Date: Thu, 26 Apr 2001 18:23:28 +0900
From: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
| I'm asking this because there are a lot of these, because of some
| applications that specifies wrong outgoing interface for linklocal
| address. once we have a neighbor cache entry for nonexisting peer,
| NUD packets will be emitted repeatedly (NUD is mandatory for p2p too)
| and chew traffic. DoS attack is also our concern.
Oh, you mean where the address you're sending to on the P2P link is bad?
In that case you'll never get an answer from an NS, so you'll never be
transmitting the data packets in the first place, right? That is, you
should never get to the stage of needing to start NUD, which doesn't make
sense until after you have initial reachability.
While you're in that state, packets that arrive are normally just dropped
(retaining one in the queue to send if the NS receives a response). I
see no problem in generating an ICMPv6 (no route) once you have determined
that the address is bad (no-one ever responds to the NS).
This is also just what I'd do on an ethernet, or fddi, or anything else.
In general, I don't think you should special case link types, unless there's
a very good reason.
kre
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
