IETF Logo Mail Archive

Re: [v6ops] new draft: draft-elkins-v6ops-multicast-virtual-nodes

Mikael Abrahamsson <swmike@swm.pp.se> Mon, 22 September 2014 08:09 UTC

Return-Path: <swmike@swm.pp.se>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEC7B1A1A5F for <v6ops@ietfa.amsl.com>; Mon, 22 Sep 2014 01:09:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.037
X-Spam-Level:
X-Spam-Status: No, score=-2.037 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.786, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0hsNbDRb2gcT for <v6ops@ietfa.amsl.com>; Mon, 22 Sep 2014 01:09:02 -0700 (PDT)
Received: from uplift.swm.pp.se (swm.pp.se [212.247.200.143]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 851741A1A5C for <v6ops@ietf.org>; Mon, 22 Sep 2014 01:09:02 -0700 (PDT)
Received: by uplift.swm.pp.se (Postfix, from userid 501) id 6B58DA6; Mon, 22 Sep 2014 10:09:00 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=swm.pp.se; s=mail; t=1411373340; bh=tRwUTXXMQkWRmEeO/ihy6Q+eGH0vfPieg8spg3KFkeY=; h=Date:From:To:cc:Subject:In-Reply-To:References:From; b=BXyPcdDZRztMfojLbtQLYxha1Hd6UUbIlmB8TQN2XfQJ17B8fii5TAZ83BXbVduKq 4rI/7ll1eOsj5U1DeuX/6GC+TayjaRgJnoOpktZxJcid6HR96kiDXuEkZqgts+ZvzN 0Vcqanco4msfZeUmkpXkjpum9MZ8Q110kwoju+GE=
Received: from localhost (localhost [127.0.0.1]) by uplift.swm.pp.se (Postfix) with ESMTP id 66FE3A5; Mon, 22 Sep 2014 10:09:00 +0200 (CEST)
Date: Mon, 22 Sep 2014 10:09:00 +0200
From: Mikael Abrahamsson <swmike@swm.pp.se>
To: Nalini Elkins <nalini.elkins@insidethestack.com>
In-Reply-To: <1411255504.4053.YahooMailNeo@web125102.mail.ne1.yahoo.com>
Message-ID: <alpine.DEB.2.02.1409221003200.14735@uplift.swm.pp.se>
References: <201409191147.s8JBl1Fe016458@irp-lnx1.cisco.com> <CAPi140O_WkcS9uFCSK0+tVDF3Z1sB4_UF5Zv9kpNEMh7m94Vww@mail.gmail.com> <1411154671.21942.YahooMailNeo@web125102.mail.ne1.yahoo.com> <CAPi140Ob+TeDyYfw_1A2Q55gEF5-rNrLynQ1LkGHOVnGcNcpLA@mail.gmail.com> <1411164118.44574.YahooMailNeo@web125106.mail.ne1.yahoo.com> <CAPi140M+RjEr_edAXZBuUv9dYTztQUHq5J6rTd6Ca0qHcuhrCA@mail.gmail.com> <1411170563.16646.YahooMailNeo@web125101.mail.ne1.yahoo.com> <CAPi140PC_rjguOVpyes74=by-Y504hcpsbWFxVfQ8GiudbR6sA@mail.gmail.com> <1411185266.51203.YahooMailNeo@web125102.mail.ne1.yahoo.com> <541D45DB.5010703@foobar.org> <1411222548.10128.YahooMailNeo@web125105.mail.ne1.yahoo.com> <541DB824.7080408@foobar.org> <1411255504.4053.YahooMailNeo@web125102.mail.ne1.yahoo.com>
User-Agent: Alpine 2.02 (DEB 1266 2009-07-14)
Organization: People's Front Against WWW
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; format="flowed"; charset="US-ASCII"
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/OCj_PTzhedyODDQTsnDIAXbRbYo
Cc: "draft-elkins-v6ops-multicast-virtual-nodes@tools.ietf.org" <draft-elkins-v6ops-multicast-virtual-nodes@tools.ietf.org>, "v6ops@ietf.org" <v6ops@ietf.org>
Subject: Re: [v6ops] new draft: draft-elkins-v6ops-multicast-virtual-nodes
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Sep 2014 08:09:04 -0000

On Sat, 20 Sep 2014, Nalini Elkins wrote:

> So then, are you saying that the hosting company example we gave was for a 
> particularly ignorant or incompetent firm?   That most hosting providers of IPv6

No, I think the general thinking is that they're of average ignorance and 
competency, which doesn't say much.

The general advice both for IPv4 and IPv6 is not to put a huge amount of 
nodes in the same L2 domain. This has been true for 30 years, that's why 
IP replaced the L2 bridged protocols or lots-of-years-ago.

If you're putting 284 nodes in the same broadcast domain, you're asking 
for trouble. My advice is to separate customers into separate L2 domains, 
or make sure your L2 infrastructure has some L3 functionality, for 
instance private-vlan or other filtering.

So while your draft describes a problem that might be there, asking for 
nodes to not respond to link-local FF0x::1 ICMP ECHO REQUEST isn't the 
correct solution.

Btw, how does the data center you've done testing on implement BCP38 so 
that the customers can't originate packets for addresses they do not 
"own"?

-- 
Mikael Abrahamsson    email: swmike@swm.pp.se

v2.23.0 | Report a Bug | By Email