This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ipv6-wg@ripe.net/
[ipv6-wg] IPv6 prefix delegation BCOP document available for comments and suggestions
- Previous message (by thread): [ipv6-wg] IPv6 prefix delegation BCOP document available for comments and suggestions
- Next message (by thread): [ipv6-wg] IPv6 prefix delegation BCOP document available for comments and suggestions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Jan Zorz - Go6
jan at go6.si
Wed Mar 29 08:14:59 CEST 2017
On 28/03/2017 13:28, Philip Homburg wrote: > Hi Jan, > > It's not clear to me why in Section 3.1.5, a global /64 prefix is recommended > for PPPoE connections. > > Sections 3.1.2 and 3.1.3 talk about directly connecting hosts without any > kind of CPE. As far I know, the last time that was in fashion for PPP links > was with dial-up. Hey, Thank you for reading the document and commenting, I hope you find it useful. You would be surprised how many residential customers still have CPE in bridge mode and are connecting to PPPoE service using Windows (or any other OS) PC using a PPPoE dialer, some of them even using multiple parallel PPPoE sessions from multiple computers sitting on the same network. In this case, even static /64 for WAN link would not work as in this case the assignments would not work for both of them and you need to setup a dynamic WAN numbering to accommodate multiple PPPoE sessions. People still does strange things and since this is all about documenting the current operational practice, we need to take this into account. > > So I think that for PPPoE we can safely assume that a CPE can request a prefix > using DHCPv6 PD. Yes. > > As indirectly mentioned in Section 3.1.2, assigning a global /64 to a > point-to-point link may open certain kinds of attacks. All links with a global > /64 risk a ND exhaustion attack. However, point-to-points also risk a ping-pong > attack. Indeed. I believe we covered that with recommending /127 or similar. > > For a PPPoE link these issues are trivially solved to leaving the link > unnumbered. Again, for those, using a PPPoE dialer that would not work. If you are 100% sure that nobody in your network is connecting using a PPPoE dialer, then yes, go ahead with unnumbered. Cheers, Jan
- Previous message (by thread): [ipv6-wg] IPv6 prefix delegation BCOP document available for comments and suggestions
- Next message (by thread): [ipv6-wg] IPv6 prefix delegation BCOP document available for comments and suggestions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ ipv6-wg Archives ]