2010/9/9, Claudio Jeker <cje...@diehard.n-r-g.com>: >> And a new flag to struct in6_ifextra? > > Nope, it will be part of ifnet->if_xflags.
Actually, it's already in in6_ifextra->nd_ifinfo->flags, named ND6_IFF_ACCEPT_RTADV and controlled by the "ndp -i" command. However, ifconfig autoconfprivacy uses if_xflags and separating these two looks kind of dirty... Wouldn't it be better to move autoconfprivacy from ifconfig to ndp (as privacy_rtadv flag)? The option name is pretty long and the thing is ndp-related... How much would have people suffered from that change? And slowly back to the original question. Is it safe to allow accepting RAs on a router then? I mean in terms of messing with default router list (make sure the routines only touch RTF_CONNECTED and correct those XXX'ed conditions with ip forwarding). BTW: RTF_MAX comment should be "minimum priority" instead of "maximum" :-) > Because ND depends on multicast and therefor needs a local scope and > because of this we end up with addressing scopes and then we need > stateless address assignment on the local scope with duplicate address > detection and now you're deep down in the darkest of the dark holes. Strange, I always thought that stateless address assignment and link-local scope were the features of the protocol :-) DAD just comes up because it's obviously necessary. And maybe they thought multicast queries were a bonus for ISPs which cheap switches would broadcast anyway. > Hmm. Please show me a switch that actually does the ND multicast in a > non-flooding way. By default most multicast is treated like broadcast and > is flooded all over the place. So there is no gain for a hell lot of pain. Our peer's Cizcoe C4900M for example. I'm going to test our 3com 4200G as it should work too. I guess in the size that you really need it, you already have the money to find a switch that supports it. (and they probably hoped the manufacturers would cooperate ;-)) > There is nothing wrong with mutlicast where multicast is needed but > neighbor discovery (aka address resolution) is not one of those cases. > Sure the theory sounds sexy but in reality it is just painful. You got that right, it isn't necessary here. I guess I'm just lucky not being painfully hurt. > It is a forced deployment and it is only possible because many things > implied with IPv6 got killed. It is funny that all those things that > should never ever be needed in IPv6 are suddenly implemented (best example > dhcp6). I thought that that's why the autonomous flag in RA was for from the very beginning. The RFC from august 1996 has a reference to DHCPv6 in it... But yes, a lot of simple things should've been there from the beginning (RFC 5006 being probably the most user-visible one) > As an example of political nonsense look at what it took to be able to get > PI IPv6 space. Okay, I get it now... -- Martin Pelikan
