From owner-freebsd-net@freebsd.org Mon Apr 6 15:22:59 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A787F2B2DB7 for ; Mon, 6 Apr 2020 15:22:59 +0000 (UTC) (envelope-from pch-b9D3CB0F5@u-1.phicoh.com) Received: from stereo.hq.phicoh.net (stereo6-tun.hq.phicoh.net [IPv6:2001:888:1044:10:2a0:c9ff:fe9f:17a9]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48wvS256tlz4CH5 for ; Mon, 6 Apr 2020 15:22:57 +0000 (UTC) (envelope-from pch-b9D3CB0F5@u-1.phicoh.com) Received: from stereo.hq.phicoh.net (localhost [::ffff:127.0.0.1]) by stereo.hq.phicoh.net with esmtp (TLS version=TLSv1.2 cipher=ECDHE-RSA-CHACHA20-POLY1305) (Smail #157) id m1jLTaK-0000KhC; Mon, 6 Apr 2020 17:22:48 +0200 Message-Id: To: freebsd-net@freebsd.org Subject: Re: Revisiting FreeBSD-SA-08:10.nd6 (or: avoiding IPv6 pain) From: Philip Homburg Sender: pch-b9D3CB0F5@u-1.phicoh.com In-reply-to: Your message of "Sun, 5 Apr 2020 16:28:32 -0300 ." <327cf281-ca39-7c2f-3545-0edd3b40808f@gont.com.ar> Date: Mon, 06 Apr 2020 17:22:48 +0200 X-Rspamd-Queue-Id: 48wvS256tlz4CH5 X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of pch-b9D3CB0F5@u-1.phicoh.com has no SPF policy when checking 2001:888:1044:10:2a0:c9ff:fe9f:17a9) smtp.mailfrom=pch-b9D3CB0F5@u-1.phicoh.com X-Spamd-Result: default: False [2.69 / 15.00]; ARC_NA(0.00)[]; SUBJECT_ENDS_SPACES(0.50)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[phicoh.com]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.37)[0.372,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_SPAM_LONG(0.62)[0.621,0]; R_SPF_NA(0.00)[]; FORGED_SENDER(0.30)[pch-fbsd-2@u-1.phicoh.com,pch-b9D3CB0F5@u-1.phicoh.com]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3265, ipnet:2001:888::/32, country:NL]; FROM_NEQ_ENVFROM(0.00)[pch-fbsd-2@u-1.phicoh.com,pch-b9D3CB0F5@u-1.phicoh.com]; IP_SCORE(-0.00)[asn: 3265(-0.04), country: NL(0.03)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Apr 2020 15:22:59 -0000 >However, when a packet from an "off-link" network is employed, the >sending node has no way of knowing where to send the packet, unless it >simply swaps the src and dst mac addresses, and uses the source address >of the packet as the destination addresses. No, a node can just use the normal IPv6 send mechnisms to send a NA message. If the destination is off-link then the packet gets sent to the default router. Then, if the default router considers the destination on-link, it will forward the packet and send a redirect. The redirect should have a link layer address to allow the target host to send future traffic directly.