Templin, Fred L wrote:
Some links rely on unicast RS/RA and not multicast. Wouldn't
unicast-only proxy ND avoid the looping issues you were
concerned with?
No.
If the network is misconfigured you can get loops. An example: we have
host A sending (even a unicast NS) to the L2 address for router R1 for
target B, that causes R1 to send (even a unicast NS) to what it thinks
is the L2 address for B, but that turns out to be an incorrect L2
address. For instance if that L2 address is that of some other router R2
that does proxy ND, then it might in turn originate a NS for B send to
the L2 address of R1. Then we'd have R1 and R2 sending NS packets for
target B to each other at full line rate without any limit.
If some of the NS are multicast the risk gets worse, because the looping
can be combined with the multicast duplication. In the example,
multicast might mean that R3 and R4 would also receive an NS for B and
decide they need to send a NS for B to R1.
But the unicast looping is bad enough.
Erik
--------------------------------------------------------------------
IETF IPv6 working group mailing list
ipv6@ietf.org
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
