On Wednesday, January 05, 2011 10:42:25 pm George Bonser wrote: > I don't think you are understanding the problem. The problem comes from > addressing hosts that don't even exist. This causes the router to > attempt to find that host. The v6 equivalent of ARP. At some point > that table becomes full of entries for hosts that don't exist so there > isn't room for hosts that do exist.
Ok, perhaps I'm dense, but why is the router going to try to find a host that it already doesn't know based on an unsolicited outside packet? Why is the router trusting the outside's idea of what addresses are active, and why isn't the router dropping packets on the floor destined to hosts on one of its interfaces' local subnets that it doesn't already know about? If the packet is a response to a request from the host, then the router should have seen the outgoing packet (or, in the case of HSRP-teamed routers, all the routers in the standby group should be keeping track of all hosts, etc) and it should already be in the neighbor table. Sounds a bit too much like ATM SVC addressing and the old LANE business for my liking. Like I said, perhaps I'm dense and ignorant and just simply misunderstanding the issue, but I still find it hard to believe that a router would blindly trust an outside address to know about an inside address that is not already in the router's neighbor table. In the case of a server (the only case I can see for such an unsolicited packet), I would think that it would be in the router's neighbor table already, or at least the server's OS should take pains to make sure it's in the neighbor table already!
