Hi All,
In IPv4, while validating received ICMPv4 redirects, we use secure_redirects.
When set to 1, the destination router suggested in the redirect message should be one of the default gateways known to the host.
net.ipv4.conf.all.secure_redirects = 1
Is there an equivalent one for IPv6? I couldn't find one.
Also, is there a check if the source from which the ICMP redirect is sent is known to us or not.
I came across the function isatap_chksrc code in net/ipv6/sit.c file. The following lines of code do they ensure that the source is known to the host that received the redirect, or is it part of tunneling code.
Dheeraj