> I have a different question in the same context. Assume two nodes
> node A and node B on the same link. If node A (malicious) does
> not do *DAD* and sends out a packet with node B's address as source
> address to B, B should drop the packet. But this is not mentioned
> in the spec anywhere. It assumes that both nodes A and B does
> DAD. If node B does not drop the packet, it could potentially
> create a neighbor cache entry with node A's source address
> which is itself, with node A's h/w address information.
>
> Does the spec say anything on the above ?
No.
I don't see why you would create a neighbor cache entry in this situation.
When node B tries to reply to the source address in the packet, which is its
own address, won't node B just use its loopback path and not create an NCE?
ND does not claim to be secure against malicious nodes on your link.
Rich
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
