IPv6 network policies
sthaug at nethelp.no
sthaug at nethelp.no
Sat Apr 10 16:38:16 CEST 2010
> > What I'm looking for is from _only_ those that use it, is how you
> > document it, example config snips, if/how you reserve around it and from
> > a topology standpoint how you alloc/assign it. I'm sorry, but I'm
> > talking about /126 or /127 for ptp.
>
> That may be a false fear. In the last week I've tried to cause this
> issue under IOS 12.3.20 (i.e. quite a number of years old) over a
> serial link, and no matter what I try, I cannot make it happen. I've
> tried both HDLC and PPP encapsulations, conventional address assignment,
> as well as using static interface routes for a /64 pointing out the
> serial interface on both routers at both ends of the link. RFC4443
> (ICMPv6) specifies the rule against forwarding packets back onto the
> point-to-point link it was received on, and it seems IOS has been
> RFC4443 compliant for a number of years.
>
> I haven't tried it on a p2p POS link. I can organise a test one,
> however with what I've found with a vanilla serial link, I'm wondering
> if it is worth the time.
I have a lab setup with an STM-4 link between a Cisco 12404 running
IOS XR 3.9.0 and a Juniper M7i running JunOS 9.5R4.3. The loop is very
clearly evident here, for anything other than /127 on the link. Can be
reproduced at will.
> I don't have Juniper equipment to play with, however they are also now
> claiming RFC4443 compliance for Junos 10.1.
That sounds like a good test for the lab.
> What I also discovered was that Linux and IOS aren't implementing
> complete Neighbor Discovery (i.e. NS/NA) on P2P links, and full ND
> NS/NA implementations won't suffer from this issue. I've started looking
> to find in the IPv6 RFCs if not implementing NS/NA on P2P
> links is allowable. I haven't found so in the Neighbor Discovery RFC
> and neither so in the IPv6 over PPP RFC. The current IPv6 Node
> Requirements RFC, which applies to both end-nodes and routers, also
> says ND NS/NA must be implemented on all links.
As far as I can see on the IOS XR and JunOS boxes I have tried with,
ND is *not* performed at all on p2p links.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the ipv6-ops
mailing list