Geoff on IPv4 Exhaustion
Eric Vyncke (evyncke)
evyncke at cisco.com
Mon Nov 21 14:40:27 CET 2011
Eugen,
While the 'remote IPv6 address scan' is real, please be ensure that most (if not all) router vendors have addresses this problem :-)
(as with all DoS, this means saving the router but still denying services to valid customers in some implementations).
-éric
> -----Original Message-----
> From: ipv6-ops-bounces+evyncke=cisco.com at lists.cluenet.de [mailto:ipv6-ops-
> bounces+evyncke=cisco.com at lists.cluenet.de] On Behalf Of Eugen Leitl
> Sent: lundi 21 novembre 2011 09:26
> To: ipv6-ops at lists.cluenet.de
> Subject: Re: Re: Geoff on IPv4 Exhaustion
>
> On Mon, Nov 21, 2011 at 01:01:08PM +0900, Erik Kline wrote:
>
> > The "hard outer shell, soft chewy center" model ends up being more
> > like the Monty Python Crunchy Frog sketch anyway. =)
>
> Given the potential for the router becoming the chokepoint
> (e.g. IPv6 address scans) I wonder whether the current
> model (hardened systems with software firewall sitting
> on a switch open to the hostile environment) will
> become dominant.
>
> And with ubiquitous multihoming each server could well become a
> router, and deal with passing traffic as well as load-level
> own connections.
>
> I can see how distributing policy across such tangle of routers
> could become a bitch, though.
>
> --
> Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
> ______________________________________________________________
> ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
> 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the ipv6-ops
mailing list