IPv6 point-to-point was: It's Ars Tech's turn to bang the IPv4 exhaustion drum

michael.dillon at bt.com michael.dillon at bt.com
Wed Aug 20 03:57:40 CDT 2008


> matsuzaki-san's preso, i think the copy he will present next 
> week at apops:

To summarize, using /64 on a link opens the door to a DOS
problem that we need to pressure the vendors to fix. 

Obviously, this matters more to people who are running
full-blown production IPv6 networks right now than it 
does to people in the planning stages. But everyone should
really contact their vendor and find out when this issue
will be fixed. 

What could vendors do? They could have an implied packet filter
builtin to the router code, or they could treat all odd addresses
from a /64 as implicitly assigned to the :1 end and all even 
ones as implicitly assigned to the :2 end. 

Workarounds are to use /64 on the link from a link-local
address range, or to filter incoming traffic that could
trigger the problem or to use a /127 on the link. In the
latter case, you should read and understand the implications
documented in RFC 3627 <http://tools.ietf.org/html/rfc3627>

In any case, IPv6 is not cut and dried. The landscape is still
shifting and the only way for you to learn what works and what
doesn't is to deploy it seriously.

--Michael Dillon




More information about the NANOG mailing list