Input for +Kristian Köhntopp next rant. When your MAC address starts with 4 or 6, weird things can happen and it's not always fixable.
http://seclists.org/nanog/2016/Dec/29
http://seclists.org/nanog/2016/Dec/29
- "Dear IEEE, please pause assigning MAC addresses that start with a 4 or a 6 for the next 6 years."
How about assigning only such MACs for a couple of years? Because otherwise, someone will start screaming "OMG look at all those unpatched devices, we need to extend the window!!!" in about six years…2d - Blocked by the train's firewall :/2d
- omg time goes by ... I have not accessed the Fyodor's list for years.2d
- Can someone explain this? Why are there problems with this addresses? From the text it sounds like they are misinterpreted as IPv4/6 addresses. But why?2d
- I have no idea .. as I said I'm out of date.. I don't read bugtraq for ages, but it used to be fun ... anyway I already grabbed my popcorn just in case ...2d
- +Roland Tapken That is a common problem, that because ONE value at a specific bit is interpreted more than it should be.
I remember another vendor, in which you could set a firewall rule like: "if port 22, than drop". This caused problems with some OSPF packets, because they had the value 22 at the place in which usually the port should be. The vendor forgot that ports are only valid for UDP and TCP and only checked this field.
I assume Cisco has something similiar, and because "these things never changed" it got hardcoded in the ASIC - boooom1d - +Roland Tapken you are basically tunneling different and unknown types of data inside the MPLS frames.
Imagine a (unencrypted) VPN connection between your laptop and your company or home VPN gateway.
Now a router in between wants to make an decision based on the payload of your VPN packets. But it does not know whether your VPN tunnel carries IP packets without any headers or Ethernet frames.
IP packets start with '4' or '6', and Ethernet frames start with the first nibble of the destination MAC address. If the MAC address starts with '4', the router (wrongly) assumes you carry IP and will look at some data within the Ethernet frame where it expects some value that makes sense if would be an IP packet. But as you were transmitting an Ethernet frame this location contains something else.
The decision the intermediate router then takes based on this flawed data may then lead to significant performance penalties.1d - They misspelled ASICK...1d
Related Collections