----- Original Message ----- > From: Washam Fan <[email protected]> > To: François-Xavier Le Bail <[email protected]> > Cc: "[email protected]" <[email protected]> > Sent: Monday, November 7, 2011 5:39 AM > Subject: Re: RFC 4443 versus RFC 4942 > > Hi, > > I think the statements apply to different scenarios. > > The sequence number can be used to match an echo request and an echo > reply.
If the source address in the reply don't match the destination address in the request, there are problems (firewall, etc.). > But for UDP/TCP or any transport-layer communications, > addresses (regardless of the src or dest) change could lead to > communication interruption. Agreed. > Thanks, > washam Thanks, Francois-Xavier > 2011/11/5 François-Xavier Le Bail <[email protected]>: >> Hi, >> >> The RFC 4443 (Internet Control Message Protocol (ICMPv6) for the >> Internet Protocol Version 6 (IPv6) Specification) states : >> (http://tools.ietf.org/html/rfc4443#section-4.2) >> [. . .] >> "An Echo Reply SHOULD be sent in response to an Echo Request message >> sent to an IPv6 multicast or anycast address. In this case, the >> source address of the reply MUST be a unicast address belonging to >> the interface on which the Echo Request message was received." >> >> The RFC 4942 (IPv6 Transition/Coexistence Security Considerations) states : >> (http://tools.ietf.org/html/rfc4942#section-2.1.6) >> 2.1.6. Anycast Traffic Identification and Security >> [. . .] >> "To avoid exposing knowledge about the internal structure of the >> network, it is recommended that anycast servers now take advantage of >> the ability to return responses with the anycast address as the >> source address if possible." >> >> Even if it is "must" versus "recommended", It seems > contradictory >> for an anycast address. >> >> Please let me know your feedback. >> >> Thanks, >> Francois-Xavier Le Bail -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
