Sebastian Freundt wrote:
I am struggling to make sense of this. First, the ISP does not route
anything within my network, only traffic to or from it, from the rest of the world. There is no routing within a local network, as all
Exactly. Keep that in mind. No routing within a local network.
traffic is managed by MAC address. It is entirely possible to run a local network without a router, if you don't want to be able to reach elsewhere. Also, if they spoof an address on my subnet from elsewhere, then there's no way their MAC address will be recorded anywhere other than their network, as MAC addresses are stripped off when a packet passes through a router and replaced by one for the
Nope, there is no routing within a local network you said that just 6 lines ago.
You seem to be making a habit of twisting what I say.
router port. That is, if you send an IP packet from a computer on your network to one on mine, I will not see your MAC address, but your IP packet will be carried by an Ethernet frame bearing my router's local MAC address. This means your MAC address will never, ever appear on my network or any other than your own. It's simply not possible.
You didn't understand the scenario at all.
I find much of what you say difficult to understand.
+------------------+-------------------+-------------+ | Your network /64 | Neighbour A /64 | ... +------------------+-------------------+-------------+ +----------------------------------------------------+ | router /48 | +----------------------------------------------------+
Yours is 2001:db8:0:0::/64 Neighbour A's is 2001:db8:0:1::/64
You have a router 2001:db8:0::/48
Traffic is coming in to a previously not known (or stale) address 2001:db8:0:0::4
The router issues an NDP for ::4, there is no router in your network in this example (you said that, see above). Neighbour A is clever and replies to the NDP before you can send an icmp6-unreachable.
From now on the router thinks ::4 is in your /64 but you have no control over that machine nor do you have a possibility to convince the router otherwise nor do you know where that machine is coming from.
The router should know what port contains what subnet. It should only ask for the MAC (NDP) on the appropriate network. You're asking it to accept that MAC from a network where it didn't ask and the IP address does not match the network it appears on. Do you have proof of that happening. Cache poisoning requires a host on the local network to do that. Also, if the router sends out a request for what appears to be a valid address, but for which there is no host, there will be no response. Also, in order for there to be any traffic between me and a neighbour with a different subnet there has to be a router, so "The router issues an NDP for ::4, there is no router in your network in this example (you said that, see above)." doesn't apply. What I was referring to is the situation where one host is talking to another host on the same network. A host on the other subnet does not use that method.
So why do you throw in v4 now?
To simply the example (less typing). Functionally, there's no difference between IPv6 and IPv4 in this regard.
The key idea is the hierarchy, and that facilitates smaller routing tables, but it's still wrong and wild interpretation to claim there are no individual computers in a routing table. I proved you wrong, I have more at least one in mine. And besides, what I have in my routing table has got nothing to do with the protocol itself, the protocol doesn't tell me
Much B.S. deleted. Please do yourself a favour and do some research on this topic.
how to organise my network.
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org