In message <[email protected]>, [email protected] writes: > > > IPv6 allows packets to contain a Fragment Header, without the packet > > > being actually fragmented into multiple pieces. Such packets > > > typically result from hosts that have received an ICMPv6 "Packet Too > > > Big" error message that advertises a "Next-Hop MTU" smaller than 1280 > > > bytes, and are currently processed by hosts as "fragmented > > > traffic". > > > > Does such traffic actually occur in the wild, or would it only be used > > in attacks? > > Such traffic absolutely occurs in the wild. I have three reasonably > busy name servers where this is logged as an error from the ipfw code, > e.g. > > Dec 16 14:04:04 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 17 00:27:20 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 18 07:53:10 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 18 23:21:37 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 19 03:07:43 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 19 05:09:45 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 19 21:47:46 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 20 08:10:59 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 20 08:59:21 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > Dec 20 11:25:59 slem kernel: IPFW2: IPV6 - Invalid Fragment Header > > This is because these name servers haven't (yet) been upgraded to a > FreeBSD version where bug report kern/145733 haven't been fixed. It > *is* fixed in newer FreeBSD versions, e.g. 8.2-STABLE.
Not yet. http://svnweb.freebsd.org/base/stable/8/sys/netinet/ipfw/ip_fw2.c?view=log > Steinar Haug, Nethelp consulting, [email protected] > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > [email protected] > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: [email protected] -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
