Re: What is Brocade up to here?
https://ripe67.ripe.net/presentations/288-Jen_RIPE67.pdf includes similar behaviors. -- Tassos sth...@nethelp.no wrote on 27/10/2013 17:35: % host brocade.com brocade.com has address 144.49.210.200 brocade.com has IPv6 address 2620:100:4:6401::20 If I try "telnet 2620:100:4:6401::20 80" I get this rather "interesting" result (my IPv6 address is 2001:8c0:9602:1::2): 16:27:01.107632 IP6 2001:8c0:9602:1::2.14710 2620:100:4:6401::20.80: Flags [S], seq 148079426, win 65535, options [mss 1440,nop,wscale 3,sackOK,TS val 1218395701 ecr 0], length 0 16:27:01.289048 IP6 2620:100:4:6400::7 2001:8c0:9602:1::2: ICMP6, neighbor solicitation, who has 2001:8c0:9602:1::2, length 32 16:27:01.289200 IP6 2620:100:4:6400::7 2001:8c0:9602:1::2: ICMP6, neighbor solicitation, who has 2001:8c0:9602:1::2, length 32 Since brocade.com is around 80 ms and more than 15 router hops away, I'm really curious about the neighbor solicitation. It is quite consistent. (Oh yeah, I never get an answer from port 80 on the IPv6 address. But HE takes care of things nicely, so brocade.com works in my browser.) Anybody know what Brocade is up to here? Steinar Haug, AS 2116
Re: What is Brocade up to here?
On Oct 28, 2013, at 8:29 AM, Sander Steffann wrote: Hi, It's been broken for months, too. Happy Eyeballs seems to work pretty well for the internet. Did they just fix it? I did send them a heads-up, so they might. I also immediately gave a heads up to one of my contacts there, and heard back that they fixed it last night. No details yet on exactly what was misconfigured. --Ron
Re: Over-utilisation of v6 neighbour slots
On 21/10/13 20:35, Phil Mayers wrote: Specifically, our Cisco 6500/sup720 ran out of IPv6 FIB slots, as num_routes + num_neighs exceeded 32k (the default IPv4/IPv6 TCAM split on this platform being 192k/32k). I wanted to follow up on this. Some folks from Cisco kindly contacted me off-list, and correctly guessed that a large number of the IPv6 neighbour entries were in state STALE, and pointed me to the relatively new: ipv6 nd cache expire seconds ...interface-level command. This wasn't in the IOS train we were running until relatively recently, so I hadn't seen it before. Having applied this, we saw a sharp drop in v6 neighbour count, although it didn't seem to take effect on existing entries - I was able to force it by flapping the interface and refreshing all the neighbours. The entries seem to expire after ipv6 nd cache expire + ipv6 nd reachable-time i.e. I see a max age in the neighbour table of 24 minutes for parameter values of 1200 and 30 (in seconds and milliseconds) respectively. There are also a bunch of newer per-interface ND commands (per-IF ND cache size limits, for example) that could help with resource exhaustion, so people on Cisco gear should take a look.