> > => Forward them where?? I can't imagine BGP not filtering > > SLs coming from the downstream customers. Regardless > > of what the spec says. > > BGP is not the point. Consider e.g.: > > [attacker] --- [internet] ---- [ISP] --- [customer w/ site locals] > > Now the attacker can send packets with a fec0::/10 source > address to the > customer -- no one will block them unless they're > explicitly configured as > site borders -- before the customer itself. And if the > customer does not > block them, we're in for very serious trouble.
=> So you're talking about two misconfigured sites and you didn't say, where is the attack ? Also even if this happens it's a one-way communication because if the customer tries to reply packets will go nowhere. Hesham -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
