legacy /8

William Warren hescominsoon at emmanuelcomputerconsulting.com
Sun Apr 11 11:31:28 CDT 2010


On 4/3/2010 1:39 PM, Valdis.Kletnieks at vt.edu wrote:
> On Sat, 03 Apr 2010 08:06:44 EDT, Jeffrey Lyon said:
>
>    
>> For small companies the cost of moving to IPv6 is far too great,
>> especially when we rely on certain DDoS mitigation gear that does not
>> yet have an IPv6 equivalent.
>>      
> So?  How many people are *realistically* being hit by IPv6 DDoS right now?
> (I saw a number in the last 2-3 days that 2-3% of spam is now being delivered
> via SMTP-over-IPv6).  You may not need that gear as much as you thought...
>
> Did you tell your mitigation gear vendor 5 years ago that their next model
> needed to have IPv6 support?
>
> Given that currently most stuff is dual-stack, and IPv6 isn't totally
> widespread, what are the effects of doing IPv6 DDoS mitigation by simply
> turning off IPv6 on your upstream link and letting traffic fall back to IPv4
> where you have mitigation gear?
>
>    
Not a valid argument.  When ipv6 gets widely used then the DDOS will 
follow it.  I have to agree with the previous poster about not wanting 
to move until his DDOS mitigation gear supports V6.  Many of the 
security products i use are just now starting to go v6 capable.  I would 
not want to move to V6 even if i could until all of my security 
gear/software is properly V6 tested.




More information about the NANOG mailing list