Re: IPv6 reject routes

To: Greg Troxel <gdt%ir.bbn.com@localhost>
Subject: Re: IPv6 reject routes
From: Ignatios Souvatzis <ignatios%cs.uni-bonn.de@localhost>
Date: Fri, 13 Feb 2009 15:45:24 +0100

On Fri, Feb 13, 2009 at 08:12:37AM -0500, Greg Troxel wrote:
> 
>           case ENETUNREACH:
>           case EHOSTUNREACH:
>   +           type = ICMP6_DST_UNREACH;
>   +           code = ICMP6_DST_UNREACH_NOROUTE;
>   +           break;
>   + 
> 
> Seems fine to me to change this.  Do the specs talk about -reject
> routes, or are they beyond-the-spec? 

The latter, afaict.

> There is a route, but it's tagged
> to reject, so it's almost like ADMIN_PROHIBITED.

Nah, that's what I'd do with e.g. ipfilter. I want to tell
"the net's not there", not that it's there but forbidden to
access. If I wanted to forbid access, I'd do it with ipfilter
or pf etc.

        -is

References:
- IPv6 reject routes
  - From: Ignatios Souvatzis
- Re: IPv6 reject routes
  - From: Greg Troxel

Prev by Date: Re: [netbsd4.0]could you tell me why NetBSD did not send link-local NS when NetBSD, rebooted.
Next by Date: packet filters for NetBSD in the future
Previous by Thread: Re: IPv6 reject routes
Next by Thread: packet filters for NetBSD in the future
Indexes:

Home | Main Index | Thread Index | Old Index