Using /126 for IPv6 router links

• Previous message (by thread): Using /126 for IPv6 router links
• Next message (by thread): Using /126 for IPv6 router links
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jan 27, 2010, at 3:19 PM, Igor Gashinsky wrote:

> you face 2 major issues with not using /127 for
> PtP-type circuits:
>
> 1) ping-ponging of packets on Sonet/SDH links
>
> 	Let's say you put 2001:db8::0/64 and 2001:db8::1/64 on a PtP
> 	interface, and somebody comes along and ping floods 2001:db8::2,
> 	those packets will bounce back and forth between the 2 sides of
> 	the link till TTL expires (since there is no address resolution
> 	mechanism in PtP, so it just forwards packets not destined for
> 	"him" on).

Following this, IPv4 /30 would have the same problem vs /31?

> 2) ping sweep of death
>
> 	Take the same assumption for addressing as above, and now ping
> 	sweep 2001:db8::/64... if the link is ethernet, well, hope you
> 	didn't have any important arp entries that the router actually
> 	needed to learn.

Wouldn't this affect *all* /64's configured on a router, not
just point to point links?  Time for glean rate limiting.

If you were really concerned, you could hard code static NDP
entries, as I think someone else pointed out.

Dale

• Previous message (by thread): Using /126 for IPv6 router links
• Next message (by thread): Using /126 for IPv6 router links
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]