Re: [v6ops] A good example of why we need to careful about ULAs
Owen DeLong <owen@delong.com> Sat, 01 June 2013 04:38 UTC
Return-Path: <owen@delong.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9ED8A21F8E8F for <v6ops@ietfa.amsl.com>; Fri, 31 May 2013 21:38:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.499
X-Spam-Level:
X-Spam-Status: No, score=-2.499 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ml9hdS-FjFCX for <v6ops@ietfa.amsl.com>; Fri, 31 May 2013 21:38:36 -0700 (PDT)
Received: from owen.delong.com (owen.delong.com [IPv6:2620:0:930::200:2]) by ietfa.amsl.com (Postfix) with ESMTP id 1DEE821F8E8C for <v6ops@ietf.org>; Fri, 31 May 2013 21:38:35 -0700 (PDT)
Received: from [192.168.6.83] (ip-64-134-24-48.public.wayport.net [64.134.24.48]) (authenticated bits=0) by owen.delong.com (8.14.2/8.14.1) with ESMTP id r514X4N0010836 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Fri, 31 May 2013 21:33:09 -0700
X-DKIM: Sendmail DKIM Filter v2.8.3 owen.delong.com r514X4N0010836
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=delong.com; s=mail; t=1370061191; bh=E/FFYp38Wt+YkUKCDUZloeNp24A=; h=Content-Type:Mime-Version:Subject:From:In-Reply-To:Date:Cc: Content-Transfer-Encoding:Message-Id:References:To; b=QvCp3JcE94oMt/onyJbF3qbZSkXKHXtY0bsBmMLdJxJwie7Jur8KJxW4TMdUxe6vT iLgmCu25fxBIE++9yivtM4c/0tYovyeYgP4SZvBNcTcgbit1JKhSaY7u+8ElOML5Kc AwjIW+uzzjrh8g/Nw5uM2EEzlrx3gdFymhLTLOcY=
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 6.3 \(1503\))
From: Owen DeLong <owen@delong.com>
In-Reply-To: <51A97375.1090402@gmail.com>
Date: Fri, 31 May 2013 21:33:03 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <33795D9E-6174-4373-9506-0D62ED9013D0@delong.com>
References: <CAKD1Yr29kf1Me=6JR66Gq0dFYgQx2wq=pjW8WZyHByPA0POsMQ@mail.gmail.com> <1369901467.70362.YahooMailNeo@web142506.mail.bf1.yahoo.com> <51A7C86B.3020808@gmail.com> <BCEC2341-CF91-4184-B14A-FE0BE683F89F@delong.com> <8D23D4052ABE7A4490E77B1A012B6307751BFE04@mbx-01.win.nominum.com> <4CB10EDC-1E2B-4423-AD77-7B6062F80579@delong.com> <51A97375.1090402@gmail.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
X-Mailer: Apple Mail (2.1503)
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0rc1 (owen.delong.com [192.159.10.2]); Fri, 31 May 2013 21:33:11 -0700 (PDT)
Cc: "v6ops@ietf.org WG" <v6ops@ietf.org>, "draft-ietf-v6ops-ula-usage-recommendations@tools.ietf.org" <draft-ietf-v6ops-ula-usage-recommendations@tools.ietf.org>
Subject: Re: [v6ops] A good example of why we need to careful about ULAs
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Jun 2013 04:38:37 -0000
On May 31, 2013, at 9:07 PM, Brian E Carpenter <brian.e.carpenter@gmail.com> wrote: > On 01/06/2013 14:44, Owen DeLong wrote: >> On May 31, 2013, at 7:21 PM, Ted Lemon <Ted.Lemon@nominum.com> wrote: >> >>> On May 31, 2013, at 10:01 PM, Owen DeLong <owen@delong.com> wrote: >>>> How is having them leak in attempted TCP connections worse than having them leak in ICMP headers? It's still an invalid header. >>> The ttl exceeded return packet doesn't expect a return packet of its own, so the fact that there's a "bogus" IP address on the header causes no harm, despite being technically wrong. Filtering the packet based on the source address, on the other hand, would cause harm. Nobody ever said life was going to be simple. >> >> The TTL Exceeded packet shouldn't get forwarded by any router as a result of the LL Source address. >> >> Thus it should never reach its destination. > > Agreed. But when it does get through, it does no particular > harm (you just see a bizarre hop in the traceroute). If it got > through in a SYN/ACK exchange, it would probably distress a user. > If it gets through, then it is an indication that every router between the one that sourced the packet and the recipient host is broken. True, the packet itself is "mostly harmless", but… >> >> Thus it will break traceroutes. >> >> Thus it is harmful. > > I'm not defending bad practice; just observing that it doesn't > cause a disaster in trace route. And I'm saying that if any of the routers between the LL-packet generating router and the recipient are working correctly, it does, in fact, break traceroute. Owen
- [v6ops] A good example of why we need to careful … Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Mark Smith
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Mark Smith
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… joel jaeggli
- Re: [v6ops] A good example of why we need to care… Mark Andrews
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Liubing (Leo)
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Ole Troan
- Re: [v6ops] A good example of why we need to care… Gert Doering
- Re: [v6ops] A good example of why we need to care… Sander Steffann
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Arturo Servin
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Alexandru Petrescu
- Re: [v6ops] A good example of why we need to care… Ted Lemon
- Re: [v6ops] A good example of why we need to care… Jeroen Massar
- Re: [v6ops] A good example of why we need to care… Brian E Carpenter
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Fred Baker (fred)
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Brian Haberman
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Gunter Van de Velde (gvandeve)
- Re: [v6ops] A good example of why we need to care… Lorenzo Colitti
- Re: [v6ops] A good example of why we need to care… Wuyts Carl
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Owen DeLong
- Re: [v6ops] A good example of why we need to care… Gert Doering
- Re: [v6ops] A good example of why we need to care… Wuyts Carl