nanog mailing list archives
Re: NIST IPv6 document
From: Phil Regnauld <regnauld () nsrc org>
Date: Thu, 6 Jan 2011 11:41:17 +0100
Owen DeLong (owen) writes:
But, Jeff, if the router has a bunch of /24s attached to it and you scan them all, the problem is much larger than 250 arp entries. I think that's what Phil was getting at.
And so did Joel. If you've got a crapload of VLANs attached to a box, and you're routing these for customers (say, virtual firewall instances), you'll see this easily. I do understand the argument that sweeping a /64 will mean more L3->L2 lookups for directly connected subnets than in v4, but the problem domain remains the same, and I think it's been already explained here that there are various strategies to mitigate this. Additionnally I believe the size of typical recommended IPv6 space will probably discourage idle scanning, though this may change as the resources available increase, as Joe G. pointed out. If it does not, we'll have to address it if the existing mitigation techniques aren't sufficient. Phil
Current thread:
- Re: NIST IPv6 document, (continued)
- Re: NIST IPv6 document Jack Bates (Jan 10)
- Re: NIST IPv6 document Iljitsch van Beijnum (Jan 05)
- Re: NIST IPv6 document Jeff Wheeler (Jan 05)
- Re: NIST IPv6 document Joel Jaeggli (Jan 05)
- Re: NIST IPv6 document Jeff Wheeler (Jan 05)
- Re: NIST IPv6 document Phil Regnauld (Jan 05)
- Re: NIST IPv6 document Jeff Wheeler (Jan 05)
- Re: NIST IPv6 document Phil Regnauld (Jan 05)
- Re: NIST IPv6 document Mark Smith (Jan 06)
- Re: NIST IPv6 document Owen DeLong (Jan 06)
- Re: NIST IPv6 document Phil Regnauld (Jan 06)
- Re: NIST IPv6 document Jack Bates (Jan 05)
- Re: NIST IPv6 document Richard Barnes (Jan 05)
- Re: NIST IPv6 document TJ (Jan 05)
- Re: NIST IPv6 document Jeff Wheeler (Jan 05)
- Re: NIST IPv6 document Dobbins, Roland (Jan 05)
- Re: NIST IPv6 document TJ (Jan 06)
- Re: NIST IPv6 document Jack Bates (Jan 06)
- Re: NIST IPv6 document Seth Mattinen (Jan 05)
- Re: NIST IPv6 document Dobbins, Roland (Jan 05)
- Re: NIST IPv6 document TJ (Jan 06)