[153414] in North American Network Operators' Group
Re: ipv6 book recommendations?
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Jun 5 18:36:35 2012
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAP-guGXuoMAJ-crr7roi-Kk6EdMcHxcA43poaOJTxLefHmg+Gw@mail.gmail.com>
Date: Tue, 5 Jun 2012 15:30:56 -0700
To: William Herrin <bill@herrin.us>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jun 5, 2012, at 3:23 PM, William Herrin wrote:
> On 6/5/12, Owen DeLong <owen@delong.com> wrote:
>> On Jun 5, 2012, at 2:23 PM, William Herrin wrote:
>>> c. If it's a point to point, a reasonable practice seems to be a /64
>>> per network area and around /124 per link. Works OK for ethernet point
>>> to points too.
>>
>> /64 is perfectly reasonable per point to point as well.
>
> Hi Owen,
>
> Sure, but with the neighbor discovery cache issues that come up with
> /64's under attack, why open yourself to trouble where you can't
> realize any benefit?
>
Why permit external traffic aimed at your point to point links at all?
No external traffic, no attack surface.
Owen
