On Wed, Nov 30, 2011 at 2:13 PM, Owen DeLong <owen@delong.com> wrote:
On Nov 30, 2011, at 9:10 AM, Ray Soucy wrote: I do believe that there is no benefit to longer prefixes than /64. Nobody has provided any convincing evidence to the contrary.
Yes they have, thoroughly; mitigation of this one particular issue, ND table overflow is a benefit. You simply don't have to worry about this issue in the most important place it arises if you implement long prefixes for all P-t-P links from the start. I do believe there is no benefit to prefixes shorter than /126 for P-t-P links. Nobody has provided convincing evidence to the contrary.
There are better ways to mitigate ND than longer prefixes.
Please explain. What are the better ways that you would propose of mitigating ND table overflows? If you can show a rational alternative, then it would be persuasive as a better option. Keeping in mind we have already explained why stateful firewalls and ACLs are not good ways to mitigate ND overflow, they are very poor ways, because they are expensive, both up front, and continuously in the form of added maintenance work, and add a great amount of undesirable complexity. Neither of those methods pass as "better than using long prefixes". Until the "better ways" have been explained, use of long prefixes remains the best option. -- -JH