Point-to-point /64

Jeroen Massar jeroen at massar.ch
Sat Jun 1 23:55:36 CEST 2013


On 2013-06-01 14:01, Ole Troan wrote:
> 
> 
> On 1 Jun 2013, at 22:56, Jeroen Massar <jeroen at massar.ch> wrote:
> 
>> One thing to keep in mind though is that quite some gear is
>> optimized upto the first /64 bits, and might use slower paths for
>> longer prefixes, thus if one is going to put a lot of /128s in a
>> single /64, thus when really stuffing all p2p links in a single /64
>> or so, it might hurt performance on the gear being used. As such,
>> do ask your vendor about their limitations.
> 
> If you are talking about router to router links, then typicall little
> traffic is forwarded to any of the link addresses. This should
> generally not be a concern.

As the subject was about 'security', more in the rule of DoS/DDoS, the
problem becomes that some miscreants target exactly those addresses
because they are expected to not forward much....

Indeed for normal operation it should be okay, but miscreants are
getting smarter too...

Greets,
 Jeroen



More information about the ipv6-ops mailing list