it should not be a problem and when there is a problem, it would be a bug.

the most big switches support up to 4K or 8K addresses, so you are with your 1500
MAC addresses in the middle of it. why would you have a switch that supports 8000
MAC addresses in one network, when your operating system would not handle that.

that would be pitty, wouldn't it?

On Mon, 18 Feb 2013 10:57:11 +0100
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

That is actually a problem: it can be exploited for DoS purposes. --
even a remote address scanning attack might cause that as a side effect.

Cheers,
--
Fernando Gont
e-mail: ***@gont.com.ar || ***@si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1




--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

That may be true of most uses of a routing-table like structure. I
am inclined to keep mechanisms for limits on entries separate from the
data structure choice, because what I think we want is resilience
against attack and good performance in normal cases.

I have accidentally participated in an apparent DoS like this, when a
diagnostic 'is IPv6 working' account I hosted leaked to the wrong /32 and
an ISP somewhere in South America started to get saturated by a walk
across their announced space.

I believe there are commercial implementations of switch logic which do
some kind of ageing out of the ND cache to set limits on growth. Maybe a
Ptree for this stuff in NetBSD needs a timer, and a background process to
mark/sweep idle entries.

-G



--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

routing the "wrong /32" should not happen. at least it should be impossible to
connect to each other. that would be a hard misconfiguration on more places.
that would only prove how badly it looks like to our planet's internet.

neighbor discovery does also give each node a timeout, so nodes that are not powered
on should not appear in the table.

On Wed, 20 Feb 2013 00:52:25 +0000 (UTC)
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

So, the slightly rhetorical question is, why do we have entries in the NDP cache for hosts that don't exist?

I'm not 100% comfortable with cleanup threads and timers because they don't actually stop the data structure from becoming full, they just place a time limit on how long you can spend filling up the data structure. If incomplete or negative NDP entries were stored in a separate data structure from NDP cache, then a safer data structure could be used. An LRU cache or similar would result in entries being discarded when the cache is full rather than after a set time, but since this is only for incomplete or negative NDP entries, this is no great sin. An LRU cache would add a few cycles to the time taken for neighbour discovery, but that's no great sin either.

It should also be possible to borrow (very loosely) from the SYN cache & cookie hybrid to allow a fallback to some sort of stateless NDP. That would require more care and attention than I'm prepared to put into this email message though.

Cheers,
Lloyd
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

A background process won't run at the required interval - under stress
it won't be often enough, and the rest of the time it is too often.

If you just timestamp the entries you can prune idle ones during insert
(which is code that will already have the tree write locked).
The code also need only worry about items it the branch of the tree
it is processing.

David