hescominsoon at emmanuelcomputerconsulting.com
Sun Apr 11 11:31:28 CDT 2010
On 4/3/2010 1:39 PM, Valdis.Kletnieks at vt.edu wrote:
> On Sat, 03 Apr 2010 08:06:44 EDT, Jeffrey Lyon said:
>> For small companies the cost of moving to IPv6 is far too great,
>> especially when we rely on certain DDoS mitigation gear that does not
>> yet have an IPv6 equivalent.
> So? How many people are *realistically* being hit by IPv6 DDoS right now?
> (I saw a number in the last 2-3 days that 2-3% of spam is now being delivered
> via SMTP-over-IPv6). You may not need that gear as much as you thought...
> Did you tell your mitigation gear vendor 5 years ago that their next model
> needed to have IPv6 support?
> Given that currently most stuff is dual-stack, and IPv6 isn't totally
> widespread, what are the effects of doing IPv6 DDoS mitigation by simply
> turning off IPv6 on your upstream link and letting traffic fall back to IPv4
> where you have mitigation gear?
Not a valid argument. When ipv6 gets widely used then the DDOS will
follow it. I have to agree with the previous poster about not wanting
to move until his DDOS mitigation gear supports V6. Many of the
security products i use are just now starting to go v6 capable. I would
not want to move to V6 even if i could until all of my security
gear/software is properly V6 tested.
More information about the NANOG