IETF Logo Mail Archive

Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt

gnn@neville-neil.com Thu, 10 May 2007 23:31 UTC

Return-path: <ipv6-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HmI71-0004XA-9E; Thu, 10 May 2007 19:31:55 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HmI70-0004X5-Jf for ipv6@ietf.org; Thu, 10 May 2007 19:31:54 -0400
Received: from mrout2.yahoo.com ([216.145.54.172]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HmI6z-0001a1-7M for ipv6@ietf.org; Thu, 10 May 2007 19:31:54 -0400
Received: from 104.32.61.10.in-addr.arpa.neville-neil.com (proxy7.corp.yahoo.com [216.145.48.98]) by mrout2.yahoo.com (8.13.6/8.13.6/y.out) with ESMTP id l4ANUu1B026428; Thu, 10 May 2007 16:30:56 -0700 (PDT)
Date: Thu, 10 May 2007 16:30:44 -0700
Message-ID: <m21whomf2z.wl%gnn@neville-neil.com>
From: gnn@neville-neil.com
To: Joe Abley <jabley@ca.afilias.info>
In-Reply-To: <ED9B698C-6892-4FE8-87FD-02372C4DA338@ca.afilias.info>
References: <31D43DED-5BEE-4730-8FCB-476FA9EE1A97@eads.net> <46432309.1020902@innovationslab.net> <m2tzukn0xp.wl%gnn@neville-neil.com> <ED9B698C-6892-4FE8-87FD-02372C4DA338@ca.afilias.info>
User-Agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.8 (Shijō) APEL/10.7 Emacs/22.0.95 (i386-apple-darwin8.8.2) MULE/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Content-Type: text/plain; charset="US-ASCII"
X-Spam-Score: 1.8 (+)
X-Scan-Signature: e1e48a527f609d1be2bc8d8a70eb76cb
Cc: Brian Haberman <brian@innovationslab.net>, IETF IPv6 Mailing List <ipv6@ietf.org>
Subject: Re: I-D ACTION:draft-jabley-ipv6-rh0-is-evil-00.txt
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "IP Version 6 Working Group \(ipv6\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
Errors-To: ipv6-bounces@ietf.org

At Thu, 10 May 2007 17:09:31 -0400,
Joe Abley wrote:
> 
> 
> The above sentences far more closely resemble what I meant to write,  
> compared to the text that actually appeared in the draft :-)
> 
> I note that KAME's response to this is similar, but it's not clear
> to me that it's precisely identical: a patched KAME implementation
> treats the type 0 routing header as an unknown routing header
> (according to <http://www.kame.net/newsletter/20070502/>). This
> suggests to me that a patched KAME implementation will process a
> datagram containing RH0, but that RH0 header(s) in the datagram will
> not be acted upon. I would welcome corrections to my feeble
> assumptions in this area (I have done no tests, nor read any source
> code to confirm).
> 
> A packet containing RH0 presumably is intended not to be processed
> on the system identified by the destination address field; if it
> was, no RH0 would be present. This suggests to me that "MUST drop"
> is the right thing, rather than "process as if RH0 was not there";
> in addition, if we assume that today any packet with RH0 is likely
> to be malicious, any processing of a packet containing RH0 which has
> the potential to result in backscatter seems like it should properly
> be avoided.

The Kame folks can comment on the current state of their change, they
made a couple of them.  In FreeBSD 6 an 5 (the stable branches) we
have a sysctl to turn processing on and off.  In 7 (aka HEAD or
CURRENT) we treat the RH0 as unknown.  Code diffs can be seen here:

HEAD:

http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/route6.c.diff?r1=1.12;r2=1.13;f=h

STABLE:

http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/route6.c.diff?r1=1.11.2.1;r2=1.11.2.2;f=h

Best,
George

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email