nanog mailing list archives

Re: NIST IPv6 document

From: Jack Bates <jbates () brightok net>
Date: Fri, 07 Jan 2011 08:46:32 -0600


On 1/7/2011 8:17 AM, Tim Chown wrote:

As RFC6018 suggests, this could be done dynamically on any given active subnet.

Unfortunately, I don't see support for it in major router vendors forservice providers. Currently, flow + arp/ND/routing tables are utilizedto determine a variety of situations, but even then, flow collection islimited at higher speeds.

I considered a 1 in 200 approach, but the iBGP tables will go throughthe roof for a single DHCPv6 pool in a single pop. I a worse problemwith darknets than those scanning have with scanning a /64, especiallysince their scans are likely to be more targeted and not as random.


Jack

Current thread:

Re: NIST IPv6 document, (continued)
- - - Re: NIST IPv6 document Miquel van Smoorenburg (Jan 06)
    - Re: NIST IPv6 document Joe Greco (Jan 06)
    - Re: NIST IPv6 document Dobbins, Roland (Jan 05)
    - Re: NIST IPv6 document Valdis . Kletnieks (Jan 06)
    - Re: NIST IPv6 document Jack Bates (Jan 06)
    - Re: NIST IPv6 document Dobbins, Roland (Jan 06)
    - Re: NIST IPv6 document Dobbins, Roland (Jan 06)
    - Re: NIST IPv6 document Joe Greco (Jan 06)
    - Re: NIST IPv6 document Jack Bates (Jan 06)
    - Message not available
    - Re: NIST IPv6 document Tim Chown (Jan 07)
    - Re: NIST IPv6 document Jack Bates (Jan 07)
    - Re: NIST IPv6 document Jeff Wheeler (Jan 05)
    - Message not available
    - NIST IPv6 document Jeff Wheeler (Jan 05)
    - Re: NIST IPv6 document Joe Greco (Jan 05)
    - Re: NIST IPv6 document Dobbins, Roland (Jan 05)
    - Re: NIST IPv6 document Paul Ferguson (Jan 05)
    - Re: NIST IPv6 document William Allen Simpson (Jan 06)
    - Re: NIST IPv6 document Jack Bates (Jan 06)
    - Re: NIST IPv6 document Joel Jaeggli (Jan 05)
    - Re: NIST IPv6 document Paul Ferguson (Jan 05)
    - Re: NIST IPv6 document Jack Bates (Jan 06)

(Thread continues...)