For some value of "normal and desired" anyway... Smells like a major scale problem to me for the BRAS to have to maintain that much state, at least if you're not making a distinction between devices which are directly connected (one pc directly connected to the modem, or a couple hanging off of a switch directly connected to the modem) and those who have a router (even if it's not NATing) in between and potentially many more devices connected behind it.
At least for the case with a router, the alternative is to use IPv6 Prefix Delegation and allow the downstream CPE router to handle the registration (be it ND or DHCP) of the devices within the local network. It doesn't eliminate the problem of ND DoS, but it does abstract it from the ISP router. Unfortunately it probably pushes it onto a router that is even less capable of handling the issue without dying, but that's still preferable to killing the ISP router and affecting many more customers at once. Thanks, Wes George -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Joel M. Halpern Sent: Wednesday, July 13, 2011 12:31 PM To: Mikael Abrahamsson Cc: [email protected] Subject: Re: /64 ND DoS I asked our PMs about this after some earlier discussions, and for many BRAS deployments of IPv6, this restriction is a natural side-effect of normal and desired behavior. I do not know what the feature name is as used in product. (I worry more about what it does, not what it is called in the marketting literature. Sorry.) Yours, Joel On 7/13/2011 12:07 PM, Mikael Abrahamsson wrote: > On Wed, 13 Jul 2011, Joel M. Halpern wrote: > >> For ISPs providing bridged residential services, the ISP normally >> operates on the basis that it gets registration information from all >> the devices in the home. Thus, it does not need to generate ND >> solicitations. > > Is there some description of this behaviour somewhere, what would this > feature be called that I can ask vendors if they have in their equipment? > > Just to be sure, we're now saying that reachability won't be had from > the outside unless the internal device keeps itself "registered" with > the ISP router. > -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 -------------------------------------------------------------------- This E-mail and any of its attachments may contain Time Warner Cable proprietary information, which is privileged, confidential, or subject to copyright belonging to Time Warner Cable. This E-mail is intended solely for the use of the individual or entity to which it is addressed. If you are not the intended recipient of this E-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this E-mail is strictly prohibited and may be unlawful. If you have received this E-mail in error, please notify the sender immediately and permanently delete the original and any copy of this E-mail and any printout. -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
