Should routers send redirects by default?

Fri Aug 20 17:20:58 UTC 2010

Polling a little bit here, there's an active discussion going on
6man at ietf about whether or not v6 routers should:
  o be required to implement ip redirect functions (icmpv6 redirect)
  o be sending these by default

Essentially 12+ years ago in RFC2461
(http://www.ietf.org/rfc/rfc2461.txt) and later in RFC4861
(http://tools.ietf.org/html/rfc4861) there are a set of message types
defined and use cases discussed which seem to lead to the idea that:
  routers should be reqiured to implement redirect logic/functionality
  routers should by default be enabled to send these redirect messages.

In ipv4 there's a relatively widely used practice of disabling ip
redirects. secure router and secure host templates disable this
functionality, and have for quite some time. There are a host of
reasons for this I don't really want to debate them though :) It would
be instructive to get a sense of how many folks do NOT disable this
sort of thing, or how many folks RELY on these functions working in
their network build today.

For the 6man discussion though, I presume that in ipv4 we take a set
of configs/actions because of somewhat sane reasons, I suspect we
would want to have the same config/end-state in v6? One proposal is to
do this with:
  o routers are required to be able to send redirect messages
  o routers should NOT do this by default

With the proviso that some consenting adults may choose to enable by
default on certain platforms (cabl/dsl CPE, enterprise-LAN)... if that
muddies the waters it'd be nice to just hear about the proposal there
and leave the hinkiness of the rest out of the picture :) I hope that
folks who currently run v6 network(s) might respond, there are quite a
few v6 operators here... I'm looking at you owen/jjb/au-dsl-folk... :)

thanks for your time, of couse if you want to chat more directly about
this the 6man list is open and at:
  <http://www.ietf.org/mail-archive/web/ipv6/current/maillist.html>

-Chris