Hi, On Thu, May 26, 2011 at 8:43 AM, Marco Hogewoning <marcoh@marcoh.net> wrote:
On May 26, 2011, at 2:25 PM, Yannis Nikolopoulos wrote:
so,
other than the fact that it's wasteful, is there any other reason for not using /64 (that's what we're using) on p2p links?
I wouldn't describe it as wastwful, every subnet is per standard /64 anyway. The primary reason are security concerns like the fact that you might be able to trick a machine into sending loads of ND messages (or responses), filling up the neighbor cache or CAM table.
Yes. I recommend http://inconcepts.biz/~jsw/IPv6_NDP_Exhaustion.pdf for more details on this. It seems to be a pretty serious issue in most implementations. The author of the PDF recommends allocating /64 but using whatever fits your need. This way you'll stay ready for the future, should you have a reason to change, interoperability or other. Best regards, Martin