Quick question regarding: Problematic IPv6 Multicast traffic within an IX.

Baldur Norddahl baldur.norddahl at gmail.com
Fri Jun 24 17:00:28 UTC 2016


IPv6 NDP is multicast so you can not block multicast with a layer 2 ACL.
You need L3 ACL to block all multicast except NDP packets.

Of course any switch in use at a major transition point in the internet
should have that capability.

Regards,

Baldur

On 24 June 2016 at 18:27, Bob Evans <bob at fiberinternetcenter.com> wrote:

>
> Is it true that managed Layer2 switches used by IX's can not block IPv6
> multicast ingress port traffic from broadcasting to all ports ?
>
> ___Yes , seen many IXs with IPv6 multicast continuing yet IPv4 multicast
> is blocked.
>
> ___No , All should be able to bock IPv6 multicast.
>
> ___Only a few specific managed switch manufacturers have this issue with
> IPv6 multicast broadcasting.
>
> You're knowledge on this problem would be helpful.
>
> Thank You in advance.
>
> Bob Evans
> CTO
>
>
>
>
>
>
>



More information about the NANOG mailing list