[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ip options

Subject: ip options
From: joelja at bogus.com (joel jaeggli)
Date: Tue, 03 Nov 2009 19:41:26 -0800
In-reply-to: <[email protected]>
References: <1256756748.2228.9.camel@nld06907> <[email protected]>

How about unused and/or private/local diffserve code points?


Ron Bonica wrote:
> Folks,
> 
> I would love to see the IETF OPSEC WG publish a document on the pros and
> cons of filtering optioned packets.
> 
> Would anybody on this list be willing to author an Internet Draft?
> 
>                                      Ron
>                                      (co-director IETF O&M Area)
> 
> Luca Tosolini wrote:
>> Experts,
>> out of the well-known values for ip options:
>>
>> X at r4# set ip-options ? 
>> Possible completions:
>>   <range>              Range of values
>>   [                    Open a set of values
>>   any                  Any IP option
>>   loose-source-route   Loose source route
>>   route-record         Route record
>>   router-alert         Router alert
>>   security             Security
>>   stream-id            Stream ID
>>   strict-source-route  Strict source route
>>   timestamp            Timestamp
>>
>> I can only think of:
>> - RSVP using router-alert
>> - ICMP using route-record, timestamp
>>
>> But I can not think of any other use of any other IP option.
>> Considering the security hazard that they imply, I am therefore thinking
>> to drop them.
>>
>> Is any other ip options used by: ospf, isis, bgp, ldp, igmp, pim, bfd?
>> Thanks,
>> Luca.
>>
>>
>>
>

Follow-Ups:
- ip options
  - From: isabeldias1 at yahoo.com (isabel dias)

References:
- ip options
  - From: rbonica at juniper.net (Ron Bonica)

Prev by Date: HE.net, Fremont-2 outage?
Next by Date: HE.net, Fremont-2 outage?
Previous by thread: ip options
Next by thread: ip options
Index(es):
- Date
- Thread