[76866] in North American Network Operators' Group
Re: IPv6, IPSEC and DoS
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Sun Jan 2 05:26:39 2005
In-Reply-To: <200501020307.j0237Bf6021755@turing-police.cc.vt.edu>
Cc: NANOG list <nanog@nanog.org>
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Sun, 2 Jan 2005 11:26:09 +0100
To: Valdis.Kletnieks@vt.edu
Errors-To: owner-nanog-outgoing@merit.edu
On 2-jan-05, at 4:07, Valdis.Kletnieks@vt.edu wrote:
>> No, that list is just a starting point for the discussion. A lot of
>> stuff in the list doesn't amount to anything. (For instance, there is
>> no ARP in IPv6.)
> Yeah, ARP is basically one machine yelling "Who has this IP?" and
> another
> one answering "ME!! ME!!". In IPv6, there's something called "Neighbor
> Discovery" where one machine yells "Who has this address?" and another
> one
> yells back "ME!! ME!!". Totally different things :)
The base functionality is obviously the same. It's implemented quite
differently, though.
> (Note that they both do the exact same thing to make sure the correct
> machine is yelling "ME!! ME!!"....)
Really? So ARP uses SEND? (
http://www.ietf.org/html.charters/OLD/send-charter.html )
(Although living in a hostile subnet isn't something I would recommend
in the first place. Being on the same link opens way too many
additional attack vectors.)
