On Mar 11, 2011, at 2:02 PM, Owen DeLong wrote: > If you want to be truly anal about it, you can also block packets to > non-existent > addresses on the PtoP links.
Sure, I advocate iACLs to block traffic to p2p links and loopbacks. Still, it's best not to turn routers into sinkholes in the first place. > This isn't a one-time-use of IPv6 addresses and the one-time-uses of IPv6 > addresses are what should be considered unscalable and absurdly wasteful. I don't know that I agree with this - I can see lots of value in one-time-use addresses/blocks, and have a metaphysical degree of certitude that they'll be used that way in some cases, irrespective of what I think. > There's a lot to be said for the principle of least surprise and uniform /64s > actually help with that quite a bit. Enforcing uniformity of wasteful and potentially harmful addressing practices in the name of consistency isn't necessarily a win, IMHO. ;> > Frankly, unless you have parallel links, there isn't a definite need to even > number PtoP links for IPv6. > Every thing you need to do with an interface specific address on a PtoP link > can be done with link local. Which is why IP unnumbered caught on so well in IPv4-land, heh? ----------------------------------------------------------------------- Roland Dobbins <[email protected]> // <http://www.arbornetworks.com> The basis of optimism is sheer terror. -- Oscar Wilde
