From owner-freebsd-net@freebsd.org Mon Apr 6 15:40:22 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5C6832B3A11 for ; Mon, 6 Apr 2020 15:40:22 +0000 (UTC) (envelope-from fernando@gont.com.ar) Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 48wvr50ST1z4D4H for ; Mon, 6 Apr 2020 15:40:20 +0000 (UTC) (envelope-from fernando@gont.com.ar) Received: from [192.168.0.10] (unknown [181.45.84.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id BD4AD808C3; Mon, 6 Apr 2020 17:40:16 +0200 (CEST) Subject: Re: Revisiting FreeBSD-SA-08:10.nd6 (or: avoiding IPv6 pain) To: Philip Homburg , freebsd-net@freebsd.org References: From: Fernando Gont Message-ID: Date: Mon, 6 Apr 2020 12:40:03 -0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 48wvr50ST1z4D4H X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of fernando@gont.com.ar designates 91.239.96.14 as permitted sender) smtp.mailfrom=fernando@gont.com.ar X-Spamd-Result: default: False [-5.81 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[gont.com.ar]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[14.96.239.91.list.dnswl.org : 127.0.10.0]; IP_SCORE(-3.51)[ip: (-9.29), ipnet: 91.239.96.0/23(-4.65), asn: 198644(-3.62), country: SI(0.01)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:198644, ipnet:91.239.96.0/23, country:SI]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Apr 2020 15:40:22 -0000 On 6/4/20 12:22, Philip Homburg wrote: >> However, when a packet from an "off-link" network is employed, the >> sending node has no way of knowing where to send the packet, unless it >> simply swaps the src and dst mac addresses, and uses the source address >> of the packet as the destination addresses. > > No, a node can just use the normal IPv6 send mechnisms to send a NA > message. If the destination is off-link then the packet gets sent to the > default router. Agreed. I missed this. Although there might be corner cases where this doesn't apply -- i.e., for some reason you have no routes. But yes: use normal IPv6 send mechanisms. And also probably motivate that nodes use the address of the sending interface (strong-end system model, per RFC1122). Thanks, -- Fernando Gont e-mail: fernando@gont.com.ar || fgont@si6networks.com PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1