Experiences with IPv6 and Routing Efficiency

Nick Hilliard nick at foobar.org
Sun Jan 19 16:15:34 UTC 2014


On 19/01/2014 04:08, Mukom Akong T. wrote:
> Just because you can have 2^64 possible hosts on a LAN still doesn't mean
> we through principles of good LAN design out the door. :-) So I'd say it's
> rather the fault of shoddy network design rather than address policy.

no, it's a problem with the number of addresses available on the LAN;
nothing to do with shoddy network design.

Each device on the LAN will have a certain amount of capacity for caching
neighbour addressing details.  If some third party decides to send packets
to a massive number of addresses on that LAN, then the router which is
forwarding these packets will attempt to perform ND for these addresses.
This can trivially be used as a cache exhaustion attack, which can cause
regular connectivity on that LAN to be trashed.

Nick






More information about the NANOG mailing list