On Jun 11, 2013, at 12:23 AM, cb.list6 cb.li...@gmail.com wrote:
I believe Warren's data hints at the idea that the packets will vanish if
they don't fit a very specific profile.
Very likely…
Anything beyond the ability of my device to filter poses a security risk.
Example from 2008 of
On Aug 10, 2012, at 6:17 PM, Fred Baker (fred) wrote:
Is it fair to assume that implementations do DAD and follow (2)?
This is the logical thing that I personally would do..
- Jared
IETF IPv6 working group mailing list
On Jan 5, 2012, at 10:31 PM, Fernando Gont wrote:
On 01/05/2012 11:08 PM, Joel M. Halpern wrote:
Are we really prepared to say that there can be no new protocosl at the
Internet or Transport layer, ever again. Not even new extensions?
I'm personally ready to admit that new transport
On Jan 4, 2012, at 9:55 PM, Brian E Carpenter wrote:
The point is that paranoid firewalls will turn this into an
arms race - if they are paranoid enough to block ICMP PTB,
which apparently many are, why wouldn't they block any other
signalling mechanism - especially a new one?
That's why
On Jan 4, 2012, at 12:27 AM, Dan Wing wrote:
-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Tuesday, January 03, 2012 6:15 PM
To: Dan Wing
Cc: Eric Vyncke (evyncke); ipv6@ietf.org
Subject: Re: Fragmentation-related security issues
Broken
On Jan 3, 2012, at 9:13 AM, STARK, BARBARA H wrote:
4. [my favorite] Neither clients nor routers can predict whether they will
find themselves in an environment where only one or the other is supported.
So both clients and routers that expect to be fully interoperable must
support both.
On Jan 3, 2012, at 3:59 PM, Doug Barton wrote:
... and this is not a feature because? And no, don't quote the
robustness principle. The floor for MTU has been hard-coded since day 1,
so anyone who breaks that deserves what they get.
+1
Broken and misconfigured network elements will always exist. We needn't create
solutions for everyone's problems that should be addressed otherwise.
Jared Mauch
On Jan 3, 2012, at 8:23 PM, Dan Wing dw...@cisco.com wrote:
-Original Message-
From: Eric Vyncke (evyncke) [mailto:evyn
On Jul 13, 2011, at 4:11 AM, Mikael Abrahamsson wrote:
On Wed, 13 Jul 2011, Ray Hunter wrote:
So where's the limit for ND and prefix length on today's implementations and
platforms?
Todays L3 switches typically have an ND/ARP table size limitations in the
1-4k entry range.
What if
On Jul 13, 2011, at 9:14 AM, Arturo Servin wrote:
What's the point?
If you asume unrealistic scenarios to prove your concept, then you
have a problem with your solution.
The problem is that you have a link where the attacker can have
2^64 different addresses to spoof and it can
On Jul 12, 2011, at 10:04 AM, Philip Homburg wrote:
In your letter dated Tue, 12 Jul 2011 06:45:59 -0700 you wrote:
we had a couple of suggestions.
http://www.ietf.org/id/draft-gashinsky-v6nd-enhance-00.txt
Yes, but I prefer something triggered by a router then just requiring
host to do
Keeping the scope on this part only...
On Jul 12, 2011, at 1:31 PM, Philip Homburg wrote:
You have 6000 hosts that wake up after a power failure and they just randomly
multicast to the all-routers address?
I think this is just an example, it's also IMHO a test that means you read the
draft
On Apr 26, 2011, at 9:10 AM, guillaume.leclan...@swisscom.com wrote:
-Original Message-
From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of
Richard Hartmann
after renaming to draft-hartmann-6man-addresspartnaming, I am still
waiting for feedback.
Hi,
I've
On Mar 31, 2011, at 8:52 AM, Alexandru Petrescu wrote:
hmm... sounds as there would be a VIN-specific link layer? (not ieee
ethernet, not usb, not bluetooth)? Which is that?
This is the same question I have. What is the communications phy that will
interface with the outside world? I'm
Support.
- Jared Mauch
On Oct 9, 2010, at 12:58 PM, Henderickx, Wim (Wim) wrote:
support
-Original Message-
From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of Brian
Haberman
Sent: zaterdag 9 oktober 2010 18:39
To: ipv6@ietf.org
Subject: Call
On Aug 27, 2010, at 11:00 AM, Hemant Singh (shemant) wrote:
Alain,
Did you see my email where I asked what kind of a router are you talking
about that cannot implement an IPv6 dinky control plane feature like
Redirect? MUST implement Redirect by a router makes sense to me.
Yes, we
On Aug 23, 2010, at 9:17 AM, Mark Smith wrote:
On Mon, 23 Aug 2010 14:11:04 +0200 (CEST)
sth...@nethelp.no wrote:
These mechanisms are applicable to any type of link, would preserve the
simplicity of universal 64 bit IIDs and the other benefits of them e.g.
CGAs, as well as avoiding the
On Aug 23, 2010, at 5:11 PM, Mark Smith wrote:
On Mon, 23 Aug 2010 17:24:00 +0200 (CEST)
sth...@nethelp.no wrote:
And all you'll end up with is IPv4 with bigger addresses. You really
should catch up with the useful features of protocols that were
designed in the late 80s / early 90s, like
On Aug 23, 2010, at 4:49 PM, Mark Smith wrote:
On Mon, 23 Aug 2010 09:55:48 -0400
Jared Mauch ja...@puck.nether.net wrote:
On Aug 23, 2010, at 9:17 AM, Mark Smith wrote:
On Mon, 23 Aug 2010 14:11:04 +0200 (CEST)
sth...@nethelp.no wrote:
These mechanisms are applicable to any type
On Aug 19, 2010, at 3:07 PM, Thomas Narten wrote:
Brian E Carpenter brian.e.carpen...@gmail.com writes:
Jared,
On 2010-08-16 13:06, Jared Mauch wrote:
...
Is there a legitimate operational reason a host should not know
the subnet length it sits on?
A host should
On Aug 19, 2010, at 3:50 PM, Ralph Droms wrote:
Being a little pedantic here...my understanding is that a host never knows a
subnet length, per se. What the host knows is a list of on-link prefixes,
which it matches against outbound traffic. A minimal implementation might
not keep a
On Aug 19, 2010, at 3:00 PM, Thomas Narten wrote:
Jared Mauch ja...@puck.nether.net writes:
On Aug 16, 2010, at 5:43 AM, Mark Smith wrote:
It seems to me that arguing against redirects is actually arguing for
having a common case, rather than an transient one, of nodes that don't
have
We disable them. We wish our vendors would expose these hidden defaults in
their codebase (nvgen, etc).
Just because it is in an rfc does not make it right :-) it should be changed.
Jared Mauch
On Aug 19, 2010, at 6:00 PM, Hemant Singh (shemant) shem...@cisco.com wrote:
For the 4th time
On Aug 17, 2010, at 8:47 AM, Eric Gray wrote:
Jared,
Actually, if you look at the question from a slightly different
perspective, there is more than one legitimate operational reason.
The recast version of the question is what is the cost to the
network if a host IS required
On Aug 17, 2010, at 9:14 AM, Mark Smith wrote:
However, how does lessening the requirements in RFCs cause vendors to
increase the quality of their implementations? There aren't bugs in
absent features. Bugs occur in features that haven't been implemented
well.
Actually, you are missing some
On Aug 16, 2010, at 5:43 AM, Mark Smith wrote:
It seems to me that arguing against redirects is actually arguing for
having a common case, rather than an transient one, of nodes that don't
have full onlink prefix knowledge. I think having all nodes attached to
the link (i.e. both hosts and
On Aug 16, 2010, at 11:44 AM, Hemant Singh (shemant) wrote:
-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Sunday, August 15, 2010 9:07 PM
To: Hemant Singh (shemant)
Cc: Randy Bush; ipv6 deployment prevention; Wes Beebee (wbeebee)
Subject: Re: Router
Please explain how ll would solve the problem first. Maybe the bcp38+1918
thread on nanog on recent days would be instructive.
Jared Mauch
On Aug 16, 2010, at 2:49 PM, Ole Troan o...@cisco.com wrote:
On Aug 16, 2010, at 20:34 , Christopher Morrow wrote:
On Mon, Aug 16, 2010 at 7:54 AM
Jared Mauch
On Aug 16, 2010, at 5:01 PM, Ole Troan o...@cisco.com wrote:
please ping my router, it's interface address is:
fe80::20e:cff:fe5c:b001/64
my monitoring system can't ping this to ensure liveness of the
interface either :(
but they can ping whatever global /128 you put
On Aug 16, 2010, at 8:33 PM, Ole Troan wrote:
please ping my router, it's interface address is:
fe80::20e:cff:fe5c:b001/64
my monitoring system can't ping this to ensure liveness of the
interface either :(
but they can ping whatever global /128 you put on that interface, so why
doesn't
On Aug 16, 2010, at 8:37 PM, Hemant Singh (shemant) wrote:
-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Monday, August 16, 2010 12:50 PM
To: Hemant Singh (shemant)
Cc: Randy Bush; ipv6 deployment prevention; Wes Beebee (wbeebee)
Subject: Re: Router
On Aug 14, 2010, at 7:46 PM, Hemant Singh (shemant) wrote:
Again, sorry to be a nag but such a question should have been raised
when RFC 2461 or RFC 4861 were being discussed in the IETF. The
Node-Req document is only putting in text for what is already agreed
upon in an RFC like the RFC
On Aug 15, 2010, at 8:35 PM, Hemant Singh (shemant) wrote:
-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Sunday, August 15, 2010 4:18 PM
To: Hemant Singh (shemant)
Cc: Randy Bush; ipv6 deployment prevention
Subject: Re: Router redirects in Node
Agreed. Anyone wanting to do this is not connected with actual operations and
should be questioned as to what the operational requirements are. Accepting and
sending redirects also opens up dos vectors to devices when implemented poorly.
Jared Mauch
On Aug 13, 2010, at 10:10 AM, Randy Bush ra
in this space.
I'm not sure what the true use case is for redirects here.
Jared Mauch
On Aug 13, 2010, at 12:07 PM, Hemant Singh (shemant) shem...@cisco.com
wrote:
-Original Message-
From: ipv6-boun...@ietf.org [mailto:ipv6-boun...@ietf.org] On Behalf Of
Jared Mauch
Sent: Friday, August 13
On Mar 25, 2010, at 5:25 PM, Brian E Carpenter wrote:
On 2010-03-26 08:00, Lorenzo Colitti wrote:
On Thu, Mar 25, 2010 at 2:53 AM, Mark Smith
i...@69706e6720323030352d30312d31340a.nosense.org wrote:
One should note that [ADDRARCH] specifies universal/local bits (u/g),
which are the 70th
On Mar 25, 2010, at 5:44 PM, Mark Smith wrote:
Alternatively, we could continue to ignore the real world.
Well, I live in that operator world too. Just because things have been
done in the past incorrectly doesn't justify making it acceptable. They
can be considered as IPv4 thinking
Please hunt me down to return this if you have it.
- Jared
+1-313-506-4307
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
38 matches
Mail list logo
