On Wed, 7 Aug 2013 07:30:49 +0200, Claudio Jeker wrote: >This is from the network stack, it does not mean that bgpd added routes >for this. For that you should check bgpctl show rib, bgpctl show fib and >route(8) output. I'll have to check when some traffic is passing. Pity the error line doesn't have a timestamp 8-)
>The problem here is that somebody on sis0 is sending you >packets using link local addresses as source IP to a global IP as >destination. This is not allowed since there is no way to send packets >back. So if sis0 is upstream then something is seriously wrong on that >upstream. I dig all that and my attitude was that they should not be doing that but why is my filter not blocking it anyway? deny from any prefix fe80::/10 prefixlen >= 10 # link local unicast Am I missing something there? > ><neccessary IPv6 rant> >All went to shit when they added link local addressing to IPv6 in the >ivory tower. All this because DHCP was considered bad. So we ended up >with this mess that is worse by at least 50dB. ></rant> It's a case of NIBU* as opposed to NIH. * Not Invented By Us. Thanks for the fast reply. I'll see you at EuroBSDcon if I survive the close to 30 hours in transit. ;-) *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
