On 6/25/14 10:08 AM, Dan Wing wrote: > <snip> > > IPv6 privacy addresses aren't changed very frequently -- I see them > change only every 24 hours. Can they change more frequently with > sysctl or application encouragement? I know NAPT assigns a new port > for every connection, which is how often we need a new IPv6 privacy > address to provide NAPT-equvilence host obfuscation. you pay the price for that in the size of your ND cache. which unlike that napt connection table doesn't get expired when the connection terminates. having thousands of l3 nexthops for each device isn't a great way to scale ethernet switches.
Attachment:
signature.asc
Description: OpenPGP digital signature