On Mon, 10 Sep 2001, David Stevens wrote:
[snip Cc: list a bit]
> > (device-specific forwarding toggle might be a good thing too, but
> >separate issue to be discussed):
>
> BTW, I came across this bit from RFC2460:
>
> Note: it is possible, though unusual, for a device with multiple
> interfaces to be configured to forward non-self-destined packets
> arriving from some set (fewer than all) of its interfaces, and to
> discard non-self-destined packets arriving from its other interfaces.
> Such a device must obey the protocol requirements for routers when
> receiving packets from, and interacting with neighbors over, the
> former (forwarding) interfaces. It must obey the protocol
> requirements for hosts when receiving packets from, and interacting
> with neighbors over, the latter (non-forwarding) interfaces.
>
> I don't see any place for a global "forwarding" flag in this interpretation,
> except as a convenience for turning all interfaces on or off. The code (other
> than sysctl) I think ought to use per-interface flags.
True; for simplicity, there are a few implementations who haven't done it
this way though. (not that per-interface flags shouldn't be a goal).
> Whether a router is eligible to be a defaut router should be determined by
> a separate flag, "AdvSendAdvertisements" in RFC2461, if the concern was that
> a backwater router would become a default router for some hosts. I haven't
> looked at radvd to see if it supports that, but by my reading, having IsRouter
> true shouldn't by itself add a router to the default-router list for a host. I
> thought that was your concern, Alexy-- did I misunderstand your comments?
> It does say that IsRouter being cleared is reason to remove a router
> from the default-router list, but I think they should be added only based
> on router advertisements. So, having forwarding enabled alone wouldn't mean
> hosts would use the router as a default router.
As noted in the draft (I'm sure you read it, but to summarize), IsRouter
flag is basically used for Neighbour Unreachability Detection, for
detecting when 1) a router goes down or 2) changes from router to host.
The flag is also set in neighbour advertisements, which, even though radvd
or similar would be run, would still be sent by the kernel (IIRC).
As far as I can see, adding IsRouter flag isn't, in and of itself,
currently harmful if you don't have "AdvSendAdvertisements" set (by radvd)
-- so the scenario you describe shouldn't happen. The countrary,
AdvSendAdvertisements without IsRouter, seems like a potentially very bad
scenario though.
--
Pekka Savola "Tell me of difficulties surmounted,
Netcore Oy not those you stumble over and fall"
Systems. Networks. Security. -- Robert Jordan: A Crown of Swords
|