nanog mailing list archives

Re: NDP DoS attack

From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 17 Jul 2011 12:47:48 +0200

* Mikael Abrahamsson:

On Sun, 17 Jul 2011, Florian Weimer wrote:

Others use tunnels, PPPoE or lots of scripting, so certainly
something can be done about it.  To my knowledge, SAVI SEND is still
at a similar stage.  Pointers to vendor documentation would be
appreciated if this is not the case.


<www.ietf.org/proceedings/79/slides/savi-6.pdf>


Interesting, thnaks.  It's not the vendors I would expect, and it's
not based on SEND (which is not surprising at all and actually a good
thing).

Is this actually secure in the sense that it ties addresses to
specific ports for both sending and receiving?  I'm asking because
folks have built similar systems for IPv4 which weren't.  The CLI
screenshots look good, better than what most folks achieve with IPv4.

_____
NANOG mailing list
NANOG () nanog org
https://mailman.nanog.org/mailman/listinfo/nanog

Current thread:

Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)), (continued)
- - - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Jimmy Hess (Jul 14)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Fernando Gont (Jul 14)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Owen DeLong (Jul 14)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Valdis . Kletnieks (Jul 15)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Dobbins, Roland (Jul 17)
    - Re: NDP DoS attack Florian Weimer (Jul 17)
    - Re: NDP DoS attack Dobbins, Roland (Jul 17)
    - Re: NDP DoS attack Mikael Abrahamsson (Jul 17)
    - Re: NDP DoS attack Florian Weimer (Jul 17)
    - Re: NDP DoS attack Mikael Abrahamsson (Jul 17)
    - Re: NDP DoS attack Florian Weimer (Jul 17)
    - Re: NDP DoS attack Mikael Abrahamsson (Jul 17)
    - Re: NDP DoS attack Florian Weimer (Jul 17)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) William Herrin (Jul 17)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Jeff Wheeler (Jul 17)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Owen DeLong (Jul 17)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Jeff Wheeler (Jul 17)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Owen DeLong (Jul 17)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) William Herrin (Jul 17)
    - Re: NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?)) Owen DeLong (Jul 17)
    - Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?) Jeff Wheeler (Jul 11)

(Thread continues...)