cvs commit: src/sys/netinet6 route6.c

Kevin Oberman oberman at
Mon Apr 23 19:57:36 UTC 2007

> From: "George V. Neville-Neil" <gnn at>
> Date: Mon, 23 Apr 2007 09:32:04 +0000 (UTC)
> Sender: owner-cvs-all at
> gnn         2007-04-23 09:32:04 UTC
>   FreeBSD src repository
>   Modified files:
>     sys/netinet6         route6.c 
>   Log:
>   Turn off route header processing for now due to issues pointed out
>   by Philippe Biondi and Arnaud Ebalard.  This is a temporary fix
>   until more discussion can be had on the exact risks involved in
>   allowing source routing in IPv6
>   Submitted by:   itojun
>   Reviewed by:    jinmei
>   MFC after:      1 day
>   Revision  Changes    Path
>   1.13      +7 -0      src/sys/netinet6/route6.c


Thanks! I was just typing up a request for this or a sysctl to control
the processing of RH0. And thanks for NOT breaking RH2 while you were at
it. (That has happened elsewhere.)

I am hoping for a sysctl to manage this with the default set disable RH0
processing. I have reviewed the Biondi/Ebalard report and the risks look
very real to me. It looks serious enough that it should go into
RELENG_6_2, too. 

As an engineer for a network that routes IPv6 universally and the user
of a FreeBSD system that actively employs IPv6 in normal and essential
operations, this looks to have the potential for a spectacular
DOS. (Note that this message started out over an IPv6 path.)

Thanks again!
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at			Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 224 bytes
Desc: not available
Url :

More information about the cvs-src mailing list