Thus spake Sander Steffann (san...@steffann.nl) on Wed, Jan 12, 2022 at 06:21:25PM +0100: > Hi, > > > No SRv6 is MPLS labeling where label is carried inside IP instead > > before the IP header. Layering violation which increases complexity > > and cost for no other purpose except dishonest marketing about 'it is > > IP, you already understand it, MPLS is hard'. > > What worries me more is the opportunity for adversaries to inject SRv6 > packets. MPLS is not enabled by default on most router interfaces, so an > adversary would have to have access to an interface where MPLS processing is > explicitly enabled. IPv6 packet processing on the other hand… Unless an > operator has airtight protection on every interface to block unwanted SRv6 > headers I see some interesting opportunities to cause havoc :)
You are not alone, see for example the thread at https://mailarchive.ietf.org/arch/msg/v6ops/GbWiie-bjQ_Bp1JKB1PlDh_fPdc/ this is more pronounced with respect to the various SRv6 compression scheme proposals. Dale
