On Thu, Nov 17, 2005 at 02:21:01AM -0800, Vishwas Manral wrote: > Hi, > > > > While going through the draft, I noticed there is no talk of tunneled ND > message in the entire draft. > > > > The draft states: - > > > > By setting the Hop Limit to 255, Neighbor Discovery is immune to > off-link senders that accidentally or intentionally send ND messages. > > However if we send a basic ND message in IP-in-IP tunneled packet and > send the packet across, we can easily send ND messages off-link. A > solution I can think of is that by default we SHOULD NOT allow ND > packets inside tunneled packets unless explicitly configured to do so. > > Am I missing the point?
I'm wondering if I'm missing the point, because to me it seems obvious. If you have a tunnel, the tunnel is the link, and the packet would not be forwarded off that link. And even if it was, the hop limit is decremented, so it would be discarded since hop limit < 255. There is no difference between a tunnel link and any other link media I think. Stig > > Thanks, > Vishwas > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
