[ovs-dev] [IPv6 6/7] nicira-ext: Support matching IPv6 Neighbor Discovery messages.
Ben Pfaff
blp at nicira.com
Sat Jan 22 16:24:17 UTC 2011
On Sat, Jan 22, 2011 at 2:49 AM, Justin Pettit <jpettit at nicira.com> wrote:
> On Jan 21, 2011, at 2:56 PM, Ben Pfaff wrote:
>> Also in parse_icmpv6(), what's the proper handling of an ND message with
>> duplicate ND_OPT_SOURCE_LL_ADDR or ND_OPT_TARGET_LL_ADDR options? This
>> could be a security issue, if different implementations do it
>> differently.
>
> Yeah, the same thing had occurred to me. Here's the only thing RFC 2461 says about it:
>
> Options in Neighbor Discovery packets can appear in any order;
> receivers MUST be prepared to process them independently of their
> order. There can also be multiple instances of the same option in a
> message (e.g., Prefix Information options).
>
> So, really, there's no answer about what to do in these circumstances that I could determine.
Hmm, I'd be tempted to consider it an error and reject it.
More information about the dev
mailing list