[146937] in North American Network Operators' Group
Re: IPv6 prefixes longer then /64: are they possible in DOCSIS
daemon@ATHENA.MIT.EDU (Owen DeLong)
Mon Nov 28 16:56:03 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CALFTrnPeiBvuH+GHgwgrt4gSuLHJPkb-aCr71j+syBE2OKwENA@mail.gmail.com>
Date: Mon, 28 Nov 2011 13:51:52 -0800
To: Ray Soucy <rps@maine.edu>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Nov 28, 2011, at 7:29 AM, Ray Soucy wrote:
> It's a good practice to reserve a 64-bit prefix for each network.
> That's a good general rule. For point to point or link networks you
> can use something as small as a 126-bit prefix (we do).
>
Technically, absent buggy {firm,soft}ware, you can use a /127. There's no
actual benefit to doing anything longer than a /64 unless you have
buggy *ware (ping pong attacks only work against buggy *ware),
and there can be some advantages to choosing addresses other than
::1 and ::2 in some cases. If you're letting outside packets target your
point-to-point links, you have bigger problems than neighbor table
attacks. If not, then the neighbor table attack is a bit of a red-herring.
Owen
