Filtering ULA?
David Freedman
david.freedman at uk.clara.net
Mon Sep 22 18:08:18 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
>
> As for the packets: what if someone generates an ICMP too big message
> with a ULA source address? That could happen. It would be really bad if
> people filtered out those packets because that creates PMTUD black holes.
I was talking about the packets.
Yes, its possible to receive a multitude of signals sourced from ULA
addresses, I find the terminology slightly warped when talking about
ICMP messages from non "internet" sources (The "I" in ICMP being the
point here) , but accept that, currently with IPv4 people do indeed send
messages from unrouted space.
I suppose I could allow ICMP from ULA as part of my ICMP policy (rate
limited etc..) which would be a good compromise.
Dave.
- --
David Freedman
Group Network Engineering
Claranet Limited
http://www.clara.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFI18LxtFWeqpgEZrIRAuDqAKC9wnvVMb+jATASkVJOD7fKP+qyGwCguUN9
LDcpKvGXUVTcspWyYEwCwLc=
=j/bT
-----END PGP SIGNATURE-----
More information about the ipv6-ops
mailing list