[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on draft-wbeebee-ipv6-cpe-router-01.txt
On 20 jul 2008, at 15:45, Hemant Singh (shemant) wrote:
3. I disagree with the behavior suggested for "unnumbered" model. I
don't think a CPE router should automatically open up a maintenance
loopback interface just because it doesn't get a global IP address.
Would you PLEASE use normal quoting techniques? Reading email costs
enough time as it is without everyone doing stuff in their own
particular way so automation and habits don't work.
Not quite. The unnumbered model is clearly saying the WAN interface
only acquires on a link-local address. But the WAN interface of the
Router has got to have a global IPv6 address.
You are being extremely imprecise. That is one of the reasons your
draft is in such bad shape.
The INTERFACE doesn't need a global address, but the ROUTER does.
So what choice does the
CPE Router have but to automatically spawn a Loopback interface that
will get assigned a global IPv6 address
When you need to create a packet, use a source address from another
interface that you have, i.e. a LAN interface. I believe this is
explained in the base IPv6 specs. Or ask within your company about the
behavior of "ipv6 unnumbered ..."
Creating addresses using stateless autoconfig on an interface
different than the one where the RAs were received is very wrong.
Using DHCPv6 address configuration on a router makes no sense in my
stateless DHCPv6 to acquire an IA_PD).
I don't think prefix delegation is possible in the stateless version
On 20 jul 2008, at 15:51, Hemant Singh (shemant) wrote:
The draft clearly says what ICMPv6 errors are returned by the CPE
Router, so it's not like the CPE Router is not responding to any
Existing IPv4 routers do have a ping disable feature where the
router is configured to not respond to pings.
You are again using imprecise terminology. What you mean is IPv4 CPEs
with NAT functionality. That has little to do with routing. For IPv6,
CPEs do have to be real routers and conform to normal router behavior
unless we specify exceptions.
It is of course allowed to not return echo replies.
However, since the router MUST generate other ICMPv6 messages under
other circumstances, not replying to pings doesn't make the router
invisible so there is little point in not returning ping replies.
I also said on this
thread that if the CPE Router does respond to pings, the CPE Router
needs to rate limit incoming ping reqs.
You say that you want to rate limit INCOMING pings. (Which is useless
anyway because the LAN bandwidth is much higher than the WAN
bandwdith.) If you want to do this, it makes no sense to tie that to
whether or not ping replies are sent. For the router itself this is a
non-issue because the IPv6 specs mandate that ICMPv6 messages are rate
On 20 jul 2008, at 16:43, Hemant Singh (shemant) wrote:
Please see the complete uRPF thread that we discussed on this mailer -
they were emails between July 15 - 16th, 2008.
I read it earlier today. It didn't make much sense to me. But now it
occurs to me that you actually want to run uRPF on the CPE itself. I
don't see how that's useful. What you want to do is filter out
outgoing packets on the WAN interface if they don't have a source
address that is either in the prefix delegated by the ISP or have the
router's own WAN address as a source address.