From: [email protected] [mailto:[email protected]] On Behalf Of Mark Townsley Sent: Monday, May 23, 2011 3:47 PM To: Erik Nordmark Cc: [email protected] Subject: Re: Neighbor Unreachability Detection is too impatient
>In short, NUD thought that a host which was in the neighbor cache really wasn't available (due to incorrect FW blocking at the host) removed it from the neighbor cache and started dropping packets (and causing timeouts in gmail). In test, it took about >8 pings for the problem to manifest (time for NUD to retry enough to fail), which was followed by the classic IPv6 to IPv4 failover by the host (Windows Vista). In your test did you see how many NUD probes were sent out when eight pings were sent? The reason I am asking the question is because the unicast NUD messages have to cap at three. In so many pings, I wouldn't be surprised if the host also issues an address resolution multicast NS. >Also, the Broadband Forum's WT-146 (which isn't a public document, but if you are BBF member you can take a look at it) specifies NUD as a monitoring mechanism for "IPv6 sessions" over access links (which ultimately may be tied into billing, >alerts, etc.). Note with this document's proposal and if the BBF access link has no alternative, the BBF nodes would have to implement NUD probing for a longer time. Alternatively, one could use BFD for monitoring. Hemant
-------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
