Hi Fernando, While I am supportive of getting rid of ICMPv6 responses for 10xxxxxx options, I am not at all sure about how probable this attack is. My understanding is that for this attack to work, the following two conditions need to be met.
a) Ingress filtering MUST NOT be enabled on the attacker side b) multicast RPF on the path MUST NOT catch the packet and throw it away Is my understanding correct? Thanks Suresh -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------