[190327] in North American Network Operators' Group
Re: Quick question regarding: Problematic IPv6 Multicast traffic
daemon@ATHENA.MIT.EDU (Baldur Norddahl)
Fri Jun 24 13:00:33 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <90f40c0a2e1c274032f10a66281d4dc5.squirrel@66.201.44.180>
From: Baldur Norddahl <baldur.norddahl@gmail.com>
Date: Fri, 24 Jun 2016 19:00:28 +0200
To: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
IPv6 NDP is multicast so you can not block multicast with a layer 2 ACL.
You need L3 ACL to block all multicast except NDP packets.
Of course any switch in use at a major transition point in the internet
should have that capability.
Regards,
Baldur
On 24 June 2016 at 18:27, Bob Evans <bob@fiberinternetcenter.com> wrote:
>
> Is it true that managed Layer2 switches used by IX's can not block IPv6
> multicast ingress port traffic from broadcasting to all ports ?
>
> ___Yes , seen many IXs with IPv6 multicast continuing yet IPv4 multicast
> is blocked.
>
> ___No , All should be able to bock IPv6 multicast.
>
> ___Only a few specific managed switch manufacturers have this issue with
> IPv6 multicast broadcasting.
>
> You're knowledge on this problem would be helpful.
>
> Thank You in advance.
>
> Bob Evans
> CTO
>
>
>
>
>
>
>
