nanog mailing list archives
Re: NIST IPv6 document
From: Jack Bates <jbates () brightok net>
Date: Tue, 11 Jan 2011 11:10:47 -0600
On 1/11/2011 10:57 AM, Valdis.Kletnieks () vt edu wrote:
The same exact way you currently track down an IP address that some machine has started using without bothering to ask your DHCP server for an allocation, of course.
But it's no easier. Especially when you hit the customer equipment. NAT may be gone there, but knowing which computer it is will likely be impossible (as it won't be standard policy for the customer to grab arp tables).
Remember - the privacy extension was so that somebody far away on the Internet couldn't easily correlate "all these hits on websites were from the same box". It gives a user approximately *zero* protection against their own ISP dumping the ARP tables off every switch 5 minutes and keeping the data handy in case they have to track a specific MAC or IP address down.
I dislike this method, though. It works, but I much prefer to correlate with radius accounting logs backended on a DHCP server. Sadly, even in v4, implementations are not always available. Of course, I don't run NAT at the provider edge, but customer's often do, and while I will be able to track the customer, knowing which machine will be just as impossible as it is with NAT.
Jack
Current thread:
- Re: NIST IPv6 document, (continued)
- Re: NIST IPv6 document Dobbins, Roland (Jan 06)
- Re: NIST IPv6 document David Sparro (Jan 07)
- Re: NIST IPv6 document Lamar Owen (Jan 10)
- Re: NIST IPv6 document mikea (Jan 10)
- Re: NIST IPv6 document Owen DeLong (Jan 10)
- Re: NIST IPv6 document Jeff Kell (Jan 10)
- Re: NIST IPv6 document Valdis . Kletnieks (Jan 10)
- Re: NIST IPv6 document Jack Bates (Jan 10)
- Re: NIST IPv6 document Owen DeLong (Jan 10)
- Re: NIST IPv6 document Valdis . Kletnieks (Jan 11)
- Re: NIST IPv6 document Jack Bates (Jan 11)
- Re: NIST IPv6 document Owen DeLong (Jan 10)
- Re: NIST IPv6 document Joel Jaeggli (Jan 05)
- Re: NIST IPv6 document Dobbins, Roland (Jan 05)
- Re: NIST IPv6 document Jeff Wheeler (Jan 06)
- Re: NIST IPv6 document Joel Jaeggli (Jan 06)
- Re: NIST IPv6 document Jeff Wheeler (Jan 06)
- Re: NIST IPv6 document Bill Bogstad (Jan 06)
- Re: NIST IPv6 document Miquel van Smoorenburg (Jan 06)
- Re: NIST IPv6 document Joe Greco (Jan 06)
- Re: NIST IPv6 document Dobbins, Roland (Jan 05)