NIST IPv6 document
jsw at inconcepts.biz
Thu Jan 6 21:13:01 CST 2011
On Thu, Jan 6, 2011 at 9:24 PM, Joe Greco <jgreco at ns.sol.net> wrote:
> With today's implementations of things? Perhaps. However, you
> show yourself equally incapable of grasping the real problem by
> looking at the broader picture, and recognizing that problematic
> issues such as finding hosts on a network are very solvable
> problems, and that we are at an early enough phase of IPv6 that
> we can even expect some experiments will be tried.
> Look beyond what _is_ today and see if you can figure out what
> it _could_ be. There's no need for what I suggest to DoS a router;
> that's just accepting a naive implementation and saying "well this
> can't be done because this one way of doing it breaks things." It
> is better to look for a way to fix the problem.
Actually, unlike most posters on this subject, I have a very good
understanding of how everything works "under the hood." For this
reason, I also understand what is possible given the size of a /64
subnet and the knowledge that we will never have adjacency tables
approaching this size.
If you are someone who thinks, oh, those Cisco and Juniper developers
will figure this out, they just haven't thought about it hard enough
yet, I can understand why you believe that a simple fix like "no ip
directed-broadcast" is on the horizon. Unfortunately, it is not. The
only thing they can do is give more mitigation knobs to allow
operators to choose our failure modes and thresholds. To really fix
it, you need a smaller subnet or a radical protocol change that will
introduce a different set of problems.
Jeff S Wheeler <jsw at inconcepts.biz>
Sr Network Operator / Innovative Network Concepts
More information about the NANOG