On Mon, 2004-09-27 at 18:35, Manfredi, Albert E wrote: > Jeroen Massar wrote: > > > Brian Haberman wrote: > > > The hop limit of 1 is to keep MLD consistent with IGMP. > > > > You mean IGMPv3, thus actually IPv4? > > MLDv2 is actually IGMPv3 modified to the IPv6 way of doing things. > Just as MLDv1 was basically IGMPv2. > > I think that the advantages of source filtering are somewhat less > critical with IPv6. I think one of the primary reasons to add source > filtering in IGMPv3 was an effort to conserve on Class D addresses > used for multicasting in IPv4. It's another scheme to extend the > useful life of IPv4.
One could also have eg a multicast NTP setup (FF0X::101) and using source filtering mention that you do not want traffic from certain NTP sources, or a specific address which can be used for a video conference chat, using the source address for the quality of the stream etc, eg: 2001:db8::1 = 1mbit stream, 2001:db8::64 = 64mbit stream, or some similar scheme, thus it has some value for IPv6 too, but indeed for IPv4 it is yet another prolongation. > > But wouldn't it be better to use > > 255 here to make it consistent with the "we don't want remote hosts to > > set a TTL to 5, let the packet hop 4 routers and tada do ND > > there' idea? > > The idea with IGMP and MLD is for local hosts to inform only the last > hop router(s), which must obviously be multicast routers, as to the group > membership of each of their directly attached segments. The routers then > relay this information up the multicast tree using multicast routing > protocols, such as PIM. That's another whole subject area. > > So the TTL of 1 makes sense. You don't want to clutter up multiple IP > subnets with information that is meant only for the local last-hop > multicast router(s). It's a scaling issue. In any event, multicast > routers won't forward IGMP packets, so the TTL value is not that critical perhaps. Agreed, but maybe to keep in sync with the ND idea, it would be better to do it anyway in case someone sets up a default, or ff0x::/8 unicast route towards another router, as most unicast routers will then simply handle this as a unicast packet and route it along. Someone could then craft a packet with a 4 hoplimit, being 3 router hops away and be able to inject a MLD packet into your network. The 255 hoplimit allows one to at least check if the packet really came from the local network, otherwise it will be <255, just like in ND. afaik some BGP implementations also started doing this trick to make sure that the packet really is from the local net and not coming in over some spoofed source in a far far away country. Greets, Jeroen
signature.asc
Description: This is a digitally signed message part
-------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
