nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Experiences with IPv6 and Routing Efficiency

From: Nick Hilliard <nick () foobar org>
Date: Sun, 19 Jan 2014 16:15:34 +0000
On 19/01/2014 04:08, Mukom Akong T. wrote:

Just because you can have 2^64 possible hosts on a LAN still doesn't mean
we through principles of good LAN design out the door. :-) So I'd say it's
rather the fault of shoddy network design rather than address policy.


no, it's a problem with the number of addresses available on the LAN;
nothing to do with shoddy network design.

Each device on the LAN will have a certain amount of capacity for caching
neighbour addressing details.  If some third party decides to send packets
to a massive number of addresses on that LAN, then the router which is
forwarding these packets will attempt to perform ND for these addresses.
This can trivially be used as a cache exhaustion attack, which can cause
regular connectivity on that LAN to be trashed.

Nick
Previous By Date Next
Previous By Thread Next

Current thread: