Monday, 14 November 2011

IPv6 RoutingHeader like Loose-Source Routing (LSR)?

A question to ask is whether the IPv6 Routing Header is like Loose-Source Routing? In many ways it is extremely similar and in fact, RH0 can be used in this way. Consequently, Routing Header Type 0 was depreciated in RFC5095.

The Routing Header: Type 0 Routing Header (RH0) can be exploited in order to achieve traffic amplification over a remote path for the purposes of generating denial-of-service traffic just as with LSR.

With Type 0 Routing Headers (RH0) a packet can be constructed such that it will oscillate between two RH0-processing hosts or routers many times. This is a serious amplification that lead to the end of RH0 in the standard track as it allows a stream of packets from an attacker to be amplified along the path between two remote routers and could be used to cause congestion along arbitrary remote paths and hence act as a denial-of-service mechanism.

Worse, when coupled with the ability to assign Multiple addresses per node, we also have to ask, “Who needs spoofing”? With IPv6, spoofing becomes a non-issue as Renumbering means that for a certain lifetime, two (2) addresses are coexisting on the node.

Mobility support means that paths can be defined.

The point is when deploying IPv6, we need to take care to ensure that we think of the traffic coming into and out of our networks. More, as this is commonly encrypted in IPv6 (using IPsec), we need to think seriously about design and trust.

No comments: