In a message written on Fri, Mar 08, 2002 at 05:52:46PM -0800, Vadim Antonov wrote:
1) isolation of control traffic from payload traffic to eliminate possible security breaches. [snip] On #1, Internet routing protocols are notoriously weak. Using globally routable frames to carry neighbour-to-neighbour routing information is a recipe for disaster (i think everyone on this list can think of few not-yet-plugged holes arising from this approach).
This is an area of interest of mine when looking at IPv6. IPv6 has the notion of link local IP addresses, that can't (for some definition of can't) be accessed unless you are on that link. This could go a long way to fixing the problems you mention, but it introduces some additional configuration issues. In particular, the current practice of using the same link local addresses on every link means you would need to configure both the address and the port. In any event, I wonder if there is an opportunity here for additional security. Although any changes are clearly years off. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/ Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org