[135442] in North American Network Operators' Group
Re: Using IPv6 with prefixes shorter than a /64 on a LAN
daemon@ATHENA.MIT.EDU (Roland Dobbins)
Tue Jan 25 12:50:59 2011
From: Roland Dobbins <rdobbins@arbor.net>
In-Reply-To: <4D3F0C11.5070009@brightok.net>
Date: Wed, 26 Jan 2011 00:50:42 +0700
To: nanog group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 26, 2011, at 12:44 AM, Jack Bates wrote:
> DDoS mitigation is handled differently.=20
Concur 100%. Also note that firewalls don't provide any sort of useful =
DDoS protection, marketing claims aside, so reaction tools such as =
S/RTBH, et. al. are required to protect stateful firewalls in front of =
client access LANs, and everything behind said stateful firewalls, from =
DDoS.
------------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Most software today is very much like an Egyptian pyramid, with millions
of bricks piled on top of each other, with no structural integrity, but
just done by brute force and thousands of slaves.
-- Alan Kay
