[168322] in North American Network Operators' Group
Re: Experiences with IPv6 and Routing Efficiency
daemon@ATHENA.MIT.EDU (Mukom Akong T.)
Sun Jan 19 13:29:24 2014
In-Reply-To: <52DBFA26.2070901@foobar.org>
From: "Mukom Akong T." <mukom.tamon@gmail.com>
Date: Sun, 19 Jan 2014 22:28:27 +0400
To: Nick Hilliard <nick@foobar.org>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Jan 19, 2014 at 8:15 PM, Nick Hilliard <nick@foobar.org> wrote:
> If some third party decides to send packets
> to a massive number of addresses on that LAN, then the router which is
> forwarding these packets will attempt to perform ND for these addresses.
> This can trivially be used as a cache exhaustion attack, which can cause
> regular connectivity on that LAN to be trashed.
>
I totally forgot about this scenario. Yes it is a real problem.
--=20
Mukom Akong T.
http://about.me/perfexcellence | twitter: @perfexcellent
---------------------------------------------------------------------------=
---------------------------------------------------------------
=E2=80=9CWhen you work, you are the FLUTE through whose lungs the whisperin=
g of the
hours turns to MUSIC" - Kahlil Gibran
---------------------------------------------------------------------------=
----------------------------------------------------------------
