On Fri, 2012-10-12 at 17:57 -0700, Mark ZZZ Smith wrote: > Here's a new version of my stateless neighbor discovery draft. Changes:
This para seems a little harder to understand than it should be: "A default route should never be used to define a trusted packet source prefix. If a router's operator wishes to trust all packet sources, they should specify ::/0 as a configured trusted prefix." It seems to be saying "never use a default route to define a trusted packet source prefix. If a router's operator wishes to trust all packet sources, they should use a default route"! Because there are no ND cache entries for a packet except at the last router in its journey, there is no way to delegate the problem upstream. It would be nice if, once a router had decided to start rate limiting NS from a prefix, it could pass that info upstream to have the upstream router rate limit it instead (or as well). I appreciate that your mechanism is not designed to do this, but I thought I'd mention it. Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (ka...@biplane.com.au) http://www.biplane.com.au/kauer http://www.biplane.com.au/blog GPG fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017 Old fingerprint: DA41 51B1 1481 16E1 F7E2 B2E9 3007 14ED 5736 F687 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------