|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Mon, 07 Jan 2008 14:06:28 -0500 From: Deepak Jain <deepak@ai.net> Reply-To: deepak@ai.net To: James Hess <mysidia@gmail.com> CC: NANOG list <nanog@nanog.org> In-Reply-To: <6eb799ab0801042104w452314caod8558f037aaf3894@mail.gmail.com> Errors-To: owner-nanog@merit.edu [lots of comments about the size of a /64]... Am I the only one who imagines most ISPs will just assign the default IP to each /64 (or whatever they issue) (e.g. all zeros or mostly zeros or just the MAC addy of the end CPE).. This would a) dramatically reduce the "breadth" of IPv6 space from a scanning perspective and b) even guessing MAC addys is not that hard given manufacturer codes. IPv6 seems very, very classful to me, and I think the lessons we learned in the pre-CIDR days about amplification and address-guessing and topology determination by remote are still pretty relevant. Obviously the firewall bit changes those expectations -- assuming they are used. But if we assume that 2^96 is enough space to hide in... well, I'm pretty sure we'll see every kind of mess we've had to deal with in the past revisit their gifts upon us. Deepak
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |