Should routers send redirects by default?

Mark Smith nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org
Fri Aug 20 20:52:48 CDT 2010


On Fri, 20 Aug 2010 21:24:43 -0400
"Ricky Beam" <jfbeam at gmail.com> wrote:

> On Fri, 20 Aug 2010 20:43:39 -0400, Mark Smith  
> <nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org> wrote:
> > You're assuming the cost of always hair pinning traffic on an interface
> > is cheaper than issuing a redirect.
> 
> I am saying no such thing. (a single redirect packet is always more  
> efficient.)  I *am* saying ICMP redirects are a mistake that should not be  
> replicated in IPv6.  They are too easy to abuse, which is why they are  
> almost universally ignored by IPv4 hosts.
> 

I thought we were talking about IPv6 redirects not IPv4 ones. How much
do you know about their operation and purposes?

> In a *properly* configured network, redirects should not be necessary.  
> (everything on the local LAN should know what's on the local LAN.) [For  
> the record, my own networks don't follow that rule. :-) Coworkers throwing  
> random crap on the wire doesn't help. *sigh* Don't go there.]
> 
> IPv6 has more than enough mistakes glued into it.  Redirects are a mess  
> that does not need to be there.  For the purests who insist on making ugly  
> networks that are trival to subvert, make ICMPv6 redirects *OPTIONAL*,  
> *REQUIRING* explicit configuration to enable.  Without strong  
> authentication/authorization mechanisms, it'll be the same mess that it is  
> in IPv4.
> 

Know anything about IPv6 SeND?

> --Ricky




More information about the NANOG mailing list