[134409] in North American Network Operators' Group
Re: NIST IPv6 document
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Wed Jan 5 21:16:56 2011
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: Nanog Operators' Group <nanog@nanog.org>
Date: Thu, 6 Jan 2011 02:16:18 +0000
In-Reply-To: <201101060157.p061vSVd085026@aurora.sol.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 6, 2011, at 8:57 AM, Joe Greco wrote:
> The switch from IPv4 to IPv6 itself is such a change; it renders random t=
rolling through IP space much less productive.
And renders hinted trolling far more productive/necessary, invariably leadi=
ng to increased strain on already-brittle/-overloaded DNS, whois, route ser=
vers, et. al., not to mention ND/multicast abuse.
> We should not lose sight of the fact that this is generally a very positi=
ve feature; calls for packing IPv6 space more tightly serve merely to margi=
nalize that win.
Far from being a 'win', I believe it's either neutral or a net negative, du=
e to the above implications.
If we're looking at a near-future world filled with spimes, where every mol=
ecule in every nanomanufactured soda can has its own IPv6 address it uses t=
o communicate via NFC or ZigBee or whatever during the assembly/recycling p=
rocess, unnecessarily wasting IPv6 space isn't an optimal strategy.
The alleged security benefits of sparse IPv6 addressing plans are a canard,=
IMHO.
> We should be figuring out ways to make /64's work optimally, because in t=
en years everyone's going to have gigabit Internet links and we're
> going to need all the tricks we can muster to make an attacker's job hard=
er.
These are diametrically-opposed, mutually-exclusive goals, IMHO.
All in all, IPv6 is a net security negative. It has all the same problems =
of IPv4, plus new, IPv6-specific problems - *in hex*.
------------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Most software today is very much like an Egyptian pyramid, with millions
of bricks piled on top of each other, with no structural integrity, but
just done by brute force and thousands of slaves.
-- Alan Kay
