[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
legacy /8
On Sun, 11 Apr 2010 12:31:28 EDT, William Warren said:
> On 4/3/2010 1:39 PM, Valdis.Kletnieks at vt.edu wrote:
> > Given that currently most stuff is dual-stack, and IPv6 isn't totally
> > widespread, what are the effects of doing IPv6 DDoS mitigation by simply
> > turning off IPv6 on your upstream link and letting traffic fall back to IPv4
> > where you have mitigation gear?
> Not a valid argument. When ipv6 gets widely used then the DDOS will
> follow it.
Totally valid.
IPv6 isn't heavily used *currently*, so it may be perfectly acceptable to
deal with the mythological IPv6 DDoS by saying "screw it, turn off the IPv6
prefix, deal with customers on IPv4-only for a few hours". After all, that's
*EXACTLY* the way you're doing business now - IPv4 only. So that's obviously
a viable way to deal with an IPv6 DDoS - do *exactly what you're doing now*.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20100411/9c7e35e9/attachment.bin>
- Follow-Ups:
- legacy /8
- From: rdobbins at arbor.net (Dobbins, Roland)
- References:
- legacy /8
- From: jeroen at mompl.net (Jeroen van Aart)
- legacy /8
- From: james.cutler at consultant.com (Cutler James R)
- legacy /8
- From: jeroen at mompl.net (Jeroen van Aart)
- legacy /8
- From: 3356 at blargh.com (Andrew Gray)
- legacy /8
- From: owen at delong.com (Owen DeLong)
- legacy /8
- From: jeroen at mompl.net (Jeroen van Aart)
- legacy /8
- From: jimb at jsbc.cc (Jim Burwell)
- legacy /8
- From: jeffrey.lyon at blacklotus.net (Jeffrey Lyon)
- legacy /8
- From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- legacy /8
- From: hescominsoon at emmanuelcomputerconsulting.com (William Warren)