[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: mech-v2: decapsulation check updates
> On Thu, Feb 05, 2004 at 03:22:57PM -0000, Tom Petch wrote:
> > A thought. The day before you sent this, I heard an interesting
> > presentation at RIPE-47 on tunnel discovery which used host to router
> > tunnels to find out how many tunnels
> > there are in v6 (A: lots!) and also flagged some of the dangers, eg of ND
> > packets sent direct from host to egress router. It recommended keeping
> > tunnels to network edge and using GRE (didn't grasp why).
>
> I've been there as well, and spent some time discussing this with the
> author.
do you know why the author recommeded GRE? there's no real difference
between RFC2893 tunnel and GRE with respect to address spoofs and stuff,
as far as i understand.
itojun