On 06/04/2013 11:30, Sander Steffann wrote: > Hi Mike, > >> IPv6 routing protocols seem in some cases to exclusively use automatic link >> local addresses. Even for manual configuration, link locals deal with the ND >> exhaustion attack problem in the core quite nicely, while also simplifying >> address management. >> >> Are there practical reasons for global addresses on router interfaces? > > Pinging interface endpoints for debugging and monitoring, being able to see > which interface is used in a traceroute, stuff like that. Routing protocols > can work perfectly fine without global addresses, but netadmins have a harder > time with just link locals :-) But true: it is something that I have tested > in the lab, and it does reduce the attack surface of the network a bit.
To be explicit, using a link local completely breaks traceroute, since ICMP replies sourced from a link local address must be discarded by the next hop, according to RFC 4291 section 2.5.6. Brian
