Re: [v6ops] A good example of why we need to careful about ULAs
Owen DeLong <owen@delong.com> Sat, 01 June 2013 02:47 UTC
Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABB8F21F8CF4 for <v6ops@ietfa.amsl.com>; Fri, 31 May 2013 19:47:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.399
X-Spam-Level:
X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[AWL=0.200, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xy5o26IFKLkZ for <v6ops@ietfa.amsl.com>; Fri, 31 May 2013 19:47:56 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id 0BCFC21F8C4C for <v6ops@ietf.org>; Fri, 31 May 2013 19:47:55 -0700 (PDT)
Received: from [192.168.6.83] (ip-64-134-24-48.public.wayport.net [64.134.24.48]) (authenticated bits=0) by owen.delong.com (8.14.2/8.14.1) with ESMTP id r512ihB3009107 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 31 May 2013 19:44:47 -0700
X-DKIM: Sendmail DKIM Filter v2.8.3 owen.delong.com r512ihB3009107
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=delong.com; s=mail; t=1370054690; bh=Z2ROAGmzx0Boj4YgM+NxgQS1WIY=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc: Content-Transfer-Encoding:Message-Id:References:To; b=Xw2Gesb5mA/E/D5tqhcsnYmLXkfCboVn7O70hajrIVuHE9ydB4MrvpSopkUQkygqe JCy+F1s7rQxtu8ktn3gR1oODhhbOr7OZtu2LDbUVgUtoS1dYIs+WJA8U5uJTW3ViaB vCfmrsv1GHESX+vQw3eB6QBnnot50PIVsSd9/5/I=
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <8D23D4052ABE7A4490E77B1A012B6307751BFE04@mbx-01.win.nominum.com>
Date: Fri, 31 May 2013 19:44:48 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <4CB10EDC-1E2B-4423-AD77-7B6062F80579@delong.com>
References: <CAKD1Yr29kf1Me=6JR66Gq0dFYgQx2wq=pjW8WZyHByPA0POsMQ@mail.gmail.com> <1369901467.70362.YahooMailNeo@web142506.mail.bf1.yahoo.com> <51A7C86B.3020808@gmail.com> <BCEC2341-CF91-4184-B14A-FE0BE683F89F@delong.com> <8D23D4052ABE7A4490E77B1A012B6307751BFE04@mbx-01.win.nominum.com>
To: Ted Lemon <Ted.Lemon@nominum.com>
X-Mailer: Apple Mail (2.1503)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0rc1 (owen.delong.com [192.159.10.2]); Fri, 31 May 2013 19:44:50 -0700 (PDT)
Cc: "v6ops@ietf.org WG" <v6ops@ietf.org>, "draft-ietf-v6ops-ula-usage-recommendations@tools.ietf.org" <draft-ietf-v6ops-ula-usage-recommendations@tools.ietf.org>
Subject: Re: [v6ops] A good example of why we need to careful about ULAs
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Jun 2013 02:47:56 -0000
On May 31, 2013, at 7:21 PM, Ted Lemon <Ted.Lemon@nominum.com> wrote: > On May 31, 2013, at 10:01 PM, Owen DeLong <owen@delong.com> wrote: >> How is having them leak in attempted TCP connections worse than having them leak in ICMP headers? It's still an invalid header. > > The ttl exceeded return packet doesn't expect a return packet of its own, so the fact that there's a "bogus" IP address on the header causes no harm, despite being technically wrong. Filtering the packet based on the source address, on the other hand, would cause harm. Nobody ever said life was going to be simple. The TTL Exceeded packet shouldn't get forwarded by any router as a result of the LL Source address. Thus it should never reach its destination. Thus it will break traceroutes. Thus it is harmful. Owen
- [v6ops] A good example of why we need to careful … Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Mark Smith
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Mark Smith
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… joel jaeggli
- Re: [v6ops] A good example of why we need to care… Mark Andrews
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Liubing (Leo)
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Ole Troan
- Re: [v6ops] A good example of why we need to care… Gert Doering
- Re: [v6ops] A good example of why we need to care… Sander Steffann
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Arturo Servin
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Alexandru Petrescu
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Fred Baker (fred)
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Brian Haberman
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Wuyts Carl
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Gert Doering
- Re: [v6ops] A good example of why we need to care… Wuyts Carl