Bugtraq mailing list archives
Re: Reachable addresses on the net (was SYN floods)
From: mycroft () mit edu (Charles M. Hannum)
Date: Tue, 10 Sep 1996 21:13:20 -0400
Alan Cox <coxa () cableol net> writes:
Linux boxes at least responds to everything on the loopback interface. I'm guessing this is some form of loopback optimization..Actually its called "Reading the standards documents and following them".
Well, I just searched the STDs and RFCs looking for references to this. Omitting all the obsolete editions, I found only three references that even specify behaviour regarding the 127/8 network. 1) RFC 1700, `Assigned Numbers', says: (g) {127, <any>} Internal host loopback address. Should never appear outside a host. Note that this does not indicate that the host must accept packets for all of these addresses; only that it should not send the packets onto a network. This wording is also contained much earlier in STD 4, which is an official standard. 2) RFC 1812, `Requirements for IP Version 4 Routers', has more or less the same statement as above, and later says: A router SHOULD NOT forward any packet which has an invalid IP destination address or a destination address on network 0. A router SHOULD NOT forward, except over a loopback interface, any packet which has a destination address on network 127. A router MAY have a switch which allows the network manager to disable these checks. If such a switch is provided, it MUST default to performing the checks. This is pretty much irrelevant to the current discussion, and it's not a standard anyway. 3) RFC 1912, `Common DNS Operational and Configuration Errors', says: Certain zones should always be present in nameserver configurations: primary localhost localhost primary 0.0.127.in-addr.arpa 127.0 primary 255.in-addr.arpa 255 primary 0.in-addr.arpa 0 [...] The "localhost" address is a "special" address which always refers to the local host. It should contain the following line: localhost. IN A 127.0.0.1 The "127.0" file should contain the line: 1 PTR localhost. [...] Translating 127.0.0.1 into "localhost.dom.ain" can cause some software to connect back to the loopback interface when it didn't want to because "localhost" is not equal to "localhost.dom.ain". Although strictly speaking this is only a DNS RFC (and not a standard, at that), you'll note that it's quite explicit about which address is used. Furthermore, from a historical perspective, your argument doesn't even make sense. The usage of 127/8 for loopback originated from BSD, and BSD has never (at least by default) accepted packets for an address within this network other than 127.0.0.1. In summary, I believe your statement is simply wrong.
Current thread:
- Re: Reachable addresses on the net (was SYN floods) Jared Mauch (Sep 02)
- <Possible follow-ups>
- Re: Reachable addresses on the net (was SYN floods) der Mouse (Sep 03)
- Re: Reachable addresses on the net (was SYN floods) Alan Brown (Sep 05)
- [linux-security] samba 1.9.16p2-2 (RedHat): Damn /tmp security Zygo Blaxell (Sep 10)
- Re: Reachable addresses on the net (was SYN floods) Oliver Xymoron (Sep 03)
- Re: Reachable addresses on the net (was SYN floods) Oliver Xymoron (Sep 03)
- Re: Reachable addresses on the net (was SYN floods) Alan Cox (Sep 04)
- quick and dirty x-protect *Hobbit* (Sep 04)
- Re: Reachable addresses on the net (was SYN floods) Charles M. Hannum (Sep 10)