[ipv6hackers] New IETF I-D on IPv6 ND SLLA/TLLA options (forwarding loops)
fgont at si6networks.com
Fri Feb 14 15:59:35 CET 2014
We have published a new IETF I-D on issues arising from "malicious"
Neighbor Discovery SLLA/TLLA options. The I-D is available at:
We'd welcome any comments. If you feel like sending feedback, please
send it to "draft-gont-6man-lla-opt-validation at tools.ietf.org" (without
the quotes, and make sure to CC "ipv6 at ietf.org" (without the quotes).
The aforementioned issues can, of course, be reproduced with THC-IPv6
and the IPv6 toolkit (http://www.si6networks.com/tools/ipv6toolkit).
-------- Original Message --------
From: - Fri Feb 14 11:54:20 2014
From: internet-drafts at ietf.org
To: Shucheng LIU (Will) <liushucheng at huawei.com>, Will (Shucheng) Liu
<liushucheng at huawei.com>, Fernando Gont <fgont at si6networks.com>, Ron
Bonica <rbonica at juniper.net>, Fernando Gont <fgont at si6networks.com>,
Ronald P. Bonica <rbonica at juniper.net>
Subject: New Version Notification for
Message-ID: <20140214145359.7925.43448.idtracker at ietfa.amsl.com>
Date: Fri, 14 Feb 2014 06:53:59 -0800
A new version of I-D, draft-gont-6man-lla-opt-validation-00.txt
has been successfully submitted by Fernando Gont and posted to the
Title: Validation of Neighbor Discovery Source Link-Layer Address
(SLLA) and Target Link-layer Address (TLLA) options
Document date: 2014-02-14
Group: Individual Submission
This memo documents two scenarios in which an on-link attacker emits
a crafted IPv6 Neighbor Discovery (ND) packet that poisons its
victim's neighbor cache. In the first scenario, the attacker causes
a victim to map a local IPv6 address to a local router's own link-
layer address. In the second scenario, the attacker causes the
victim to map a unicast IP address to a link layer broadcast address.
In both scenarios, the attacker can exploit the poisoned neighbor
cache to perform a subsequent forwording-loop attack, thus
potentially causing a Denial of Service.
Finally, this memo specifies simple validations that the recipient of
an ND message can execute in order to protect itself against the
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
More information about the Ipv6hackers