krb5 address checks and loopback connections
crawdad at fnal.gov
Mon Jul 8 10:18:01 EDT 2002
The Linux ipv6 stack is goofy if it sends packets with
src == loopback and destination != loopback. If
draft-ietf-ipv6-default-addr-select-08.txt is accepted by the
IESG, this behavior will be officially non-compliant.
That doesn't invalidate your assumption that it won't be fixed.
However, another node on the link could spoof the IPv6 loopback
address and the Linux kernel is not required by any spec I know
to discard the incoming packet. It would be pretty broken of it
not to discard it, but we established that part already.
More information about the krbdev