdODpI3RrmfL6ULMWwzZuy4trTNDpygiYZB7T6l2JE4IIEoVp+WFwYoCR; h=Received:Message-ID:Date:From:Organization:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP;
List-archive: <http://www.ietf.org/mail-archive/web/mext>
List-help: <mailto:mext-request@ietf.org?subject=help>
List-id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-post: <mailto:mext@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
Organization: Wichorus Inc.
User-agent: Thunderbird 2.0.0.21 (Windows/20090302)

Hello folks,

Last month, issue #18 showed up without any fanfare on the
issues tracker list:
   http://trac.tools.ietf.org/wg/mext/trac/ticket/18
I'd like to initiate discussion on the points raised as part
of issue #18.  There are three main points, which can be
discussed separately.  In this note, I transcribe the
discussion about the second of the three points.

=============================================

Receiving ICMP Errors

Some questions arose whether to treat ICMP Parameter Error messages or
to ignore them. In Section 11.3.6. Receiving Binding Error Messages:
"If the mobile node receives such an ICMP error message (Code 1) in
response to a return routability procedure or Binding Update,..."

The following situations are not clear or problematic:

1.) If the Mobile Node did not set the Acknowledge bit in the Binding
    Update, should it also accept an ICMP Parameter Problem, Code 1
    and during which period of time?

2.) If the ICMP message came from a Home Agent, it is most likely to
    be a spoofed message since packets to the Home Agent nearly always
    contain a Home Address Option, which would cause an ICMP Parameter
    Problem, Code 2 instead. A Mobile Node MUST therefore ignore any
    ICMP Parameter Problem messages originating from a Home Agent,
    otherwise, an attacker could prevent a Mobile Node from sending
    Binding Updates to its Home Agent.

Proposal for 2.): Add to the first paragraph in 11.3.6:
    If the source of the ICMP error message is a Home Agent,
    it MUST be ignored.


=============================================

Please submit comments on the above discussion and proposal.
If consensus is reached soon, I will incorporate the consensus
text in a revision of rfc3775bis to be released before the next
IETF.

Regards,
Charlie P.

Follow-Ups:
- Re: [MEXT] Issue #18 ["Home Address Option & ICMP / Binding errors"], part 2 of 3: "Receiving ICMP Errors"
  - From: Brian Haley

Prev by Date: Re: [MEXT] Moving forward with MEXT documents - review of draft-ietf-mip6-hareliability-04
Next by Date: [MEXT] Issue #18 ["Home Address Option & ICMP / Binding errors"], part 1 of 3: "Receiving Home Address Destination Option"
Previous by thread: [MEXT] About the flow binding charter item
Next by thread: Re: [MEXT] Issue #18 ["Home Address Option & ICMP / Binding errors"], part 2 of 3: "Receiving ICMP Errors"
Index(es):
- Date
- Thread