nanog mailing list archives
Re: v6 subnet size for DSL & leased line customers
From: Leo Bicknell <bicknell () ufp org>
Date: Wed, 26 Dec 2007 16:40:02 -0500
In a message written on Wed, Dec 26, 2007 at 09:19:54PM +0100, Iljitsch van Beijnum wrote:
Many switches can enforce a MAC/port relationship, so that MAC addresses can't be spoofed.
Which gets to the crux of my question.
If you're a shop that uses such features today (MAC/Port tracking,
DHCP snooping, etc) to "secure" your IPv4 infrastructure does IPv6
RA's represent a step backwards from a security perspective? Would
IPv6 deployment be hindered until there is DHCPv6 snooping and
DHCPv6 is able to provide a default gateway, a-la how it is done
today in IPv4?
It would be very interesting to me if the answer was "it's moot
because we're going to move to CGA's as a step forward"; it would
be equally interesting if the answer is "CGA isn't ready for prime
time / we can't deploy it for xyz reason, so IPv6 is less secure
than IPv4 today and that's a problem."
--
Leo Bicknell - bicknell () ufp org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request () tmbg org, www.tmbg.org
Attachment:
_bin
Description:
Current thread:
- Re: v6 subnet size for DSL & leased line customers, (continued)
- Re: v6 subnet size for DSL & leased line customers Kevin Loch (Dec 24)
- Re: v6 subnet size for DSL & leased line customers Owen DeLong (Dec 24)
- Re: v6 subnet size for DSL & leased line customers sthaug (Dec 25)
- Re: v6 subnet size for DSL & leased line customers Stephen Sprunk (Dec 25)
- Re: v6 subnet size for DSL & leased line customers Iljitsch van Beijnum (Dec 25)
- Re: v6 subnet size for DSL & leased line customers Leo Bicknell (Dec 26)
- Re: v6 subnet size for DSL & leased line customers Florian Weimer (Dec 26)
- Message not available
- Re: v6 subnet size for DSL & leased line customers Florian Weimer (Dec 26)
- Re: v6 subnet size for DSL & leased line customers Tony Li (Dec 26)
- Re: v6 subnet size for DSL & leased line customers Iljitsch van Beijnum (Dec 26)
- Re: v6 subnet size for DSL & leased line customers Leo Bicknell (Dec 26)
- Re: v6 subnet size for DSL & leased line customers Iljitsch van Beijnum (Dec 27)
- Re: v6 subnet size for DSL & leased line customers sthaug (Dec 27)
- Re: v6 subnet size for DSL & leased line customers Iljitsch van Beijnum (Dec 27)
- Re: v6 subnet size for DSL & leased line customers sthaug (Dec 27)
- Re: v6 subnet size for DSL & leased line customers Iljitsch van Beijnum (Dec 27)
- Re: v6 subnet size for DSL & leased line customers Mark Smith (Dec 27)
- Re: v6 subnet size for DSL & leased line customers Mark Smith (Dec 27)
- Re: v6 subnet size for DSL & leased line customers Leo Bicknell (Dec 27)
- Re: v6 subnet size for DSL & leased line customers Christopher Morrow (Dec 27)
- Re: v6 subnet size for DSL & leased line customers Iljitsch van Beijnum (Dec 27)