In your previous mail you wrote: > Today, if a user generates a packet using an illegal IPv4 source address, > what would we do? We could drop the packet silently by doing > source-verify. So, tomorrow if a user use illegal port, IMHO AFTR should > drop the packet silently.
=> it is a bit different in this case because it is not an illegal port but a misconfigured port. I agree to drop junk packets but for misconfed it is better to send an ICMP 3/13 (unreachable / admin prohibited) by default with a knob to silently drop (in the case you believe there should not be misconfed, for instance because you froze the config 6 month ago). Regards [email protected] _______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires
