On Jan 27, 2010, at 3:19 PM, Igor Gashinsky wrote:
you face 2 major issues with not using /127 for
PtP-type circuits:
1) ping-ponging of packets on Sonet/SDH links
Let's say you put 2001:db8::0/64 and 2001:db8::1/64 on a PtP
interface, and somebody comes along and ping floods 2001:db8::2,
those packets will bounce back and forth between the 2 sides of
the link till TTL expires (since there is no address resolution
mechanism in PtP, so it just forwards packets not destined for
"him" on).
Following this, IPv4 /30 would have the same problem vs /31?
2) ping sweep of death
Take the same assumption for addressing as above, and now ping
sweep 2001:db8::/64... if the link is ethernet, well, hope you
didn't have any important arp entries that the router actually
needed to learn.
Wouldn't this affect *all* /64's configured on a router, not
just point to point links? Time for glean rate limiting.
If you were really concerned, you could hard code static NDP
entries, as I think someone else pointed out.
Dale
