<<On Tue, 13 Jun 2017 22:14:21 -0700, Rui Paulo <rpa...@me.com> said:
> Pretty sure these problems have been addressed by now, given the amount > of computers, smart phones, tablets, etc. running with privacy > extensions enabled. They've been "fixed" mostly by hiding big networks behind NATs and leaving them IPv4-only. And in some enterprises by implementing DHCPv6. (We haven't done the latter but expect to if I can ever get the time.) There have been no fixes to the NDP or MLD protocols that would make "privacy" addresses as specified safe to use in large networks, and it's highly unlikely that there ever will be, given that fixing the protocols would set back IPv6 adoption even further. When I first ran into this, people seriously said things to me like "duh, obviously every office in your building should have its own separate /64". I kid you not. That was the recommended "solution": broadcast domains with two or three machines on them. That's fine for your home network hanging off a cable modem, not OK for an office building with a thousand people and twice that many computers in it. -GAWollman _______________________________________________ freebsd-net@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
