Here's a revised candidate -01. As before, I have not submitted this
to the i-d repository, but offer it here first instead in order to
make sure my changes seem reasonable.
Substantive changes include:
+ removed section 3.1 (Origination), since hosts will originate
any junk they want,
Here's a revised candidate -01. As before, I have not submitted this
to the i-d repository, but offer it here first instead in order to
make sure my changes seem reasonable.
(snip)
I'm very happy with the 01-candidate-01. concise, straight to the
point.
itojun
I am happy with the revisions.
Best,
George
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
Joe,
The next to last sentence is a bit weak. Dropping all packets with
routing headers will flat-out break MIPv6. If routers/firewalls start
doing that, that would be very bad. From a standards perspecive, we
should clearly flag that as bad/non compliant.
If I understand your point, you are
Bob Hinden wrote:
[..]
I agree with Thomas that it is important to state this very clearly.
How about something like this:
Firewall policy intended to protect against packets containing RH0
must be constructed such that routing headers of other types
are not filtered by default.
Bob Hinden [EMAIL PROTECTED] writes:
I agree with Thomas that it is important to state this very
clearly.
To be clear, if even a small fraction of firewalls get deployed that
just block all traffic with a RH, MIPv6 breaks and becomes
undeployable in practice. For EVERYONE!
MIPv6 can't work
Le mercredi 13 juin 2007, Thomas Narten a écrit :
To be clear, if even a small fraction of firewalls get deployed that
just block all traffic with a RH, MIPv6 breaks and becomes
undeployable in practice. For EVERYONE!
The answer to the upcoming question must be obvious to many people here,
Thomas,
Could be even stronger. How about:
It must be understood that blocking all traffic with any RH
(rather than restricting blockage only to type 0) has very
serious implications for the deployment of future
technology. Quite simply, if even a small percentage of
Templin, Fred L [EMAIL PROTECTED] wrote:
so my previous question stands. what's a site?
Paraphrasing from the 'draft-templin-autoconf-dhcp' definition
for Mobile Ad-hoc Network (MANET):
site
a connected network region that comprises routers that
maintain a routing
On 13-Jun-2007, at 10:09, Jeroen Massar wrote:
I have one teeny thing that I think would be worthwhile repeating in
that document: Please enable uRPF where possible as that actually
already takes care of the most of the problem as packets can't go
where
they are not able to come from.
Is
A site (or site-of-sites to use the MANET terminology) is defined by the
routability of a particular ULA prefix.
- Bernie
from a process point of view that would be circular, since we're hoping
to use the meaning of site to help us define the proposed rules for ULA.
Joe Abley wrote:
On 13-Jun-2007, at 10:09, Jeroen Massar wrote:
I have one teeny thing that I think would be worthwhile repeating in
that document: Please enable uRPF where possible as that actually
already takes care of the most of the problem as packets can't go where
they are not able
On 13-Jun-2007, at 10:42, Thomas Narten wrote:
Firewall policy intended to protect against packets containing
RH0
must be constructed such that routing headers of other types
are not filtered by default. Doing so will break other uses of
the routing headers such as the
On 13-Jun-2007, at 14:33, Jeroen Massar wrote:
Joe Abley wrote:
On 13-Jun-2007, at 10:09, Jeroen Massar wrote:
I have one teeny thing that I think would be worthwhile repeating in
that document: Please enable uRPF where possible as that actually
already takes care of the most of the
Someone pointed out that ([RFC4193], Section 4) provides
operational guidelines, and I think the same guidelines
would be true for ULA-Cs as they are for ULAs?
when there's a draft for ula-c, we'll know. it's been described here as
ula but with working in-addr.arpa lookups, and as long as the
Joe Abley wrote:
On 13-Jun-2007, at 14:33, Jeroen Massar wrote:
Joe Abley wrote:
On 13-Jun-2007, at 10:09, Jeroen Massar wrote:
I have one teeny thing that I think would be worthwhile repeating in
that document: Please enable uRPF where possible as that actually
already takes care of
At Wed, 13 Jun 2007 04:53:50 -0700,
Thomas Narten [EMAIL PROTECTED] wrote:
Abstract
The functionality provided by IPv6's Type 0 Routing Header can be
exploited in order to achieve packet amplification for the purposes
of generating denial-of-service traffic. This document
17 matches
Mail list logo
