Re: RE: Routing loop attacks using IPv6 tunnels

[Dong Zhang <zhangdong_rh@huaweisymantec.com>]

Hi Templin,

Templin, Fred L 2009-09-16 Wrote:
>Hesham,
>
>> -----Original Message-----
>> From: Hesham Soliman [mailto:hesham@elevatemobile.com]
>> Sent: Monday, September 14, 2009 10:51 PM
>> To: Templin, Fred L; Brian E Carpenter
>> Cc: v6ops; Christian Huitema; ipv6@ietf.org; secdir@ietf.org
>> Subject: Re: Routing loop attacks using IPv6 tunnels
>> 
>> Fred,
>> 
>> >>> What I would rather have said was that mechanisms such as
>> >>> SEcure Neighbor Discovery (SEND) may be helpful in private
>> >>> addressing domains where spoofing is possible. Let me know
>> >>> if this makes sense.
>> >>
>> >> Except for the practical problems involved in deploying SEND.
>> >
>> > Can it be said that there is any appreciable operational
>> > experience with SEND yet? Are there implementations?
>> 
>> => About 2 months ago there was a thread on the node requirements
>draft that
>> addressed the presence of SEND implementations and people who have
>> implementations voiced them on the list. If memory serves me right
>it's
>> basically on linux, BSD and IOS, but check the archives. I don't know
>> anything about deployment experience.
>
>Thanks for the pointer. A quick google search yesterday
>also showed up JUNOS as having an implementation, so there
>may be still others. I'll have a look at the archives.

There is another implementation.
http://www.ietf.org/mail-archive/web/cga-ext/current/msg00321.html


------------------				 
Dong Zhang
2009-09-17
>
>Fred
>fred.l.templin@boeing.com
> 
>> Hesham