Blackholing IPv6 traffic RTBH
Jon Harald Bøvre
jon at bovre.no
Fri Feb 4 20:26:14 CET 2011
Hi
For blackholing undesired a common practice (according to Cisco) is to
route the undesired traffic to test-net 192.0.2.1.
ip route 192.0.2.1 255.255.255.255 Null0
Working on implementing this in a dual-stacked network I could easily
find a /64 (or perhaps /128), but standarization in the internet
community makes this easier to document and understand
My idea was to to map 192.0.2.1 to a 6to4 prefix to ensure this to be
unique:
ipv6 route 2002:C000:0201::/64 Null0
I wonder if there is any RFC or best practice for how to do this in IPv6?
Jon Harald Bøvre
Hafslund Telekom Nettjenester
Norway
My purpose is to do source and destination based remote triggered black
hole routing (RTBH) for IPv4 and IPv6 equally. I believe there will be a
lot of misconfigured IPv6 systems coming.
More information about the ipv6-ops
mailing list