Sebastian Freundt wrote:
you know it searches the stale addresses first? It seems to me that
if the computer knows the addresses are stale, the active one would be checked first.
Because last time I checked Linux, BSD and IOS complied to RFC 4861, sections 7.2.2 and 7.3.2 clearly state when, why and how neighbour solicitations are sent.
After glancing through that RFC, I get the impression that "stale" is not relevant here. It appears to be related to different MAC addresses for an IP address or whether an IPv6 address is still valid. One thing to bear in mind is that IPv6 supports deprecated addresses so that an old IP address is still valid for a period of time after a new one is available.
Ok, I won't change a route willy-nilly but if someone else came along with their 4000+ computers using*my* address space there will be trouble, it's inevitable.
With IPv4, each of those 4000+ computers will have one address. With IPv6, they'd have 2 or 3 with the random address changing occasionally. How is that a significantly greater problem? Also, you
Because you're not living in the real world:) When we had a v4 network the computers were hierarchised, every working group had their 100 to 200 computers on a private net, with about 10 of them having globally routable unicast addresses.
Originally, there was no such thing as NAT and all hosts were globally routable. NAT was created to share IP addresses. There are limited scope IPv6 addresses that can be used to keep computers off the global network.
Then came IPv6, everyone was excited (well I think of it as overzealous) and it was considered a good idea to make them all globally routable. Someone read it was bad practice to split up the assigned /64 even further and so the decision was made to line them all up in one gigantic network. Daft, I know, because little did we know about*efficient* routing
The /64 subnets are required to support EUI-64 MAC addresses. EUI-48 bit MACs are extended to 64 bits by inserting FEFF in the middle. Using MAC addresses to form IPv6 addresses was around before random address generation. The other alternatives would be DHCP or manual configuration.
Oh wait, there's more, and noone really considered that, expired addresses don't just disappear from NIC, they're just flagged `invalid' which means new sockets won't/can't use them, long standing data connections be thanked you can occasionally find up to 20, but at least one*additional* *expired* address on the NICs. Where are we, right, a neighbourhood table of more than 100000 addresses, constantly icmp'd for.
If a NIC stops using an address, it will shortly disappear from the caches in the other computers & switches in the network, just like in IPv4.
don't route to computers on your local network. All addressing there
is by MAC address. Routing is used when you go to other networks via the router. But again, the other routers only have to know the route
Yes, so? I was talking about the neigh table. There is just one router on our network.
Ummm... The post I was referring to said: " As you can see, more than half the entries have to go STALE first before a new route is picked up. I know there's ip neigh flush but do I want to do that on 4000+ computers just because I changed a route? Ok, I won't change a route willy-nilly but if someone else came along with their 4000+ computers using*my* address space there will be trouble, it's inevitable." It sure sounds like you were talking about routing to me, not the neighbour table. The neighbour table or arp cache is used to match IP addresses to MAC address and is only used for hosts on the local network. Routing tables are used to determine how to reach a different network.
to your network. Then when the packet gets to your network does your
router match up the IP address with the MAC address and pass the packet to the final destination.
Nicely explained, but that's my point, the ONE router does have to keep up with all the different neighbours.
It keeps track of the MAC addresses only on the local network(s) that it's connected to. It doesn't keep track of MACs at the remote networks. You will never see a MAC from a remote network on your network, unless you have some sort of bridge between them. In that case you wouldn't need a router.
At the basic level, there's not a lot of difference between IPv4&
IPv6. Most of what applies to IPv4 also does to IPv6. Using a single address& NAT is more complex than simply routing a block of addresses.
Ah, you would have been on the side of the overexcited/underinformed (yes those are synonyms to me) people on our NOC team 4 years ago then. You don't know how much you remind me of them Please explain how NAT is simpler that just routing, when you have to add the translation to the routing. Don't forget you have to include special rules for some protocols and hosts.
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org