Re: Should routers send redirects by default?

[Mark Smith <nanog () 85d5b20a518b8f6864949bd940457dc124746ddc nosense org>]

On Sat, 21 Aug 2010 09:12:47 -0500
Jack Bates <jbates () brightok net> wrote:

> Eric J. Katanich wrote:
> > You disable it on the host and if no host is using it, you might as well 
> > disable it on the router as wel. Others mentioned
> > some routers need to handle this in software instead of hardware, which 
> > is obviously slower.
>
> Most redirects are limited in their rate, so it generally is unnoticed 
> on the router, but yes, to be fully optimized, turning it off isn't a 
> bad idea. Here's a better one. Put the router's choice in the RA on a 
> per prefix basis (and of course DHCPv6 for non-RA setups).

I'm don't think that would work.

In IPv6, redirects serve two purposes, where as in IPv4 they only
served one -

o  allow an IPv6 router to indicate to an end-node that another onlink
IPv6 router is a better path towards the destination (i.e. the IPv4
purpose).

This situation doesn't seem to occur very often - when there are two
routers on a link they're usually there for availability, rather than
presenting a significantly different set of paths to potential offlink
destinations. Usually they'll be hidden behind a single virtual router
via HSRP or VRRP.

o  allow an IPv6 router to indicate to an end-node that the destination
it is attempting to send to is onlink. This situation occurs when the
router is more informed than the origin end-node about what prefixes
are onlink.

This shouldn't happen very often either, as multiple onlink IPv6 routers
should be announcing the same Prefix Information Options in their RAs,
and therefore end-nodes should be fully informed as to all the onlink
prefixes. ICMPv6 redirects in this scenario would only occur during the
introduction of that new prefix information i.e. the time gap between
when the first and second onlink routers are configured with new prefix
information.

So a redirect status parameter isn't prefix specific. 




> Any router/host communication agreements really should have a profile 
> setup. If the router is acting in a certain way, it should be able to 
> notify the host. If RA is disabled and a pure DHCPv6 setup was deployed, 
> obviously the DHCPv6 server would need to provide the necessary router 
> information (mtu, icmp unreachable support, etc).
>
> It bugs me that we setup automation support such as between routers and 
> hosts and don't include all the different details that both really 
> should agree on (such as icmp redirects, or even the ability to push 
> routes to hosts, ie modify redirects to support prefix or host based 
> redirects since we are starting over here).
>
>
> Jack