[134486] in North American Network Operators' Group
Re: NIST IPv6 document
daemon@ATHENA.MIT.EDU (Julien Goodwin)
Thu Jan 6 08:25:58 2011
Date: Fri, 07 Jan 2011 00:25:07 +1100
From: Julien Goodwin <nanog@studio442.com.au>
To: John Levine <johnl@iecc.com>
In-Reply-To: <20110106050130.18520.qmail@joyce.lan>
Cc: nanog@nanog.org
Reply-To: jgoodwin@studio442.com.au
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 06/01/11 16:01, John Levine wrote:
>> Still, the idea that "nobody will scan a /64" reminds me of the days
>> when 640K ought to be enough for anybody, ...
>
> We really need to wrap our heads around the orders of magnitude
> involved here. If you could scan an address every nanosecond, which I
> think is a reasonable upper bound what with the speed of light and
> all, it would still take 500 years to scan a /64. Enumerating all the
> addresses will never be practical. But there's plenty of damage one
> can do with a much less than thorough enumeration.
I'm probably ruining an interview question from $COMPANYTHATDIDN'THIREME
but think just of a 64-bit counter, *if* you had the ability to iterate
through 32-bits every second[1] it still takes ~136 years to go all the
way through 64 bits.
I don't know about you, but that doesn't worry me. At that point it's a
straight bandwidth DoS.
What makes much more sense is mapping the first /112 or so of a subnet,
the last /112 or so, that will catch most static hosts and routers, then
if you really want just iterate through the 2^46 valid assigned
MAC's[2], much less if you make some assumptions about which OUI's are
likely to exist on a subnet[3].
Julien
1: ie, think of a 4.3ish Ghz CPU that can do "i++ and jump to 0" in a
single instruction
2: One bit lost for broadcast, one bit for local/global addresses
3: Skipping all unassigned is obvious, but there's a huge amount that
will match systems you'll never care about, 2^36 is probably not far off.
