(Loose) uRPF vs. non-announced IXP space
Brian E Carpenter
brian.e.carpenter at gmail.com
Wed Feb 8 20:35:28 CET 2012
On 2012-02-09 01:35, Stefan Neufeind wrote:
...
>>> From my point of view RFC 5963 should be updated to recommend the
>>> global announcement
>>> of IX prefixes for IPv6 or - as already mentioned - an alternative would
>>> be to source the
>>> ICMP messages from a public address instead.
>> Vendors providing uRPF implementations that cannot be configured to
>> add exceptions, like "permit all ICMP packet too big" are part of the
>> problem.
It isn't just uRPF - we had a similar discussion about ICMP PTB with
a link-local source, which any router should drop according to
the standards.
Surely the only safe solution is to ensure that every ICMP PTB (or echo reply)
has a valid globally routable source addr.
Brian
More information about the ipv6-ops
mailing list