Re: [v6ops] DAD again [was: draft-ietf-v6ops-host-addr-availability discussion]

"Hemant Singh (shemant)" <> Fri, 13 November 2015 15:34 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id EBB711ACE2A for <>; Fri, 13 Nov 2015 07:34:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -14.511
X-Spam-Status: No, score=-14.511 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id iRtaALxeNuio for <>; Fri, 13 Nov 2015 07:34:12 -0800 (PST)
Received: from ( []) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9E5D21ACE29 for <>; Fri, 13 Nov 2015 07:34:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=1448; q=dns/txt; s=iport; t=1447428853; x=1448638453; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=KL+OAwT+IvdZTpy5qM6HjYO9PFvHrnrdHt2Jo4BwEW8=; b=MJuF7Amc2yRUxC8MfztV5GxLGxi5jm2ENUPDVfIJ+oXvGninR/zrsUX9 6G1Hib5XE2PJQNBO20frcyIZqasGdNGbbPpxvjffUoTco6vX9MuGBbIpS Re4cNeZ5CLNryD30jVDq3fPouE3lm/4igZeTx7Jv7fvhW1OOGFEkfhjf/ Y=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.20,287,1444694400"; d="scan'208";a="207872381"
Received: from ([]) by with ESMTP; 13 Nov 2015 15:34:12 +0000
Received: from ( []) by (8.14.5/8.14.5) with ESMTP id tADFYBjM024591 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=FAIL); Fri, 13 Nov 2015 15:34:11 GMT
Received: from ( by ( with Microsoft SMTP Server (TLS) id 15.0.1104.5; Fri, 13 Nov 2015 10:34:11 -0500
Received: from ([]) by ([]) with mapi id 15.00.1104.000; Fri, 13 Nov 2015 10:34:11 -0500
From: "Hemant Singh (shemant)" <>
To: Gert Doering <>
Thread-Topic: [v6ops] DAD again [was: draft-ietf-v6ops-host-addr-availability discussion]
Thread-Index: AQHRFohEbga31qC+rEetrILg3VHRBZ6LRgsAgAa8AYCAAnb/AIAFJeaAgAAIg4CAAEiPQIAAXDaA//+8puCAAFduAP//wTpA
Date: Fri, 13 Nov 2015 15:34:11 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <> <20151113140830.GT89490@Space.Net>
In-Reply-To: <20151113140830.GT89490@Space.Net>
Accept-Language: en-US
Content-Language: en-US
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <>
Cc: "" <>
Subject: Re: [v6ops] DAD again [was: draft-ietf-v6ops-host-addr-availability discussion]
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 13 Nov 2015 15:34:14 -0000

-----Original Message-----
From: Gert Doering [] 
Sent: Friday, November 13, 2015 9:09 AM
To: Hemant Singh (shemant)
Cc: Alexandre Petrescu;
Subject: Re: [v6ops] DAD again [was: draft-ietf-v6ops-host-addr-availability discussion]

>The upstream router should reject packets coming from a downstream which is not permitted to use an IPv6 address.

Based on what?  ACL or DAD detection on the upstream router? For certain routing cases, your point is reasonable.  However, two routers may have their interfaces in the same routed domain in which case the interface responds to ND address resolution messages.  Anytime an interface responds to ND address resolution messages, the interface performs DAD for its IPv6 address(es). 

RFC4862 also supports DupAddrDetectTransmits to be zero for certain links.  Why not use this variable to disable DAD for interfaces on certain links.

>Otherwise, there is no way to ensure uniqueness on non-directly-connected interfaces - think "loopback on a router on the other side of the planet".

The router on the other side of the planet has a tunnel to the upstream router and thus the two routers are in the same routed domain.  In the same routed domain, an interface on a router responds to ND NS messages for address resolution.  Thus the interface has to also perform DAD for its IPv6 address(es).