On Fri, 17 Jan 2014, Templin, Fred L wrote:
But, if the BR doesn't examine the packet it could get caught up in a flood-ping initiated by a malicious CE.
The BR should have enough dataplane forwarding capacity to handle this.
I am considering a specific ping rather than an ordinary data packet as a way for the BR to know whether the CE is testing the MTU vs whether it is just looping back packets. If the BR knows the CE is testing the MTU, it can send ping replies subject to rate limiting so a malicious CE can't swamp the BR with excessive pings.
Why does it need to know? The CE is pinging itself CE->BR->CE, and if the CE doesn't receive the packet back then the MTU is obviously limited.
So the CE sends out a packet towards the BR, with the IPv6 address being the CE itself. So the packet arrives at the BR, gets decapsulated, does IPv6 dst address lookup, gets encapsulated, and then sent onto the CE. Pure data plane.
I don't get why the BR should need to get involved in anything more complicated than that?
-- Mikael Abrahamsson email: [email protected]
