Home page logo
/

nanog logo nanog mailing list archives

Re: Common operational misconceptions
From: Mark Andrews <marka () isc org>
Date: Thu, 16 Feb 2012 15:27:39 +1100


In message <4F3C76D5.9040603 () necom830 hpcl titech ac jp>, Masataka Ohta writes:
Mark Andrews wrote:

This doesn't prove that IPv6 is not operational.  All it proves is
people can misconfigure things.

How do operators configure their equipments to treat
ICMP packet too big generated against multicast and
unicast?

Well you need to go out of your way to get a ICMP PTB for IPv6
multicast as the default is to fragment multicast packets at the
source at network minimum mtu (RFC3542 - May 2003).  That's not to
say it won't happen.

As for generation of PTB you rate limit them the way you do for
IPv4.

Note that, even if they do not enable inter-subnet
multicast in their domains, the ICMP packets may
still transit over or implode within their domains.

Note also that some network processors can't efficiently
distinguish ICMP packets generated against multicast and
unicast.

And why do you need to distingish them?  You look at the inner
packet not the ICMP source if you want to rate limit return traffic.

                                      Masataka Ohta
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault