[152664] in North American Network Operators' Group
Re: What is a link-local address?? WAS: Re: JUNOS forwards IPv6
daemon@ATHENA.MIT.EDU (Bjoern A. Zeeb)
Mon May 7 12:37:17 2012
From: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>
In-Reply-To: <CAP-guGWVhANrYv113pbAovSQbssqFr3Mo885eDNN_Jzb5t6irg@mail.gmail.com>
Date: Mon, 7 May 2012 16:36:28 +0000
To: William Herrin <bill@herrin.us>
Cc: "nanog@nanog.org list" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 7. May 2012, at 12:56 , William Herrin wrote:
> I vote for the Cisco approach. It has occasionally quirky results but
> it's also flexible enough to handle situations the protocol designers
> didn't conceive of.
Isn't it a simple scope violation in IPv6 and thus a bug and with that =
end of story?
I mean the check isn't even overly expensive in this case... and I can't =
see how much meaningful
other than unicast traffic passing a gateway you could do this way =
anyway. The worst
someone sends a small packet and you get a huge reply to a local node =
that didn't ask
for it keeping your switches and two random machines busy or generating =
a bit of nd noise,
or ...
19:12:31.257674 02:00:00:00:08:0b > 02:00:00:00:07:0a, ethertype IPv6 =
(0x86dd), length 70: (hlim 64, next-header ICMPv6 (58) payload length: =
16) fe80::ff:fe00:80b > 2001:db8::1: [icmp6 sum ok] ICMP6, echo request, =
seq 12
19:12:31.257817 02:00:00:00:07:0a > 02:00:00:00:08:0b, ethertype IPv6 =
(0x86dd), length 118: (hlim 64, next-header ICMPv6 (58) payload length: =
64) fe80::ff:fe00:70a > fe80::ff:fe00:80b: [icmp6 sum ok] ICMP6, =
destination unreachable, beyond scope 2001:db8::1, source address =
fe80::ff:fe00:80b
I actually tried to see if I could cross the atlantic with such a =
packet,
only to find that I didn't have an exist gateway showing this bug. Oh =
well,
I am safe.
/bz
--=20
Bjoern A. Zeeb You have to have visions!
It does not matter how good you are. It matters what good you do!
