IETF Logo Mail Archive

Re: [DNSOP] Re: Last Call: draft-ietf-dnsop-reflectors-are-evil (Preventing Use of Recursive Nameservers in Reflector Attacks) to BCP

Dean Anderson <dean@av8.com> Sat, 29 September 2007 02:55 UTC

Return-path: <dnsop-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IbSUY-0008VN-Ks; Fri, 28 Sep 2007 22:55:42 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IbSUW-0008Ts-CJ; Fri, 28 Sep 2007 22:55:40 -0400
Received: from cirrus.av8.net ([130.105.36.66]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IbSUV-0003rl-70; Fri, 28 Sep 2007 22:55:40 -0400
Received: from [130.105.12.10] ([130.105.12.10]) (authenticated bits=0) by cirrus.av8.net (8.12.11/8.12.11) with ESMTP id l8T2tV5u030017 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Fri, 28 Sep 2007 22:55:33 -0400
Date: Fri, 28 Sep 2007 22:55:31 -0400
From: Dean Anderson <dean@av8.com>
X-X-Sender: dean@citation2.av8.net
To: Paul Wouters <paul@xelerance.com>
Subject: Re: [DNSOP] Re: Last Call: draft-ietf-dnsop-reflectors-are-evil (Preventing Use of Recursive Nameservers in Reflector Attacks) to BCP
In-Reply-To: <Pine.LNX.4.64.0709281729060.25731@newtla.xelerance.com>
Message-ID: <Pine.LNX.4.44.0709282243470.2038-100000@citation2.av8.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 52e1467c2184c31006318542db5614d5
Cc: dnsop@ietf.org, Paul Hoffman <paul.hoffman@vpnc.org>, ietf@ietf.org
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Errors-To: dnsop-bounces@ietf.org

On Fri, 28 Sep 2007, Paul Wouters wrote:

> On Fri, 28 Sep 2007, Dean Anderson wrote:
> 
> > Maybe its not mentioned because its not a practical solution. But
> > whatever the reason it isn't mentioned, a 25 million user VPN is not
> > going to happen with 10/8. A comcast person recently complained on PPML
> > that there wasn't enough RFC1918 space for their internal network.
> 
> Time for them to migrate to IPv6? :)

There was an extended discussion of that.  It was suggested that IPv6
would be killed by IPv4 IP address exhaustion through route table
expansion.

I suggested that maybe IPv6 was already dead, and that one might
consider instead CLNP/TUBA (RFC1347, RFC1561, et al) because it works
already.  One would use ISIS and IDRP instead of OSPF and BGP. Then add
IPv4 proxy gateways and client support as necessary, etc.  I was
surprised to find that this is about as much work as what remains for
IPv6, and we know that CLNP is stable.

I digress. I wrote a detailed message posted on 9/10 on the subject if 
anyone is interested. Contact me offlist, or look in the ppml archives 
at arin.net.

		--Dean


-- 
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000   




_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email