Date: Wed, 12 Dec 2001 20:44:46 +0200 (EET)
From: Pekka Savola <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
| The options basically are:
|
| 1) ignore the routing header, that is, act like segments left would have
| been = 0
That one is clearly wrong.
| 2) drop the packet silently
| 3) drop the packet and send back an ICMP message
| - with some already defined type/code
| - with some new type/code
Either of those could work - "administratively prohibited" would be an
ICMP that could be sent without having to invent a new one.
Whether you want to send an ICMP depends a lot on what you expect the cause
of the unintended source route to be ... if it is someone trying to launch
some kind of attack, and looking for someone to help them hide (or similar),
then silent drop is likely to be the conclusion - on the other hand, if you
expect these may come because of badly configured mobile nodes (or old packets
being sent to a node using an address that a mobile one used to occupy ..
a bit unlikely with IPv6 addresses of course) or similar, then sending an ICMP
would be right.
kre
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
