[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: can you be constructive? Re: pls read the specs Re: Section 2.4,item (f) of draft-ietf-ipngwg-icmp-v3-04.txt



Fred,

> >That's definitely out of scope of this *protocol* specification.
> >
> >They're just forwarded IP packets. More often than not, the router
> >doesn't even know it's ICMPv6 (because it just looks at the
> >destination address), and *cannot* even know that (e.g., there are
> >extension headers, encryption, etc.).
> >
> 
> If the router can know that they are error messages and can also know,
> e.g., that the errors are arriving at a disproportionally 
> high rate with
> respect to the IPv6 packets that could have possibly generated them,
> then it should perform rate limiting. (That would be per-interface
> rate limiting, I suppose.)

If the router starts looking the protocol type field in the IPv6
header and behave differently for each type of packet, IMHO it 
will become a firewall or a packet filter :)

I agree with Pekka and Havard.  This will be fixing (or
rather patching) the problem at the wrong place.  

As Pekka already said that this issue is not just with
ICMPv6 but with any bad traffic.  For what all bad traffic 
a router should perform rate limiting for is a general
question and should be completely outside the scope of
the ICMPv6 Protocol spec.

Regards
Mukesh

--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------