Vishwas Manral wrote: > Hi Brian/ Jinmei, > > What about the case of having such malicious packets tunnelled inside > unicast packets?
The multicast address and the victim source address still need to be known along with the multicast tree topology in order to make the attack work. It may help to have some kind of sketch of the topology, along with the tunnel endpoints to make sure everyone understands the scenario you are worried about. Are you assuming that any arbitrary router/node will decapsulate your packet? > >> > that case the returned ICMPv6 messages will most likely be forwarded >> > by the attacking router > I feel two points are totally missed in the argument here. Forwarding > traffic is generally done in the hardware by ASIC's while thats not > the case of packets that need to be processed. So any router in the > middle will not process the packet so will not be overwhelmed. I am not sure what you mean here. > > The second more interesting case is again, a malicious device can > attack any router upstream of a router in its same network too. A diagram would help me understand your concern. Regards, Brian -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
