Perhaps we're reaching the point where we can say "We don't need an ND table for a /64 network". If the ethernet MAC is embedded in the IPv6 address, we don't need to discover it because we already know it. If the IPv6 address has been manually configured on a host, perhaps that host should now accept traffic directed to the MAC that the lower 64 bits of the IPv6 address would translate to. Perhaps this idea has been discussed somewhere and discarded for its flaws, but if not, perhaps it should be :-). Marcel (First post by the way, go easy on me :-) On Thu, Jan 6, 2011 at 10:19 AM, Jack Bates <jbates@brightok.net> wrote:
On 1/6/2011 12:26 AM, Joe Greco wrote:
A bunch of very smart people have worked on IPv6 for a very long time, and justification for /64's was hashed out at extended length over the period of years.
NDP should have been better designed. It still has the same problems we had with ARP except the address pool has magnified it.
Routers should have 1) better methods for keeping ND tables low (and maintaining only valid entries) or 2) better methods for learning valid entries than unsolicited NDP requests.
This isn't to say the protocol itself is a waste, but it should have taken in the concerns and developed the mitigation controls necessary as recommendations to the implementers.
Jack