[Xorp-users] ospf4 ip-router-alert option

Pavlin Radoslavov pavlin at icir.org
Tue May 8 12:39:50 PDT 2007 

Hasso Tepper <hasso at estpak.ee> wrote:

> Michael Fox wrote:
> > Can someone explain the specific function/behavior of the "ip-router-alert
> > option" in ospf4?
> > 
> > The XORP v1.4 User Manual mentions that setting this to TRUE will put the
> > IP router alert option in all transmitted packets.  (Since this is an OSPF
> > configuration parameter, I presume that the documentation really means to
> > say ".in all transmitted OSPF packets").
> > 
> > RFC 2113 (IP Router Alert Option RFC) mentions examples of usage of the
> > option with RSVP and IGMP.  
> > 
> > I can find no mention elsewhere of the use of the IP router alert option
> > with OSPF and OSPF doesn't seem to need this option.  
> 
> Me neither and I don't need any need as well. IP router alert is for cases
> where routers need to inspect packets not addressed for them directly. I
> don't see any need for that in OSPF.
> 
> > So, the question is:  what specifically does this option do and under what
> > circumstances does this option need to be enabled in the OSPF4
> > configuration?  
> 
> Note that there is one point to enable it with current code though - if
> router alert option is enabled, IPTOS_PREC_INTERNETCONTROL is also set (see
> RawSocket::proto_socket_write()). But I fail to see logic in this as well -
> IPTOS_PREC_INTERNETCONTROL MUST be used for all routing protocols regardless
> of any settings. I don't see any reason not to do that. And if you don't,
> it makes your network very likely vulnerable to dos attacks.

I think you are right about the usage of IPTOS_PREC_INTERNETCONTROL.
I just committed a fix to CVS so now there is a separate flag that
is used as appropriate to set ip_tos in the IPv4 header to
IPTOS_PREC_INTERNETCONTROL.

About the usage of Router Alert in OSPF (which BTW is disabled by
default), my guess is that it is leftover from earlier versions of
the transmission code.
I will leave it to Atanu to confirm that we really don't need it and
should be removed.

Thanks,
Pavlin

> 
> regards,
> 
> -- 
> Hasso Tepper
> Elion Enterprises Ltd. [AS3249]
> IP & Data Networking Expert
> 
> _______________________________________________
> Xorp-users mailing list
> Xorp-users at xorp.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/xorp-users

More information about the Xorp-users mailing list