[167563] in North American Network Operators' Group
Time to stopy saying there is no IPv6 traffice: was Re: ddos attacks
daemon@ATHENA.MIT.EDU (cb.list6)
Thu Dec 19 02:28:19 2013
Date: Wed, 18 Dec 2013 23:27:56 -0800
From: "cb.list6" <cb.list6@gmail.com>
To: Jon Lewis <jlewis@lewis.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Dec 18, 2013 at 5:03 PM, Jon Lewis <jlewis@lewis.org> wrote:
> On Wed, 18 Dec 2013 Valdis.Kletnieks@vt.edu wrote:
>
> On Wed, 18 Dec 2013 15:12:28 -0800, "cb.list6" said:
>>
>> I am strongly considering having my upstreams to simply rate limit ipv4
>>> UDP. It is the simplest solution that is proactive.
>>>
>>
>> What are the prospects for ipv6 UDP not suffering the same fate?
>>
>
> Roughly 0%, but there's so little v6 traffic compared to v4, you probably
> don't have to worry about v6 attack traffic yet...particularly if you're
> not dual stack yet. :)
>
>
I understand that your answer about nil IPv6 traffic may be appropriate for
your network, but for many of us IPv6 is currently a non-trivial amount of
traffic that is growing quickly. And, in some cases, IPv6 is the dominate
amount of traffic. Here are some quick stats of a few select familiar
names from http://www.worldipv6launch.org/measurements/
Google Fiber 70%
Virginia Tech 61%
Verizon Wireless 40%
Comcast 20%
AT&T Wireline 15%
T-Mobile US 6%
> ----------------------------------------------------------------------
> Jon Lewis, MCP :) | I route
> | therefore you are
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
>
