[124711] in North American Network Operators' Group
Re: legacy /8
daemon@ATHENA.MIT.EDU (Leen Besselink)
Sun Apr 4 09:46:00 2010
Date: Sun, 04 Apr 2010 15:44:07 +0200
From: Leen Besselink <leen@consolejunkie.net>
To: nanog@nanog.org
In-Reply-To: <32099.1270316348@localhost>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 04/03/2010 07:39 PM, Valdis.Kletnieks@vt.edu wrote:
> On Sat, 03 Apr 2010 08:06:44 EDT, Jeffrey Lyon said:
>
>
>> For small companies the cost of moving to IPv6 is far too great,
>> especially when we rely on certain DDoS mitigation gear that does not
>> yet have an IPv6 equivalent.
>>
> So? How many people are *realistically* being hit by IPv6 DDoS right now?
> (I saw a number in the last 2-3 days that 2-3% of spam is now being delivered
> via SMTP-over-IPv6). You may not need that gear as much as you thought...
>
>
This maybe ?:
http://labs.ripe.net/content/spam-over-ipv6
"Out of the total number of emails received, 14% were received over
IPv6, the rest over IPv4."
"Looking only at the number of e-mails received over IPv6, 3.5% were
classified as spam, the rest were legitimate."
But then again this is a pretty low number as well:
"Looking only at the number of emails received over IPv4: 31% were
classified as spam, the rest were legitimate."
Some of us deal with 98% or more.
> Did you tell your mitigation gear vendor 5 years ago that their next model
> needed to have IPv6 support?
>
> Given that currently most stuff is dual-stack, and IPv6 isn't totally
> widespread, what are the effects of doing IPv6 DDoS mitigation by simply
> turning off IPv6 on your upstream link and letting traffic fall back to IPv4
> where you have mitigation gear?
>
>
