On Thu, 6 Feb 2014, Anders Löwinger wrote:
Ok, then you have not understood the problem with IPv6 in shared VLANs. You need to allow some communication between the user ports on L2, to get the IPv6 control procotol to work. You do this on IPv4 today, with proxy arp etc. Its much more complex in IPv6.
No, you don't. It works perfectly well without direct port-to-port communication, you just have to align L3 configuration with this L2 behavior (which can be done in IPv6 but not in IPv4). IPv6 can be made to work without on-link /64, with only DHCPv6 IA_NA (optional) and only DHCPv6-PD. This means all communication goes via the router which then is perfectly aligned with how the L2 looks like with port isolation/private vlan. -- Mikael Abrahamsson email: swmike@swm.pp.se