[134579] in North American Network Operators' Group
Re: NIST IPv6 document
daemon@ATHENA.MIT.EDU (Jack Bates)
Fri Jan 7 09:47:07 2011
Date: Fri, 07 Jan 2011 08:46:32 -0600
From: Jack Bates <jbates@brightok.net>
To: Tim Chown <tjc@ecs.soton.ac.uk>
In-Reply-To: <EMEW3|91a3c457881e0dfc1233890f7440c48en06EHi03tjc|ecs.soton.ac.uk|FCC42832-11CB-43F8-A438-41E6D5D845AF@ecs.soton.ac.uk>
Cc: Nanog Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 1/7/2011 8:17 AM, Tim Chown wrote:
> As RFC6018 suggests, this could be done dynamically on any given active subnet.
>
Unfortunately, I don't see support for it in major router vendors for
service providers. Currently, flow + arp/ND/routing tables are utilized
to determine a variety of situations, but even then, flow collection is
limited at higher speeds.
I considered a 1 in 200 approach, but the iBGP tables will go through
the roof for a single DHCPv6 pool in a single pop. I a worse problem
with darknets than those scanning have with scanning a /64, especially
since their scans are likely to be more targeted and not as random.
Jack
