Oh, I see what you were concerned about. It seems to me that an MR will have to tunnel or subnet translate unless it is on it's home subnet.
-----Original Message-----
From: Michael Thomas [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 18, 2001 9:49 AM
To: Morrow, Glenn [RICH2:C330:EXCH]
Cc: Michael Thomas; Thomas Eklund; '[EMAIL PROTECTED]';
'[EMAIL PROTECTED]'
Subject: RE: Source addresses, DDoS prevention and ingress filtering
Glenn Morrow writes:
> If the node behind the MR obtained its home address from the the mobile
> router's subnet, then the MN will use this as the source i.e. the MN's home
> subnet is the MR's subnet.
Right, but when the MR's upstream router does an
RPF check... it will drop the SN's packets.
> Either way (tunneling or subnet translation), the topological correctness is
> still maintained.
Well, that's sort of the problem. The SN doesn't
know that it's putting topologically incorrect
source address in the IP header.
Mike
