[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: implications of 6to4 for v6coex
> I do not know the history and the reason for the "MUST" in this
> paragraph, and I agree with Nathan's statement that this section in
> the RFC creates a problem if we implement a strict adherence to the
> RFC.
The requirement came out of a desire for traceability and testability, and was pushed during the AD review of the draft.
Many experts were concerned that anycast addresses defeat ingress filtering, and would facilitate various forms of spoofing attacks. Using the "real" address of the gateway as a source address would prevent that.
They were also concerned that with anycast addresses, it would be difficult to test which gateways are up or down, or that the user would have no recourse if the quality of service on the anycast path of the moment was low.
-- Christian Huitema