On Fri, 2012-10-12 at 17:57 -0700, Mark ZZZ Smith wrote:
> Here's a new version of my stateless neighbor discovery draft. Changes:
This para seems a little harder to understand than it should be:
"A default route should never be used to define a trusted
packet source prefix. If a router's operator wishes to
trust all packet sources, they should specify ::/0 as a
configured trusted prefix."
It seems to be saying "never use a default route to define a trusted
packet source prefix. If a router's operator wishes to trust all packet
sources, they should use a default route"!
Because there are no ND cache entries for a packet except at the last
router in its journey, there is no way to delegate the problem upstream.
It would be nice if, once a router had decided to start rate limiting NS
from a prefix, it could pass that info upstream to have the upstream
router rate limit it instead (or as well). I appreciate that your
mechanism is not designed to do this, but I thought I'd mention it.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer ([email protected])
http://www.biplane.com.au/kauer
http://www.biplane.com.au/blog
GPG fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017
Old fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
