nanog mailing list archives

Re: IPv6 Loopback/Point-to-Point address allocation

From: Thomas Bellman <bellman () nsc liu se>
Date: Sun, 10 Sep 2017 12:56:08 +0200

On 2017-09-10 00:09, Baldur Norddahl wrote:

You want to configure point to point interfaces as /127 or /126 even if you
allocate a full /64 for the link. This prevents an NDP exhaustion attack
with no downside.


An alternative is to just have link-local addresses on your point-to-
point links.  At least on your internal links where you run your IGP.
On external links, where you run eBGP or static routes, it's probably
more trouble than it is worth, though, since link-local addresses can
change if you replace the hardware, requiring a config change on the
other end.  (Also, I'm not sure all BGP implementations support using
link-local addresses.)


        /Bellman

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

IPv6 Loopback/Point-to-Point address allocation Kody Vicknair (Sep 09)
- Re: IPv6 Loopback/Point-to-Point address allocation Baldur Norddahl (Sep 09)
  - Re: IPv6 Loopback/Point-to-Point address allocation Nick Hilliard (Sep 10)
    - Re: IPv6 Loopback/Point-to-Point address allocation Enno Rey (Sep 10)
    - Re: IPv6 Loopback/Point-to-Point address allocation Job Snijders (Sep 10)
    - Re: IPv6 Loopback/Point-to-Point address allocation Enno Rey (Sep 10)
    - Re: IPv6 Loopback/Point-to-Point address allocation Enno Rey (Sep 10)
    - Re: IPv6 Loopback/Point-to-Point address allocation sthaug (Sep 10)
  - Re: IPv6 Loopback/Point-to-Point address allocation Thomas Bellman (Sep 10)
    - Re: IPv6 Loopback/Point-to-Point address allocation Saku Ytti (Sep 10)
    - Re: IPv6 Loopback/Point-to-Point address allocation Enno Rey (Sep 10)
    - Re: IPv6 Loopback/Point-to-Point address allocation Nikolay Shopik (Sep 11)
    - Re: IPv6 Loopback/Point-to-Point address allocation Owen DeLong (Sep 11)
    - Message not available
    - Re: IPv6 Loopback/Point-to-Point address allocation Owen DeLong (Sep 15)
- Re: IPv6 Loopback/Point-to-Point address allocation Masood Ahmad Shah (Sep 09)
- Re: IPv6 Loopback/Point-to-Point address allocation Owen DeLong (Sep 11)
- Re: IPv6 Loopback/Point-to-Point address allocation Lee Howard (Sep 11)
  - Re: IPv6 Loopback/Point-to-Point address allocation Saku Ytti (Sep 12)
- <Possible follow-ups>
- RE: IPv6 Loopback/Point-to-Point address allocation Kody Vicknair (Sep 09)