On Wed, Nov 6, 2013 at 6:53 PM, Mikael Abrahamsson <swmike@swm.pp.se> wrote:
Where in the standards does it say that a packet with any of these headers should/may/must not be used on the Internet?
I don't understand the reasoning at all. My opinion is that yes, we perhaps should not create packet generators that send line-rate with small packets with these headers "because we can", but I see little reason not to generally create a test that perhaps does a few pps (or less) of sending these packets (all combinations of headers) to test what happens.
There is nothing on the Internet today stopping anyone with IPv6 access to generate these packets, so if it breaks the equipment, it's probably better that someone like RIPE, running Atlas probes, discovers this rather than a script kiddie out there then posting it to full-disclosure.
My concern is as follows: let's say I create UDM to send packets with some dodgy ext. headers combination, run it from a large number of probes and suddenly trigger a nasty bug crashing routers across the Internet. First of all, distributed nature of the measurement might lead to significant impact on Internet stability comparing to me running such experiment from my local machine at home. That's why I believe # of probes running the test simultaneously should be limited. Secondly, probe hosts might get into trouble for their probes sending "malicious" packets so I think hosts should be aware of potentially risky measurements running on their probes. A host might be willing to cooperate but nobody wants unpleasant surprises. -- SY, Jen Linkova aka Furry