Re: [6man] New Version Notification for draft-nordmark-6man-impatient-nud-00.txt

[Ray Hunter <v6ops@globis.net>]

Who says that NUD can't also be used to declare an interface down/ 
detect router neighbor loss?

Maybe think of a BGP process running over TCP receiving ICMP 
unreachables because the local NUD has declared the neighbor 
unreachable. Meanwhile the other BGP partner router is still retrying at 
TCP layer because NUD has not timed out on that node. Or am I seeing 
non-existent links here?

As someone who has had more than one evening / weekend ruined in a data 
centre with sniffers looking at interactions between ARP and STP 
thrashing about and Cisco HSRP and HP MC ServiceGuard and Network 
intrusion detection/ firewall failover, I would contend that these 
mechanisms are anything but independent, even of the designers intended 
them to be that way.

Especially when a layer 2 protocol like spanning tree is thrashing, or a 
local security box is performing a local non-transparent failover, 
things can get very unpredictable with all sorts of timers working at 
various levels in the stack.

IMVHO A reliable and predictable NUD is a blessing compared to ARP ;) 
Which is why I think that breaking synchronization/ symmetry of nodes 
declaring partners unreachable may have unforeseen side effects, and 
hence the questions.

best regards,
RayH


Philip Homburg wrote:
> In your letter dated Mon, 23 May 2011 22:03:50 +0200 you wrote:
>    
>> e.g. 2. Say Node A (end host) declares node B (router) unreachable
>> locally, but node B (router) is still up and running but has not yet
>> timed out Node A.
>>      
>
> I don't think I understand your model of how a router works.
>
> To a large extent both directions are independent. A host has to get a packet
> to any default router, and uses ND to figure out where they are and whether
> they are reachable.
>
> A router uses ND to find where a host is. If ND fails, then the router simply
> cannot deliver the packet.
>
> Both failures are independent.
>
>
>