Havard Eidnes wrote:
[...], but consider the case that an L2 device on the path between routers A and B starts sending lots of ICMPs along the reverse path back through A. What should A do in that case? Attempt to forward all of the ICMPs, or use rate-limiting?
Seen from A's side, doesn't this L2 device implement enough of L3 to be called a host? I'm not sure I understand why you say that it has to be an L2 device.
If a host is flooding the network with ICMPv6 messages, the bug is in the host stack of the originating device (if there is agreement that rate limiting of sourcing of ICMPv6 messages is to be done, which seems to be the case).
I think it would be most unwise to mandate or recommend that IP traffic of one type or other receive different forwarding treatment by default.
This does of course not prevent an equipment vendor to provide
and an administrator to configure his router to defend against
the situation in his network by implementing an optional rate
limiter on an interface.
If the router has traffic management per interface, and many if not most nowadays do, the ICMP traffic shaping is not different than shaping any other traffic.
Such a rate limiter should of course be different from the rate limiter used for locally originated traffic.
Why should?
If the router implements ICMP rate limiting per interface, without any differentiation between local ICMP and forwarded ICMP the effect is still the same, and none need call the ICMP protocol police (-:. Who cares that the process may incure dropping some internally generated ICMP messages?
Regards, Alex
Regards,
- Håvard
smime.p7s
Description: S/MIME Cryptographic Signature-------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------