IPv6: IS-IS or OSPFv3

Kevin Oberman oberman at es.net
Sat Dec 27 23:53:41 UTC 2008


> Date: Sat, 27 Dec 2008 15:23:25 -0500
> From: "Steven M. Bellovin" <smb at cs.columbia.edu>
> 
> On Fri, 26 Dec 2008 20:37:41 -0800
> "Kevin Oberman" <oberman at es.net> wrote:
> 
> > The main reason I prefer ISIS is that it uses CLNS packets for
> > communications and we don't route CLNS. (I don't think ANYONE is
> > routing CLNS today.) That makes it pretty secure.
> 
> Unless, of course, someone one hop away -- a peer?  a customer?  an
> upstream or downstream? someone on the same LAN at certain exchange
> points? -- sends you a CLNP packet at link level...

You mean that someone is silly enough to enable CLNS on external
interfaces? I mean, it's not by default on either Cisco or Juniper. I
don't imagine any other routers do that, either. (Of course, SOMEONE is
always that silly. But I hope the folks reading this are not.)
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net			Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 224 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20081227/9a106554/attachment.sig>


More information about the NANOG mailing list