Re: ipv6 book recommendations?

[Owen DeLong <owen () delong com>]

On Jun 5, 2012, at 3:23 PM, William Herrin wrote:

> On 6/5/12, Owen DeLong <owen () delong com> wrote:
> > On Jun 5, 2012, at 2:23 PM, William Herrin wrote:
> > > c. If it's a point to point, a reasonable practice seems to be a /64
> > > per network area and around /124 per link. Works OK for ethernet point
> > > to points too.
> >
> > /64 is perfectly reasonable per point to point as well.
>
> Hi Owen,
>
> Sure, but with the neighbor discovery cache issues that come up with
> /64's under attack, why open yourself to trouble where you can't
> realize any benefit?

It makes little sense to me to permit people outside your network
to deliver packets to your point to point interfaces. Denying this
traffic at your borders/edges eliminates all of the attacks without
having to juggle inconsistent prefix sizes or do silly bit-math to
figure out which address is at the other end of the link.

Owen