Fred, On 1/6/12 3:52 PM, Templin, Fred L wrote: > Hi Brian, > >> -----Original Message----- >> From: Brian E Carpenter [mailto:[email protected]] >> Sent: Friday, January 06, 2012 12:27 PM >> To: Templin, Fred L >> Cc: Havard Eidnes; [email protected]; [email protected] >> Subject: Re: Fragmentation-related security issues >> >> On 2012-01-07 06:07, Templin, Fred L wrote: >>> >>> >>>> -----Original Message----- >>>> From: Havard Eidnes [mailto:[email protected]] >>>> Sent: Friday, January 06, 2012 12:28 AM >>>> To: Templin, Fred L >>>> Cc: [email protected]; [email protected]; >> [email protected] >>>> Subject: Re: Fragmentation-related security issues >>>> >>>>>> The problem with RFC4821 (assumming the ICMP-free variant) is >>>>>> that it has a longer convergnece time that ICMP-enabled PMTU. >>>>> RFC4821 works even if there are no ICMPs, but will >>>>> converge more quickly if there are ICMPs. That is why >>>>> RFC4821 should be a SHOULD for hosts, and generation >>>>> of ICMPs should be a MUST for routers. >>>> Does not this also imply that ICMP-generating routers MUST use a >>>> globally unique IPv6 address as the source of the ICMP? >>> >>> AFAICT, the normative reference is RFC4443, as cited >>> in RFC6434. >> >> As I think we noticed recently in some other thread, there is >> therefore an operational requirement that all routers must >> possess at least one GUA. As far as I know, some routers can work >> just fine for all other purposes with only link-local addresses. > > So - can't the router just autoconfigure a ULA and use > it as the SA for ICMPs?
The ULA will have no meaning for ICMP messages that leave the administrative domain. Regards, Brian -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
