We disable them. We wish our vendors would expose these hidden defaults in their codebase (nvgen, etc).
Just because it is in an rfc does not make it right :-) it should be changed. Jared Mauch On Aug 19, 2010, at 6:00 PM, "Hemant Singh (shemant)" <[email protected]> wrote: > For the 4th time to this mailer. What do you do with shipping routers as of > 10 years back that have Redirect enabled by default because of the SHOULD in > RFC 2461 and RFC 4861? Why is this point so hard to understand or being > ignored? > > Hemant > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Christopher Morrow > Sent: Thursday, August 19, 2010 5:55 PM > To: [email protected] > Cc: [email protected]; [email protected] > Subject: Re: Router redirects in Node Requirements document > > On Thu, Aug 19, 2010 at 4:22 PM, <[email protected]> wrote: >>>> Redirects are a key part of the Internet architecture. Always have >>>> been. >>> >>> Not sure if you actually looked at the configuration sampling I posted, but >>> redirects are not actually used in networks these days. The only places >>> where i've seen it used are in "hacked together" networks and were removed. >>> While perhaps useful in the 80's and early 90's, there have been numerous >>> cases where redirects have been harmful to networks that I've operated. >> >> Agreed, redirects should *not* be enabled by default. >> > > wow, longest thread about 2 words... ever. > > Please take my vote as: > 1) redirects MUST be implemented. > I don't like them, they don't have auth info in them, but I can see > cases where they may be useful. > 2) redirects MUST NOT be on by default > I can see a vendor deciding that on platform X they choose to enable > redirects as a default. I hope that no router with more than 2 > interfaces on it, and meant for 'not in the home' usage would choose > this path. > > editorial-foo: > Quite a bit of the conversation seems like particular use cases being > abused for a point. > > I can see that for large/core network devices there is no need, and > significant complexity in maintaining codebase with redirects. In > these places I'd prefer to just not have it included at all, but I > definitely don't need it on by default. > > For enterprise-edge, CMTS, wireless deployments I can see that using > redirects may be more useful (leaving aside the issues Jared brings up > about 'well designed' network architectures) so having the codebase > there seems 'ok' to me, suggested configs and/or default configs on > those platforms may even have it enabled. > > For home/cpe type deployments maybe it makes more sense to have this > enabled, so linksys/dlink/buffalo/etc could choose to just enable it, > worst case the consumers revolt and .... it gets disabled in the next > rev. > > -chris > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > [email protected] > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > [email protected] > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
