> I'm not sure about other switches, but for the Catalyst 3750/3750G, it
> means some quirks with IPv6 ACLs. The 3750/3750D can do ACLs on full
> /128's, but only if the lower 64 bits are EUI64. Otherwise the ACLs only
> support /64's or shorter. As I understand it, this is because Cisco made
>
> > Do you have specifics? Which vendors, which platforms, what impact?
> >
>
> I believe the Juniper PTX "supports" prefixes between /65 and /126 by
> putting them into the exact match table instead of the routing table. As
> you can imagine, that table is... smaller
However, given the intended
On 2013-06-02 16:43, Sander Steffann wrote:
Hi,
Op 3 jun. 2013, om 00:26 heeft Brian E Carpenter
het volgende geschreven:
On 03/06/2013 10:06, Steinar H. Gunderson wrote:
2013/6/2 Brian E Carpenter :
I'm not sure about other switches, but for the Catalyst 3750/3750G, it
means some quirks wi
Hi,
Op 3 jun. 2013, om 00:26 heeft Brian E Carpenter
het volgende geschreven:
> On 03/06/2013 10:06, Steinar H. Gunderson wrote:
>> 2013/6/2 Brian E Carpenter :
I'm not sure about other switches, but for the Catalyst 3750/3750G, it
means some quirks with IPv6 ACLs. The 3750/3750D can
On 03/06/2013 10:06, Steinar H. Gunderson wrote:
> 2013/6/2 Brian E Carpenter :
>>> I'm not sure about other switches, but for the Catalyst 3750/3750G, it
>>> means some quirks with IPv6 ACLs. The 3750/3750D can do ACLs on full
>>> /128's, but only if the lower 64 bits are EUI64.
>> Huh? How can i
On 03/06/2013 08:49, Darren Pilgrim wrote:
...
> I'm not sure about other switches, but for the Catalyst 3750/3750G, it
> means some quirks with IPv6 ACLs. The 3750/3750D can do ACLs on full
> /128's, but only if the lower 64 bits are EUI64.
Huh? How can it possibly know that? (see draft-ietf-6
On 2013-06-02 13:49, Darren Pilgrim wrote:
means some quirks with IPv6 ACLs. The 3750/3750D can do ACLs on full
Correction, 3750/3750G.
On 2013-06-02 13:14, Gert Doering wrote:
Hi,
On Sun, Jun 02, 2013 at 05:49:05PM +0200, Ivan Pepelnjak wrote:
I thought it was urban lore until I started digging into data sheets for
various DC switches covered in my DC Fabrics webinar (yeah, couldn't resist ;)
All high-speed DC switches use s
Hi Gert and list,
Gert Doering writes:
> (Is there an implementation that can use an ethernet link as a true p2p
> medium without ND?
just for completeness sake: PPPoE?
> Could be made work by putting the receiving PHY into
> promiscuous mode to receive "anything that comes in" and sending wi
Hi,
On Sun, Jun 02, 2013 at 05:49:05PM +0200, Ivan Pepelnjak wrote:
> I thought it was urban lore until I started digging into data sheets for
> various DC switches covered in my DC Fabrics webinar (yeah, couldn't resist ;)
>
> All high-speed DC switches use some variant of TCAM-based forwarding
The "only" difference is that instead of attacking the target router, you're
attacking a device somewhere in the path that just happens to have a /127
prefix for the target router in its RIB (but not TCAM).
Ivan
> -Original Message-
> From: ipv6-ops-bounces+ipepelnjak=gmail@lists.cl
Jared,
>> If you are talking about router to router links, then typicall little
>> traffic is forwarded to any of the link addresses. This should generally not
>> be a concern.
>
> Except when someone decides to 'attack' them. Then you can see a lot of
> traffic.
sure, but then it is no dif
On Jun 2, 2013 11:18 AM, wrote:
>
> > > > Subnet anycast is not a supported feature or requirment in my
network.
> > >
> > > As subnet anycast is a integral part of IPv6, you might not want to
> > > support or require it, but the gear will implement it and thus one
point
> > > it will bite you as
> > > Subnet anycast is not a supported feature or requirment in my network.
> >
> > As subnet anycast is a integral part of IPv6, you might not want to
> > support or require it, but the gear will implement it and thus one point
> > it will bite you as suddenly it won't work.
> >
> > Likely thou
On Jun 1, 2013, at 5:01 PM, Ole Troan wrote:
> If you are talking about router to router links, then typicall little traffic
> is forwarded to any of the link addresses. This should generally not be a
> concern.
Except when someone decides to 'attack' them. Then you can see a lot of
traffi
On Sun, Jun 02, 2013 at 05:49:05PM +0200, Ivan Pepelnjak wrote:
> Do I have to go into what happens when a switch runs out of TCAM?
Vendors usually describe what happens "carrier grade". :-)
SCNR & in vacation mood,
Daniel
I thought it was urban lore until I started digging into data sheets for
various DC switches covered in my DC Fabrics webinar (yeah, couldn't resist ;)
All high-speed DC switches use some variant of TCAM-based forwarding. Most of
them have shared TCAM for IPv4 and IPv6 with IPv6 table size being
Hi,
On Sun, Jun 02, 2013 at 06:18:33AM +, Eric Vyncke (evyncke) wrote:
> I am sure that you know:
> http://tools.ietf.org/html/draft-ietf-opsec-lla-only-03 which is
> one way of fixing the 'scanning' problem. OTOH, AFAIK most routers
> not only allow for a /127 on a PtP (or even Ethernet) inte
Hi,
On Sat, Jun 01, 2013 at 01:56:23PM -0700, Jeroen Massar wrote:
> One thing to keep in mind though is that quite some gear is optimized
> upto the first /64 bits, and might use slower paths for longer prefixes,
I keep hearing this statement, but so far, have never heard specifics about
"which
My preferred method of implementing point to point links is allocate a /64 to
the link, then configure a /127 on the interfaces and null route the /64 on the
devices. This leaves the rest of your IGP to only have to deal with /64 and
smaller masks, which is likely to be more optimal.
If you're
20 matches
Mail list logo