Oy, Le 13 mai 07 à 18:10, Iljitsch van Beijnum a écrit :
> On 8-mei-2007, at 21:00, Tim Enos wrote: > >> I would also prefer that RH0 be silently dropped but could live >> with an ICMPv6 error message being sent back to the sending host > > Why is everyone so in love with silently dropping? > This only makes troubleshooting harder. So you use RH0 in your networks ? Just by curiosity : How much ? How do you filter it ? Where ? What brands of routers are you using ? > - source routing can be used for amplification ;-) > - IPv6 source routing is enabled by default on most implementations > - IPv6 source routing can't be disabled on some implementations > - BSD will _forward_ IPv6 source routed packets even when IPv6 > forwarding is disabled That's no more the case : Look at http://www.natisbad.org/ > - apparently, there is no check whether the same addresses appear > multiple time in many implementations Actually, AFAIK, there is no implementation that provides that "feature". Anyway, with a O(n^2) complexity in the number of addresses (for a basic implementation), this probably explain why it is not widely implemented. Cheers, a+ -- Arnaud Ebalard EADS Innovation Works - IT Sec Research Engineer PGP KeyID:047A5026 FingerPrint:47EB85FEB99AAB85FD0946F30255957C047A5026 -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
