NIST IPv6 document

• Previous message (by thread): NIST IPv6 document
• Next message (by thread): NIST IPv6 document
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/7/2011 8:17 AM, Tim Chown wrote:
> As RFC6018 suggests, this could be done dynamically on any given active subnet.
>

Unfortunately, I don't see support for it in major router vendors for 
service providers. Currently, flow + arp/ND/routing tables are utilized 
to determine a variety of situations, but even then, flow collection is 
limited at higher speeds.

I considered a 1 in 200 approach, but the iBGP tables will go through 
the roof for a single DHCPv6 pool in a single pop. I a worse problem 
with darknets than those scanning have with scanning a /64, especially 
since their scans are likely to be more targeted and not as random.

Jack

• Previous message (by thread): NIST IPv6 document
• Next message (by thread): NIST IPv6 document
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]