On 01/09/2012 12:18 PM, Templin, Fred L wrote: >> Same thing would happen as it currently happens with ICMP >> error messages >> sourced from private addresses: some get "mysteriously" >> dropped. -- i.e. >> using ULAs for the source address of ICMPv6 messages seems like a very >> bad idea. > > What I care most about is the value of the source address > from the perspecive of the ICMP message recipient.
That depends on what you're using ICMP for. If it's for troubleshootinf (ping, traceroute, etc.), the Source Address has some value. If the ICMPs are meant to be processed by a transport layer (as in PMTUD), the the Source Address is of no value (it could correspond to the address of any intervenning router, and since virtually every router could be an "intervenning router", you cannoT "validate" the source address. > I think > no matter the source address scope, the recipinet cannot > use the source address alone as a means of authenticating > the ICMP, since there is no guarantee that BCP38 is > universally implemented. Right? Right. See RFC 5927. Thanks, -- Fernando Gont e-mail: [email protected] || [email protected] PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1 -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
