nanog mailing list archives
Re: IPv6 Ignorance
From: Jimmy Hess <mysidia () gmail com>
Date: Sun, 16 Sep 2012 19:24:35 -0500
On 9/16/12, John R. Levine <johnl () iecc com> wrote:
Large networks keep separate reputation for every address in the IPv4 address space based on the traffic they send. You can't do that in IPv6,
That's true, but not an intended system for identifying and reporting abuse, and the same idea occurs with IPv4 -- bots can just grab other IP addresses in the subnet, if there are not local protections in place to ensure a host cannot ARP an IP that is not assigned to it... So keep track of reputation of legitimate hosts instead of "non-legitimate" hosts. Maintain negative reputation at a /64 or shorter prefix level, and favorable reputation at a /128 level. If you have abuse detected on a /64, then treat the entire /64 as having a damaged reputation, except for the /128s on the /64 that have a prior positive reputation. The identical thing cannot be done with IPv6, but reputation systems are still possible.
Regards, John Levine, johnl () iecc com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. http://jl.ly
-- -JH
Current thread:
- IPv6 Ignorance Seth Mattinen (Sep 16)
- Re: IPv6 Ignorance John T. Yocum (Sep 16)
- Re: IPv6 Ignorance Seth Mattinen (Sep 16)
- Re: IPv6 Ignorance Justin M. Streiner (Sep 16)
- Re: IPv6 Ignorance John Mitchell (Sep 16)
- Re: IPv6 Ignorance Jimmy Hess (Sep 16)
- Re: IPv6 Ignorance John Levine (Sep 16)
- Re: IPv6 Ignorance Jimmy Hess (Sep 16)
- Re: IPv6 Ignorance John R. Levine (Sep 16)
- Re: IPv6 Ignorance Jimmy Hess (Sep 16)
- Re: IPv6 Ignorance Timothy Morizot (Sep 16)
- Re: IPv6 Ignorance Owen DeLong (Sep 17)
- Re: IPv6 Ignorance Jimmy Hess (Sep 16)
- Re: IPv6 Ignorance John T. Yocum (Sep 16)
- Re: IPv6 Ignorance Michael Thomas (Sep 16)
- Re: IPv6 Ignorance Jimmy Hess (Sep 16)
- Re: IPv6 Ignorance Mikael Abrahamsson (Sep 16)
- Re: IPv6 Ignorance Randy Bush (Sep 16)
- Re: IPv6 Ignorance Mikael Abrahamsson (Sep 16)