On 2013-06-01 15:03, Ole Troan wrote: [..] >> As the subject was about 'security', more in the rule of DoS/DDoS, the >> problem becomes that some miscreants target exactly those addresses >> because they are expected to not forward much.... >> >> Indeed for normal operation it should be okay, but miscreants are >> getting smarter too... > > In the case of /127 or /128 you'd always hit the router's host stack.
PtP links have two sides, the remote end would thus cause it to hit the final router's host stack indeed, but due to some address lookup implementation also on the intermediate hop. Just something to keep in mind. Greets, Jeroen
