Fri, 27 Apr 2007

4:32 PM - ipv6 type 0 routing headers

CURRENT and STABLE both have the patch for ipv6 type 0 routing headers.  The problem is that ipv6 routing headers could be run over the same link multiple times.  We've been debating how to best handle this problem over the last few days.  It was a known issue with the RFC, however, OpenBSD recently brought it to everyones attention.  Their solution was just to add an ifdef 0 in the code which seemed rather poor.  There are research cases where this could be useful.  If your system is not acting as an ipv6 router, it is not needed anyway.  While most MidnightBSD systems are intended for desktop use, home users often use *NIX systems for personal routers, etc. 

We chose to use the FreeBSD approach of adding a new sysctl to enable the old behavior. 

For more information, consult the OpenBSD website or the FreeBSD security advisory FreeBSD-SA-07:03.ipv6. 

0 comments