ietf
[Top] [All Lists]

Re: Time to move beyond the 32 bit Internet.

2014-06-25 12:25:46

On Jun 25, 2014, at 10:16 AM, joel jaeggli <joelja(_at_)bogus(_dot_)com> wrote:

On 6/25/14 10:08 AM, Dan Wing wrote:

<snip>

IPv6 privacy addresses aren't changed very frequently -- I see them
change only every 24 hours.  Can they change more frequently with
sysctl or application encouragement?  I know NAPT assigns a new port
for every connection, which is how often we need a new IPv6 privacy
address to provide NAPT-equvilence host obfuscation.

you pay the price for that in the size of your ND cache. which unlike
that napt connection table doesn't get expired when the connection
terminates. having thousands of l3 nexthops for each device isn't a
great way to scale ethernet switches.

Yep, we've seen that problem.

-d