Using IPv6 with prefixes shorter than a /64 on a LAN

• Previous message (by thread): Using IPv6 with prefixes shorter than a /64 on a LAN
• Next message (by thread): Using IPv6 with prefixes shorter than a /64 on a LAN
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 1/25/2011 10:58 AM, Patrick Sumby wrote:
> I would assume that in the LAN scenario where you have a /64 for your
> internal network that you would have some sort of stateful firewall
> sitting infront of the network to stop any un-initiated sessions. This
> therefore stops any hammering of ND cache etc. The argument then is that
> the number of packets hitting your firewall / bandwidth starvation would
> be the the alternative line of attack for a DoS/DDos but that is a
> completely different issue.

There are many IPv4 networks that don't implement firewall rules for 
subnets which contain servers. DDoS mitigation is handled differently. 
It would not be unexpected for these networks to do the same with IPv6.


Jack

• Previous message (by thread): Using IPv6 with prefixes shorter than a /64 on a LAN
• Next message (by thread): Using IPv6 with prefixes shorter than a /64 on a LAN
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]