Margaret Wasserman wrote:
My understanding of the current ND Proxy work (and why I grudgingly agreed to leave it on the most recent IPv6 charter despite the fact that we had not managed to reach consensus on this proposal for several years) was that we were planning to trim down the original ND Proxy proposal to a one-hop prefix delegation mechanism (perhaps with a flag to indicate whether the prefix has already been delegated, in which case it mustn't be delegated again) to provide a non-DHCP alternative for one-hop prefix delegation. I've never been quite sure why a non-DHCP mechanism is needed, but I'm also not religiously against the idea of standardizing an alternative.
I think this should be explored further.
It might not be that hard to come up with something which is is limited to a single hop.
Here is a straw-man:
- add something to the RA which indicates that the sender is a proxy. Could be just a single 'P' bit I think.
- a proxy can take an RA which arrives without the P bit, and send it out as a RA with the P-bit.
- a proxy must not redistribute an RA with the P-bit set; if it receives any (or only?) RAs with the P-bit set, that interface can not be an upstream interface from a proxy perspective.
I haven't worked through the cases to see if this will avoid all loops; perhaps there can be (at least multicast) packet duplication if two such proxies are connected in parallel.
Erik
-------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
