On Tue, 31 May 2011, Philip Homburg wrote:
No, ND is more clever than that. All traffic between prefixes that are on-link goes directly between the hosts. Even when the prefix is off-link it is possible for the router the send a redirect ICMP to cause further traffic to be directly between the hosts.
I hope there is a recommendation in the standard to have a knob to turn this off? With security functions like forced-forwarding and alike, I'd definitely not want the hosts to try to communicate directly between each other.
I was under the impression that if I don't announce an on-link prefix at all, and just do DHCPv6, there hosts would not try to communicate with each other directly (ie there is no routing to support this function). You're saying my presumption is not true?
Why would a host try to do ND for something that is not on-link according to its routing table?
-- Mikael Abrahamsson email: swm...@swm.pp.se -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
