On 4/23/2015 12:29 PM, Templin, Fred L wrote: ... >>> You had better be able to trust that the source >>> of the PTB is trustworthy and not sending bogus PTBs. >> >> That's always been true. > > Only in tightly-controlled operational environments, where there are > no bad routers on the path, no ICMP PTB blockages, and no opportunity > for an attacker to inject a spurious PTB. And also, only when the path > from the tunnel ingress to the original source is equally well behaved > (otherwise, the original source would see a black hole).
Bad routers can always send bad PTBs, and PTBs can be (and have been) blocked. None of that is new, and it can impact all packet sources including tunnels and real endpoints. That's also why the mechanism we discussed does NOT rely on PTBs - it relies on liveness detection. Joe _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
