[118997] in North American Network Operators' Group
Re: ip options
daemon@ATHENA.MIT.EDU (joel jaeggli)
Tue Nov 3 22:42:21 2009
Date: Tue, 03 Nov 2009 19:41:26 -0800
From: joel jaeggli <joelja@bogus.com>
To: Ron Bonica <rbonica@juniper.net>
In-Reply-To: <4AF09639.1050802@juniper.net>
Cc: nanog <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
How about unused and/or private/local diffserve code points?
Ron Bonica wrote:
> Folks,
>
> I would love to see the IETF OPSEC WG publish a document on the pros and
> cons of filtering optioned packets.
>
> Would anybody on this list be willing to author an Internet Draft?
>
> Ron
> (co-director IETF O&M Area)
>
> Luca Tosolini wrote:
>> Experts,
>> out of the well-known values for ip options:
>>
>> X@r4# set ip-options ?
>> Possible completions:
>> <range> Range of values
>> [ Open a set of values
>> any Any IP option
>> loose-source-route Loose source route
>> route-record Route record
>> router-alert Router alert
>> security Security
>> stream-id Stream ID
>> strict-source-route Strict source route
>> timestamp Timestamp
>>
>> I can only think of:
>> - RSVP using router-alert
>> - ICMP using route-record, timestamp
>>
>> But I can not think of any other use of any other IP option.
>> Considering the security hazard that they imply, I am therefore thinking
>> to drop them.
>>
>> Is any other ip options used by: ospf, isis, bgp, ldp, igmp, pim, bfd?
>> Thanks,
>> Luca.
>>
>>
>>
>
