Hi, On Sun, Dec 29, 2013 at 02:09:01PM +0000, Nick Hilliard wrote: > Let me be more specific: you can only do tightly timed failover with RAs if > you announce a virtual IP address which is tied to a first-hop redundancy > protocol like vrrp/hsrp/etc. This is a vendor specific thing and is not > even supported by many vendors. > > You cannot depend on the built-in mechanisms in RA and NUD to perform fast > failover because you end up with a choice of either 10+ second failover or > else compromising your network structure due to excess icmpv6 NS packets. > Neither of these are workable solutions in production networks. > > If you want fast failover, you need to use vrrp / hsrp / carp / etc, all of > which provide mac failover at layer 2. In this situation, you need a > mechanism to deliver the default gateway information to the client. At the > moment, the only standardised option is manual configuration. This doesn't > scale.
I was talking about doing fast failover with DHCPv6. But apparently there is some misunderstanding here. You can use RAs to communicate the VRRP/HSRP/CARP/etc addresses. There is absolutely no need for manual configuration in this case. It does not need to be a global unicast address and both routers can simply RA with the virtual IP and the virtual MAC. > I'm just saying it's not possible to deploy global unicast addresses using > RA. Maybe this doesn't matter to you. It's not that important to me > either, but it may be important to some people with different network > structures. Personally, I don't like the idea of unreasonable restriction > of options when it comes to configuring networks. To deploy global unicast addresses as routing targets you mean (that by definition need to be on-link and be ND resolvable, which might of course also be realized by proxying NDs). > >> 5. there is no way to specify anything other than a default gateway. > > RDNSS is there, but not arbitary data, that's true. Yes, the big iron > no, I meant that there is no other way to specify routing information other > than a default route. E.g. if you have a box with two NICs; management > network on one NIC and production on the other, there is no way to get > dhcpv6 to instruct the client to hand off management traffic to one network > and everything else to the production side. RDNSS I don't care about. Of course that works: RFC4191. Windows routinely sent out such RAs, too. Kind regards Philipp Kern
