IPv6 packets with HBH
Ole Troan
ot at cisco.com
Thu Aug 7 14:05:26 CEST 2014
Fernando,
>> how do people handle packets with HBH present? Since their use is a
>> potential attack vector, do people rate-limit them? I can't seem to find
>> some sort of "best practice" on the issue
>
> This is the current state of affairs on the public IPv6 Internet:
> <http://www.iepg.org/2014-07-20-ietf90/iepg-ietf90-ipv6-ehs-in-the-real-world-v2.0.pdf>
s/public IPv6 Internet/selected content providers/
advice with regards to HBH headers. assuming there isn't any feature enabled that uses HBH. on a platform that supports forwarding of packets with HBH without punting, forward. for platforms that do punt regardless, drop.
cheers,
Ole
More information about the ipv6-ops
mailing list