Experiences with IPv6 and Routing Efficiency
saku at ytti.fi
Sun Jan 19 17:05:08 UTC 2014
On (2014-01-19 16:11 +0000), Nick Hilliard wrote:
> attacks for hardware-forwarded routers, so generally the only sensible
> option is to drop packets with long EH chains.
I think sensible is to handle HW when possible and punt rate-limited when
must. Dropping standard compliant data seems dubious at best.
Now should it be standard complaint?
looking to restrict EH more, I contacted authors, hoping even more limitation
than what it currently suggests, they thought 6man would never accept as
strict limits as I suggested.
My suggestion is that IP + EH (not L4) SHOULD NOT span over 128B and
implementation MAY drop frames with larger headers.
More information about the NANOG