On Mar 14, 2011, at 05:00 , Markus Hanauska wrote: > > [...] And here is my reply: How is DAD preventing this problem if the device > with the conflicting address in question is not connected to the network the > moment DAD is performed? [...]
Were RFC 4429 and I-D.ietf-6man-dad-proxy among the documents you read over the weekend? In general, you cannot prevent address conflict simply by reserving interface identifier patterns according to a strict plan. No plan ever survives its initial encounter with the enemy. Address conflicts MUST be dynamically resolved by protocol action, and protocols can fail when packets are lost. Retransmits help reduce failure rates, but failure cannot ever be made logically impossible. (There is math for that claim.) Duplicate Address Detection (DAD) is the mechanism by which address conflicts are resolved in IPv6. If you set DupAddrDetectTransmits to zero on an interface where DAD is required to prevent address conflicts, then the network isn't required to work properly when you do that. If the subscriber aggregation network by which you're connecting a mobile node to the Internet requires a DAD proxy to prevent address conflicts, and the DAD proxy is malfunctional, then you can expect damaged network service as a result. There is nothing special about RFC 4941 temporary addresses or RFC 3972 cryptographic addresses in this regard. Plan accordingly and stay calm. -- james woodyatt <j...@apple.com> member of technical staff, core os networking -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------