On Fri, 20 Aug 2010 20:43:39 -0400, Mark Smith <nanog@85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org> wrote:
You're assuming the cost of always hair pinning traffic on an interface is cheaper than issuing a redirect.
I am saying no such thing. (a single redirect packet is always more efficient.) I *am* saying ICMP redirects are a mistake that should not be replicated in IPv6. They are too easy to abuse, which is why they are almost universally ignored by IPv4 hosts. In a *properly* configured network, redirects should not be necessary. (everything on the local LAN should know what's on the local LAN.) [For the record, my own networks don't follow that rule. :-) Coworkers throwing random crap on the wire doesn't help. *sigh* Don't go there.] IPv6 has more than enough mistakes glued into it. Redirects are a mess that does not need to be there. For the purests who insist on making ugly networks that are trival to subvert, make ICMPv6 redirects *OPTIONAL*, *REQUIRING* explicit configuration to enable. Without strong authentication/authorization mechanisms, it'll be the same mess that it is in IPv4. --Ricky