Jari, > There may be some additional ICMP issues related to DoS that you > should mention. There are two exceptions in the multicast rule > e.2 in Section 2.4. In theory, you could cause a very large number > of nodes to send you Packet Too Bigs or Parameter Problems. For > instance, just send a multicast packet with an unknown option marked > as mandatory. Fortunately, it turns out that its relatively hard to > get the multicast routers to carry your fake multicast packet unless > you are on the correct multicast path, i.e. very near the legitimate > sender. But perhaps you should say something about this too.
Even when you are on the correct path, won't this fake multicast packet with an unknown option marked as mandatory be dropped by the next hop multicast router ? If the next hop router (or a bunch of them) itself is gonna drop this packet and send you ICMP error message, why would you receive ICMP error messages from a large number of nodes ?? Regards Mukesh -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
