On 12/Nov/16 16:07, Baldur Norddahl wrote:
I have not studied OSPFv3 in detail but it appears that only IPv6 link local addresses are used. Since that can not be routed, I do not think OSPFv3 exposes anything to the Internet. I would probably go with OSPFv3 if I had to configure a network without VRF support.
If I was coding an OSPFv3 daemon I would make it bind only to link local addresses on interfaces, which will guarantee that no traffic is received from outsiders.
OSPFv3 does, indeed, form adjacencies against the link-local scope - fe80::/10. This is unlike OSPFv2 which does the same on the configured IPv4 address. If I had to run OSPF, it would certainly be OSPFv3. Even when using it to carry IPv4 NLRI, you still need to run IPv6 on the corresponding interfaces as that is how adjacencies to support either or both address families are formed. Mark.