On Tue, 12 Jul 2011, Fred Baker wrote:
I suppose the same might be true of ARP. Has it been observed in the wild?
Yes. At Interop they had this exact problem because they had huge subnets (/16 or something, I don't know exactly, they had a /8 so they could "afford" it), and they had to make them smaller.
I've seen it at other places as well, in the IPv4 Internet it doesn't even need to be ddos, it only needs to be the "normal" scanning traffic that the botnets do.
This is a REAL problem already, has been forever, and I imagine if I take most IPv6 router platforms today and give it 10kpps to random destinations to its attached /64 (10kpps of small packets is 5 megabit/s) it'll stop working normally.
-- Mikael Abrahamsson email: [email protected] -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
