Link-local and ACLs
Theodore Baschak
theodore at ciscodude.net
Mon Jul 24 21:52:16 CEST 2017
On Mon, Jul 24, 2017 at 12:46 PM, David Farmer <farmer at umn.edu> wrote:
> In practice Neighbor Discovery, and other critical protocols, need
> link-local addresses to talk to other link-local addresses and some
> multicast addresses.
>
> Also, in theory a link-local address could talk to a GUA or ULA address on
> the same link. However, in practices does this really happen? If it does
> happen in practice what are circumstances?
>
> Thanks
>
> --
> ===============================================
> David Farmer Email:farmer at umn.edu
> Networking & Telecommunication Services
> Office of Information Technology
> University of Minnesota
> 2218 University Ave SE Phone: 612-626-0815 <(612)%20626-0815>
> Minneapolis, MN 55414-3029 Cell: 612-812-9952 <(612)%20812-9952>
> ===============================================
>
Not quite 100% related, but I had an upstream provider put an artisanal
handcrafted IPv6 BCP38 ACL that didn't allow link-locals to talk to the
multicast range (or to the GUA on-link address possibly) on a port, and it
caused problems after a reboot I believe only. Things were able to keep
working for quite a while if I recall.
Theodore Baschak - AS395089 - Hextet Systems
https://bgp.guru/ - https://hextet.net/
http://mbix.ca/ - http://mbnog.ca/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20170724/89e4a1ca/attachment.html
More information about the ipv6-ops
mailing list