| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3324b33c97aa3dba56e96b187db30042@chewa.net> Date: Mon, 24 Aug 2009 08:37:08 +0200 From: Rémi Denis-Courmont <remi@...lab.net> To: Sascha Hlusiak <contact@...chahlusiak.de> Cc: netdev@...r.kernel.org Subject: Re: [PATCH] sit: 6to4: honour routing table On Sat, 22 Aug 2009 12:47:52 +0200, Sascha Hlusiak <contact@...chahlusiak.de> wrote: > Using only the actual destination address to determine the IPv4 target in > try_6to4(&iph6->daddr) seems wrong to me and breaks, if a 6to4 address is > the next-hop, like ::192.88.99.1 written as 6to4: > > default via 2002:c058:6301:: dev 6to4 > > A package to 2001:: would fall through the try_6to4 check to the > IPv4-compat check and die there. I don't understand what you're trying to fix. For a 6to4 tunnel, this has always worked fine for me, as far as I remember: default via ::192.88.99.1 dev 6to4 > This patch makes try_6to4 use the address of the Next-Hop instead, > respecting > the routing table. Users are encouraged to have a route 2002::/16 to the > tunnel device anyway, making all other 6to4 hosts direct neighbours. And where exactly is that "encouragement" coming from? -- Rémi Denis-Courmont -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists