Mailinglist Archive: opensuse-factory (1578 mails)
| < Previous | Next > |
Re: [opensuse-factory] Re: 12.1 IPv6 addressing issue
- From: James Knott <james.knott@xxxxxxxxxx>
- Date: Thu, 17 Nov 2011 22:02:23 -0500
- Message-id: <4EC5CABF.7030504@rogers.com>
Sebastian Freundt wrote:
You seem to be making a habit of twisting what I say.
I find much of what you say difficult to understand.
The router should know what port contains what subnet. It should only ask for the MAC (NDP) on the appropriate network. You're asking it to accept that MAC from a network where it didn't ask and the IP address does not match the network it appears on. Do you have proof of that happening. Cache poisoning requires a host on the local network to do that. Also, if the router sends out a request for what appears to be a valid address, but for which there is no host, there will be no response. Also, in order for there to be any traffic between me and a neighbour with a different subnet there has to be a router, so "The router issues an NDP for ::4, there is no router in your network in this example (you said that, see above)." doesn't apply. What I was referring to is the situation where one host is talking to another host on the same network. A host on the other subnet does not use that method.
To simply the example (less typing). Functionally, there's no difference between IPv6 and IPv4 in this regard.
Much B.S. deleted.
Please do yourself a favour and do some research on this topic.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx
I am struggling to make sense of this. First, the ISP does not routeExactly. Keep that in mind. No routing within a local network.
> anything within my network, only traffic to or from it, from the rest
> of the world. There is no routing within a local network, as all
> traffic is managed by MAC address. It is entirely possible to run aNope, there is no routing within a local network you said that just 6
> local network without a router, if you don't want to be able to reach
> elsewhere. Also, if they spoof an address on my subnet from
> elsewhere, then there's no way their MAC address will be recorded
> anywhere other than their network, as MAC addresses are stripped off
> when a packet passes through a router and replaced by one for the
lines ago.
You seem to be making a habit of twisting what I say.
> router port. That is, if you send an IP packet from a computer onYou didn't understand the scenario at all.
> your network to one on mine, I will not see your MAC address, but your
> IP packet will be carried by an Ethernet frame bearing my router's
> local MAC address. This means your MAC address will never, ever
> appear on my network or any other than your own. It's simply not
> possible.
I find much of what you say difficult to understand.
+------------------+-------------------+-------------+
| Your network /64 | Neighbour A /64 | ...
+------------------+-------------------+-------------+
+----------------------------------------------------+
| router /48 |
+----------------------------------------------------+
Yours is 2001:db8:0:0::/64
Neighbour A's is 2001:db8:0:1::/64
You have a router 2001:db8:0::/48
Traffic is coming in to a previously not known (or stale) address
2001:db8:0:0::4
The router issues an NDP for ::4, there is no router in your network in
this example (you said that, see above).
Neighbour A is clever and replies to the NDP before you can send an
icmp6-unreachable.
> From now on the router thinks ::4 is in your /64 but you have no control
over that machine nor do you have a possibility to convince the router
otherwise nor do you know where that machine is coming from.
The router should know what port contains what subnet. It should only ask for the MAC (NDP) on the appropriate network. You're asking it to accept that MAC from a network where it didn't ask and the IP address does not match the network it appears on. Do you have proof of that happening. Cache poisoning requires a host on the local network to do that. Also, if the router sends out a request for what appears to be a valid address, but for which there is no host, there will be no response. Also, in order for there to be any traffic between me and a neighbour with a different subnet there has to be a router, so "The router issues an NDP for ::4, there is no router in your network in this example (you said that, see above)." doesn't apply. What I was referring to is the situation where one host is talking to another host on the same network. A host on the other subnet does not use that method.
So why do you throw in v4 now?
To simply the example (less typing). Functionally, there's no difference between IPv6 and IPv4 in this regard.
The key idea is the hierarchy, and that facilitates smaller routing
tables, but it's still wrong and wild interpretation to claim there are no
individual computers in a routing table. I proved you wrong, I have more
at least one in mine. And besides, what I have in my routing table has
got nothing to do with the protocol itself, the protocol doesn't tell me
Much B.S. deleted.
Please do yourself a favour and do some research on this topic.
how to organise my network.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx
| < Previous | Next > |