IPv6 network policies

Mark Smith nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org
Sun Apr 11 03:07:13 CEST 2010


On Sun, 11 Apr 2010 09:08:34 +0930
Mark Smith <nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org>
wrote:

> On Sat, 10 Apr 2010 16:47:16 +0200
> Ole Troan <otroan at employees.org> wrote:
> 
> > > So it seems to me that the IPv6 protocol is being blamed for a problem
> > > that has been created by not implementing ND completely on P2P to
> > > links. If there is no text in RFCs allowing ND NS/NAs to be avoided on
> > > P2P links, then I wonder what impact that has on claims of IPv6
> > > compliance that these implementations might be making.
> > 
> > ND has many functions. one of them is address resolution. that's not done on a link without L2 addresses.
> 
> IPv6 PPP does negotiate 64 bit IIDs, so in effect I think it's going
> close to creating L2 addresses on P2P links. I think that as those IIDs
> are not a single bit in size (i.e. "are you going to be 0, because then
> I'll be 1"), that also supports the idea that P2P links aren't meant
> to be treated specially by IPv6. 
> 
> > NUD could be done, but on most router to router links it is
> > unnecessary and not used.
> > 
> 
> I suppose this comes down to if you don't agree with (or maybe just
> don't fully understand) the way something works in an RFC, does that
> mean it's ok for you not to implement it the way the RFC says?
> 
> For a long time, IPv6 has been designed on the assumption of a
> single 64 bit IIDs and therefore subnets that have very large amounts

that should have read "single size, 64 bit IIDs"

> of address space. Running ND NS/NA on all link types, as the ND RFCs
> say should be done, protects against the ping pong problem.
> 
> It seems to me that in this case people have used existing IPv4
> (P2P) methods to guide their IPv6 implementation too much, rather than
> putting more weight on the IPv6 RFCs.
> 
> > is it a requirement to verify reachability before communicating with any node on an IPv6 link? no, and I can find little support for that position in any IPv6 RFC.
> > 
> 
> > note, that the ping pong problem isn't an IPv6 problem as such, the same problem exists with IPv4.
> > 
> 
> True. However, although IPv4 PPP doesn't protect against it, IPv4 PPP
> did a lot more neighbor discovery functions i.e. IPCP address
> negotation. As a lot of that functionality has been generalised to to
> over the top of ICMPv6, i.e. a significant design change over IPv4, as
> I said above, IPv4 is probably not a strong model of how IPv6 over P2P
> links was expected to operate.
> 
> Regards,
> Mark.



More information about the ipv6-ops mailing list