IETF Logo Mail Archive

Re: Running code, sending (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)

Alexandre Petrescu <alexandre.petrescu@gmail.com> Wed, 24 October 2018 13:30 UTC

Return-Path: <alexandre.petrescu@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 80A7D127332 for <ipv6@ietfa.amsl.com>; Wed, 24 Oct 2018 06:30:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.133
X-Spam-Level:
X-Spam-Status: No, score=-0.133 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_MED=-2.3, SPF_SOFTFAIL=0.665, URIBL_DBL_ABUSE_MALW=2.5] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tWMEpb1b04Xw for <ipv6@ietfa.amsl.com>; Wed, 24 Oct 2018 06:30:51 -0700 (PDT)
Received: from cirse-smtp-out.extra.cea.fr (cirse-smtp-out.extra.cea.fr [132.167.192.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7F73128CF3 for <ipv6@ietf.org>; Wed, 24 Oct 2018 06:30:50 -0700 (PDT)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by cirse-sys.extra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id w9ODUneI004569 for <ipv6@ietf.org>; Wed, 24 Oct 2018 15:30:49 +0200
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id 4314C203A67 for <ipv6@ietf.org>; Wed, 24 Oct 2018 15:30:49 +0200 (CEST)
Received: from muguet1-smtp-out.intra.cea.fr (muguet1-smtp-out.intra.cea.fr [132.166.192.12]) by pisaure.intra.cea.fr (Postfix) with ESMTP id 384A1200C4E for <ipv6@ietf.org>; Wed, 24 Oct 2018 15:30:49 +0200 (CEST)
Received: from [10.8.34.184] (is227335.intra.cea.fr [10.8.34.184]) by muguet1-sys.intra.cea.fr (8.14.7/8.14.7/CEAnet-Internet-out-4.0) with ESMTP id w9ODUn9g003899 for <ipv6@ietf.org>; Wed, 24 Oct 2018 15:30:49 +0200
Subject: Re: Running code, sending (Was: I-D Action: draft-ietf-6man-ipv6only-flag-03.txt)
To: ipv6@ietf.org
References: <20181019.223739.271916573.sthaug@nethelp.no> <4f58643c-272e-507e-3282-c87befd42395@gmail.com> <0927741c-4e8e-fcf7-ddd6-3ba500ba4c3d@si6networks.com> <7B48A11D-31DE-443C-B73A-14642EA0A397@jisc.ac.uk> <7526af75-4359-6fc6-e39b-eb94024a04de@si6networks.com> <E1BB1232-C1A2-496A-8157-0682D91EED42@steffann.nl> <5E75F3CA-F1D2-4F4F-9CF7-EEEE59634C1E@gmail.com> <C46C990E-0A4F-4731-8CB1-FD204858935E@consulintel.es> <9B53019C-3506-4C9E-AFCF-D6125FA1A65B@gmail.com> <2DC241B3-310B-4A3A-BD4C-C0005FCE6155@consulintel.es> <20181024103057.GD924@hanna.meerval.net> <0219483d-8580-5e4a-8172-9401ef7c97b9@gmail.com> <89235e00-4514-da61-eb5a-366790c71165@gmail.com>
From: Alexandre Petrescu <alexandre.petrescu@gmail.com>
Message-ID: <2e24c9f8-5dfe-e775-5a86-324bfcecda33@gmail.com>
Date: Wed, 24 Oct 2018 15:30:48 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <89235e00-4514-da61-eb5a-366790c71165@gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: fr
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/SazfgqIlIcWae9XeCFRguZqfLM0>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2018 13:30:52 -0000

context: I sent this RA with IPv6-only flag in a switched sizeable
IPv4-only office network.

To my surprise I now keep receiving TCP SYNs from some neighbours who
insist on reaching a few particular GUAs starting with 2620:, 2a00: and
2a02:. These neighbors self-configured addresses in the "d00d" prefix
that is specified in that scapy RA howto, and this woke up their IPv6 stack.

An hour passed and have not received a call from IT department, which is
good. (typically they call very soon when there is some security risk).

I think the IPv6-only flag does not break anything at this time (the TCP
SYN flood I get is because I put a fake prefix there d00d; but IPv6
Hosts should learn to not blindly trust someone sending an RA for playing.)

Alex


Le 24/10/2018 à 15:17, Alexandre Petrescu a écrit :
> correction: b.res=2 (instead of 1).
> 
> attached the packet capture
> 
> 
> Le 24/10/2018 à 14:43, Alexandre Petrescu a écrit :
>> Hi,
>> 
>> Le 24/10/2018 à 12:30, Job Snijders a écrit : [...]
>>> This is not discrimination. If authors don't have the capability
>>> to develop running code themselves, and also don't have access
>>> to resources nor are able to convince others to implement a
>>> protocol specification... the IETF's prime directive of
>>> interoperability can't be met anyway.
>> 
>> On windows install python and scapy, then make an RA[*] and write 
>> b.res=1. This sets the 6th Reserved flag, now called 'IPv6-Only'.
>> 
>> I just sent one, hoping sky wouldnt fall on my head :-)
>> 
>> Alex [*] how to make an RA with scapy tool is described at 
>> https://samsclass.info/124/proj11/proj9xN-scapy-ra.html
>> 
>> --------------------------------------------------------------------
>>
>> 
IETF IPv6 working group mailing list
>> ipv6@ietf.org Administrative Requests:
>> https://www.ietf.org/mailman/listinfo/ipv6 
>> --------------------------------------------------------------------
>
>> 
> 
> 
> -------------------------------------------------------------------- 
> IETF IPv6 working group mailing list ipv6@ietf.org Administrative
> Requests: https://www.ietf.org/mailman/listinfo/ipv6 
> --------------------------------------------------------------------
>

v2.23.0 | Report a Bug | By Email