| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140107130938.GE24730@order.stressinduktion.org> Date: Tue, 7 Jan 2014 14:09:38 +0100 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: François-Xavier Le Bail <fx.lebail@...oo.com> Cc: netdev@...r.kernel.org, "David S. Miller" <davem@...emloft.net>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, James Morris <jmorris@...ei.org>, Hideaki Yoshifuji <yoshfuji@...ux-ipv6.org>, Patrick McHardy <kaber@...sh.net> Subject: Re: [PATCH net-next v4] IPv6: use anycast addresses as source addresses in echo reply On Tue, Jan 07, 2014 at 04:38:38AM -0800, François-Xavier Le Bail wrote: > On Mon, 1/6/14, Hannes Frederic Sowa <hannes@...essinduktion.org> wrote: > > >>But if an echo request arrive on an interface > >> which do not listen at this LL anycast, is a reply can occur ? > > > I thought quite the opposite with anycast + forwarding > > enabled, that we would process the packet. > > yes, for a global scope anycast. > But a routers must not forward any packets with link-local source or destination addresses to other links, thus also ll anycast. Of course, but in this case I hesitated because I haven't dealt a lot with anycast recently in routing code and it seemed like RTF_ANYCAST is exclusive-or with RTF_LOCAL. So I was really unsure if this protection was really in place. We already had some illegal forwarding/input paths in the past. ;) Greetings, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists