I-D Action:draft-ietf-6man-text-addr-representation-00.txt

A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the IPv6 Maintenance Working Group of the IETF. Title : A Recommendation for IPv6 Address Text Representation Author(s) : S. Kawamura, M. Kawashima

Re: Routing loop attacks using IPv6 tunnels

Fred, I initially very much liked your suggestion regarding the check of the neighbor cache before forwarding a packet into the tunnel. It truly addresses the root cause of the problem ans is simple enough to implement. However, I realized that an attacker can send a spoofed RS to the ISATAP

Re: Routing loop attacks using IPv6 tunnels - the 6rd case

Remi, See my comments inline (gn). Gabi - Original Message From: Rémi Després remi.desp...@free.fr To: Gabi Nakibly gnaki...@yahoo.com Cc: v6ops v6...@ops.ietf.org; 6man 6man ipv6@ietf.org; sec...@ietf.org; Mark Townsley towns...@cisco.com Sent: Thursday, August 20, 2009 11:34:49 AM

Re: Recommended value for the Hop Limit?

On Mon, Aug 24, 2009 at 1:19 PM, Thomas Narten nar...@us.ibm.com wrote:             The default value for hosts is the Neighbor Discovery             advertised hop limit [ND-Spec].  The default value for             routers is the default IPv6 Hop Limit value from the            

Re: Recommended value for the Hop Limit?

Fernando Gont ferna...@gont.com.ar writes: The intention of that wording was that the value to be used was the same one as recommended for general use for IPv4, which IANA records. What about nodes that are e.g. statically configured? The intention of the Hop Limit, I think, is that

Re: Recommended value for the Hop Limit?

On Mon, Aug 24, 2009 at 2:41 PM, Thomas Nartennar...@us.ibm.com wrote: What about nodes that are e.g. statically configured? The intention of the Hop Limit, I think, is that implementations (not operations) configure it by default to 64. The value rarely seems to change, so an operator/user

RE: Routing loop attacks using IPv6 tunnels

Gabi, -Original Message- From: Gabi Nakibly [mailto:gnaki...@yahoo.com] Sent: Monday, August 24, 2009 4:44 AM To: Templin, Fred L; v6ops Cc: ipv6@ietf.org; sec...@ietf.org Subject: Re: Routing loop attacks using IPv6 tunnels Fred, I initially very much liked your suggestion

RE: Routing loop attacks using IPv6 tunnels

Slight correction: if (dst == *::0200:5efe:my_ipv4_addr) drop_pkt(); /* attack #3 mitigation */ should be: if (dst == foreign_prefix::0200:5efe:my_ipv4_addr) drop_pkt(); /* attack #3 mitigation */ Fred fred.l.temp...@boeing.com

Re: I-D Action:draft-axu-addr-sel-00.txt

Hi, 2.2. Autoconfiguration for Global Scope ... This usually means that the next hop of that default route will only be useable with the source address learned from that default router. Can you be more explicit that any global scope routing table MAY contain a default route and that