Date: Sat, 10 Mar 2012 10:27:16 -0800 From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= <jinmei@isc.org> To: Alex Yong <annonymouse+freebsd@gmail.com> Cc: freebsd-net@freebsd.org Subject: Re: Strong host model in IPv6? Message-ID: <m2haxwgvln.wl%jinmei@isc.org> In-Reply-To: <CAJW_4zC-pMuX57xxc0fd6CNs5voT4Uc-=K1mbMaTEwNS6Q9NKw@mail.gmail.com> References: <CAJW_4zCUuSFS9A4P-SB41P=b=M%2BpTDL2zO9mQteHxmOJU98dtQ@mail.gmail.com> <CAJW_4zC-pMuX57xxc0fd6CNs5voT4Uc-=K1mbMaTEwNS6Q9NKw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At Fri, 9 Mar 2012 23:26:01 +0000, Alex Yong <annonymouse+freebsd@gmail.com> wrote: > I've spotted that in IPv4 there is the sysctl "net.inet.ip.check_interface" > which defaults to set, but I've been unable to find any guarantees that > strong host model is enforced in v6 in the comments or internet. According > to the IPv6 Core Protocols Implementation book (3.7 "Input processing: > ip6_input() Function") the incoming network packet processing in ip6_input > should use the routing table to look up whether packets are of relevance > for an interface - but the code base has diverged significantly since then > including vnets for jails which makes me wonder if this is a bug. However I've not closely followed the most recent version of FreeBSD IPv6 code, but the use of the routing table in ip6_input in the original KAME implementation had nothing to do with the strong host model. It was just for faster determination of whether an incoming packet is destined to *any* of host's IPv6 addresses (on any interface, which may or may not be identical to the receiving interface). --- JINMEI, Tatuya Internet Systems Consortium, Inc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m2haxwgvln.wl%jinmei>