NIST IPv6 document
jbates at brightok.net
Fri Jan 7 08:46:32 CST 2011
On 1/7/2011 8:17 AM, Tim Chown wrote:
> As RFC6018 suggests, this could be done dynamically on any given active subnet.
Unfortunately, I don't see support for it in major router vendors for
service providers. Currently, flow + arp/ND/routing tables are utilized
to determine a variety of situations, but even then, flow collection is
limited at higher speeds.
I considered a 1 in 200 approach, but the iBGP tables will go through
the roof for a single DHCPv6 pool in a single pop. I a worse problem
with darknets than those scanning have with scanning a /64, especially
since their scans are likely to be more targeted and not as random.
More information about the NANOG