nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Using /126 for IPv6 router links

From: "Dale W. Carder" <dwcarder () wisc edu>
Date: Wed, 27 Jan 2010 23:24:48 -0600

On Jan 27, 2010, at 3:19 PM, Igor Gashinsky wrote:


you face 2 major issues with not using /127 for
PtP-type circuits:

1) ping-ponging of packets on Sonet/SDH links

        Let's say you put 2001:db8::0/64 and 2001:db8::1/64 on a PtP
        interface, and somebody comes along and ping floods 2001:db8::2,
        those packets will bounce back and forth between the 2 sides of
        the link till TTL expires (since there is no address resolution
        mechanism in PtP, so it just forwards packets not destined for
        "him" on).


Following this, IPv4 /30 would have the same problem vs /31?


2) ping sweep of death

        Take the same assumption for addressing as above, and now ping
        sweep 2001:db8::/64... if the link is ethernet, well, hope you
        didn't have any important arp entries that the router actually
        needed to learn.


Wouldn't this affect *all* /64's configured on a router, not
just point to point links?  Time for glean rate limiting.

If you were really concerned, you could hard code static NDP
entries, as I think someone else pointed out.

Dale
Previous By Date Next
Previous By Thread Next

Current thread: