IPv6 Routing Header 0 is dangerous

久しぶりに SA が出てます。

I. Background

IPv6 provides a routing header option which allows a packet sender to
indicate how the packet should be routed, overriding the routing knowledge
present in a network. This functionality is roughly equivalent to the
"source routing" option in IPv4. All nodes in an IPv6 network -- both
routers and hosts -- are required by RFC 2640 to process such headers.

II. Problem Description

There is no mechanism for preventing IPv6 routing headers from being used
to route packets over the same link(s) many times.


IV. Workaround

No workaround is available.

IPv6 Routing Header 0 is dangerous

ということで、FreeBSDIPv6 使っている方はパッチを当てて kernel を作り直しましょう。