Re: Broadband Forum liaison to IETF on IPv6 security
Eric Levy-Abegnoli <elevyabe@cisco.com> Fri, 06 November 2009 09:43 UTC
Return-Path: <elevyabe@cisco.com>
X-Original-To: ipv6@core3.amsl.com
Delivered-To: ipv6@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id DFB0728C15B; Fri, 6 Nov 2009 01:43:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.591
X-Spam-Level:
X-Spam-Status: No, score=-9.591 tagged_above=-999 required=5 tests=[AWL=1.008, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OJe45zf22AQ8; Fri, 6 Nov 2009 01:43:43 -0800 (PST)
Received: from ams-iport-1.cisco.com (ams-iport-1.cisco.com [144.254.224.140]) by core3.amsl.com (Postfix) with ESMTP id 888C428C148; Fri, 6 Nov 2009 01:43:42 -0800 (PST)
Authentication-Results: ams-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Ak0AAHN+80qQ/uCWe2dsb2JhbACEc5Z9AQEWJAaoGocSkHqBMoI4UwSBZw
X-IronPort-AV: E=Sophos;i="4.44,691,1249257600"; d="scan'208";a="53782011"
Received: from ams-core-1.cisco.com ([144.254.224.150]) by ams-iport-1.cisco.com with ESMTP; 06 Nov 2009 09:44:04 +0000
Received: from xbh-ams-101.cisco.com (xbh-ams-101.cisco.com [144.254.74.71]) by ams-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id nA69i4eE019771; Fri, 6 Nov 2009 09:44:04 GMT
Received: from xmb-ams-105.cisco.com ([144.254.74.80]) by xbh-ams-101.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 6 Nov 2009 10:44:04 +0100
Received: from [144.254.53.124] ([144.254.53.124]) by xmb-ams-105.cisco.com with Microsoft SMTPSVC(6.0.3790.3959); Fri, 6 Nov 2009 10:44:04 +0100
Message-ID: <4AF3EFE3.7000404@cisco.com>
Date: Fri, 06 Nov 2009 10:44:03 +0100
From: Eric Levy-Abegnoli <elevyabe@cisco.com>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: Mikael Abrahamsson <swmike@swm.pp.se>
Subject: Re: Broadband Forum liaison to IETF on IPv6 security
References: <AFC1ACFB-FDFA-482C-AAF9-7995F5CEFE1F@broadband-forum.org> <F311A255-3303-4C9D-B270-D1D23DE31E31@cisco.com> <AF742F21C1FCEE4DAB7F4842ABDC511C11D7EE@XMB-RCD-114.cisco.com> <3C6F21684E7C954193E6C7C4573B762703676D7FCE@IMCMBX1.MITRE.ORG> <alpine.DEB.1.10.0911060728160.22728@uplift.swm.pp.se>
In-Reply-To: <alpine.DEB.1.10.0911060728160.22728@uplift.swm.pp.se>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
X-OriginalArrivalTime: 06 Nov 2009 09:44:04.0137 (UTC) FILETIME=[AD3AF190:01CA5EC5]
X-Mailman-Approved-At: Fri, 06 Nov 2009 09:05:52 -0800
Cc: Thomas Narten <narten@us.ibm.com>, List <ipv6@ietf.org>, SAVI@core3.amsl.com, "william.allen.simpson@gmail.com" <william.allen.simpson@gmail.com>, Hesham Soliman <hesham@elevatemobile.com>, Erik Nordmark <erik.nordmark@sun.com>, "savi-ads@tools.ietf.org" <savi-ads@tools.ietf.org>, Robin Mersh <rmersh@broadband-forum.org>, "6man-ads@tools.ietf.org" <6man-ads@tools.ietf.org>, "Susan Thomson (sethomso)" <sethomso@cisco.com>, "Fred Baker (fred)" <fred@cisco.com>, "v6ops-ads@tools.ietf.org" <v6ops-ads@tools.ietf.org>, IETF@core3.amsl.com, IPv6 Operations <v6ops@ops.ietf.org>, Mailing List <savi@ietf.org>, "JINMEI Tatuya /", 神明達哉 <jinmei@isl.rdc.toshiba.co.jp>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2009 09:43:44 -0000
Mikael Abrahamsson a écrit : > On Thu, 5 Nov 2009, Dunn, Jeffrey H. wrote: > >> I may be missing something, but it appears that, in the cases >> described, the two hosts downstream of two separate cable modems are >> off link to each other. This brings up the question: Do there two >> cable modems constitute two virtual interfaces, like two VLANs on the >> same physical router interface? If so, this is an architectural, >> rather than an implementation, question. Thoughts? > > This is basically "forced forwarding" for the L2 aggregation layer. > It's often done on ETTH deployments as well as cable environments, in > IPv4 it's done in conjunction with local-proxy-arp (in your IP subnet, > the ISP router will answer all ARP requests with its own MAC and all > traffic between clients within the subnet is done via the router which > does not send out ICMP redirects). > > In my mind it's unsuitable for clients to run SLAAC in these > environments and the only real alternative is full DHCPv6(-PD) with > SAVI-like functionality in the L2 equipment along the way (in v4 the > L2 equipment does DHCP-snooping and installs L3 filters accordingly). > The initial question mentionned link-local duplicate. For a reason: ther are not assigned by DHCPv6 which preq their existence and unicity. SLACC is your only choice. Eric
- Fwd: Broadband Forum liaison to IETF on IPv6 secu… Fred Baker
- RE: Broadband Forum liaison to IETF on IPv6 secur… Hemant Singh (shemant)
- RE: Broadband Forum liaison to IETF on IPv6 secur… Dunn, Jeffrey H.
- RE: Broadband Forum liaison to IETF on IPv6 secur… Hemant Singh (shemant)
- RE: Broadband Forum liaison to IETF on IPv6 secur… Dunn, Jeffrey H.
- RE: Broadband Forum liaison to IETF on IPv6 secur… Mikael Abrahamsson
- Re: Fwd: Broadband Forum liaison to IETF on IPv6 … Thomas Narten
- Re: Broadband Forum liaison to IETF on IPv6 secur… Eric Levy-Abegnoli
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Dunn, Jeffrey H.
- Re: Broadband Forum liaison to IETF on IPv6 secur… james woodyatt
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Antonio Querubin
- RE: Broadband Forum liaison to IETF on IPv6 secur… Stark, Barbara
- Re: Broadband Forum liaison to IETF on IPv6 secur… Thomas Narten
- Re: Broadband Forum liaison to IETF on IPv6 secur… james woodyatt
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Dunn, Jeffrey H.
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Wes Beebee (wbeebee)
- RE: [savi] Broadband Forum liaison to IETF on IPv… Hemant Singh (shemant)
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Hemant Singh (shemant)
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Dunn, Jeffrey H.
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Hemant Singh (shemant)
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Dunn, Jeffrey H.
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Dunn, Jeffrey H.
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Hemant Singh (shemant)
- RE: Fwd: Broadband Forum liaison to IETF on IPv6 … Alan Kavanagh
- RE: [savi] Broadband Forum liaison to IETF on IPv… Alan Kavanagh