Hi Joeren, After thinking a while I realized that, by talking about RPF everywhere you miss a very basic point. Internet routing is essentially assymetric in nature. So the path taken for a packet from source A to B is not the same as one taken from B to A. RPF works at the edge in my view but not on all routers. Having worked on routing protocols I know that for a fact.
Do let me know what you think? Thanks, Vishwas On 6/3/07, Vishwas Manral <[EMAIL PROTECTED]> wrote:
Hi Jeoren, The idea is that for every router the packet goes through, we need to check the IP address of all the interface addresses, and make sure that the none of the interface address either before or after in the source routing header match any of the IP address of the packet. Yes RPF check could be helpful too. But I am unsure how it would behave in case of ECMP other other anomaly cases. Thanks, Vishwas On 6/3/07, Jeroen Massar <[EMAIL PROTECTED]> wrote: > Vishwas Manral wrote: > > Hi, > > > > We have posted a draft which checks for loops in the source routed > > header. It works for nearly all the cases. The reason is in case a new > > header is added to replace the RH0, or if the RH0 is not deprecated > > (for reasons that it is required by the management) then we can as > > well use the checks in the RH0 header itself. > > > > Such packets should however be rate limited and such checks will > > probably best be performed by software. > > > > http://www.ietf.org/internet-drafts/draft-manral-ipv6-detecting-loops-rh-01.txt > > Properly configured uRPF already solves most of the routing loops. > > Section 3 very shortly describes a method of 'checking if the packet > goes through a router twice', but it doesn't actually explain how it > can be accomplished, it only explains that one can't because there is > no 'routing identifier'. > > The second paragraph of section 3 in effect describes performing uRPF > on the RH0 header. > > Also, if you would check for a loop, the typical "management" use of > RH0 (read: traceroute6) stops working, as in most cases the packet > will come back over the same path as it was sent. > > Greets, > Jeroen > > >
-------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
