NDP DoS attack

• Previous message (by thread): NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?))
• Next message (by thread): NDP DoS attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Jared Mauch:

> Solving a local attack is something I consider different in scope
> than the current draft being discussed in 6man, v6ops, ipv6@ etc...

That's not going to happen because it's a layering violation between
the IETF and IEEE.  It has not been solved during thirty years of IPv4
over Ethernet.  Why would be IPv6 be different?

In practice, the IPv4 vs IPv6 difference is that some vendors provide
DHCP snooping, private VLANs and unicast flood protection in IPv4
land, which seems to provide a scalable way to build Ethernet networks
with address validation---but there is nothing comparable for IPv6
right now, from any vendor.

• Previous message (by thread): NDP DoS attack (was Re: Anybody can participate in the IETF (Was: Why is IPv6 broken?))
• Next message (by thread): NDP DoS attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]