Re: [v6ops] Operational guidelines for a company/organization IPv6 address scheme supplemental to RFC5157
Philipp Kern <phil@philkern.de> Wed, 26 September 2012 22:27 UTC
Return-Path: <pkern@hub.kern.lc>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5FF8B21F8551 for <v6ops@ietfa.amsl.com>; Wed, 26 Sep 2012 15:27:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gEPjbLfYKPOA for <v6ops@ietfa.amsl.com>; Wed, 26 Sep 2012 15:27:48 -0700 (PDT)
Received: from hub.kern.lc (hub.kern.lc [IPv6:2a00:1158:3::c7]) by ietfa.amsl.com (Postfix) with ESMTP id DC37A21F854F for <v6ops@ietf.org>; Wed, 26 Sep 2012 15:27:47 -0700 (PDT)
Received: from pkern by hub.kern.lc with local (Exim 4.80) (envelope-from <pkern@hub.kern.lc>) id 1TH053-0008FK-63; Thu, 27 Sep 2012 00:27:45 +0200
Date: Thu, 27 Sep 2012 00:27:45 +0200
From: Philipp Kern <phil@philkern.de>
To: "Marksteiner, Stefan" <stefan.marksteiner@joanneum.at>
Message-ID: <20120926222745.GA31684@hub.kern.lc>
References: <8A317FD8C00FEE448E52D4EE5B56BB3E0232A086D8FF@RZJC1EX.jr1.local> <1348519034.47465.YahooMailNeo@web32503.mail.mud.yahoo.com> <8A317FD8C00FEE448E52D4EE5B56BB3E0232A086D902@RZJC1EX.jr1.local> <5061B157.1090106@gmail.com> <8A317FD8C00FEE448E52D4EE5B56BB3E0232A086D90A@RZJC1EX.jr1.local> <1348602134.63605.YahooMailNeo@web32505.mail.mud.yahoo.com> <8A317FD8C00FEE448E52D4EE5B56BB3E0232A08499BB@RZJC1EX.jr1.local>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <8A317FD8C00FEE448E52D4EE5B56BB3E0232A08499BB@RZJC1EX.jr1.local>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: Philipp Kern <pkern@hub.kern.lc>
Cc: 'IPv6 Ops WG' <v6ops@ietf.org>
Subject: Re: [v6ops] Operational guidelines for a company/organization IPv6 address scheme supplemental to RFC5157
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Sep 2012 22:27:48 -0000
On Wed, Sep 26, 2012 at 09:16:12AM +0200, Marksteiner, Stefan wrote: > There's a variety of reasons to keep track of addresses from usage and > statistics to forensic purposes in security incidents (also those which are > perpetrated from inside sources to outside targets). Wouldn't it be better to track the tables of your switches and routers (possibly with port info) instead? Because everybody can infer the subnet from one stateful DHCPv6 reply and just use another address. Well, unless your hardware can already do DHCPv6 snooping at the edge, which seems to be sort of rare. Kind regards Philipp Kern
- [v6ops] Operational guidelines for a company/orga… Marksteiner, Stefan
- Re: [v6ops] Operational guidelines for a company/… Mark ZZZ Smith
- Re: [v6ops] Operational guidelines for a company/… Marksteiner, Stefan
- Re: [v6ops] Operational guidelines for a company/… Brian E Carpenter
- Re: [v6ops] Operational guidelines for a company/… Marksteiner, Stefan
- Re: [v6ops] Operational guidelines for a company/… Mark ZZZ Smith
- Re: [v6ops] Operational guidelines for a company/… Marksteiner, Stefan
- Re: [v6ops] Operational guidelines for a company/… Brian E Carpenter
- Re: [v6ops] Operational guidelines for a company/… Marksteiner, Stefan
- Re: [v6ops] Operational guidelines for a company/… Philipp Kern
- Re: [v6ops] Operational guidelines for a company/… John Mann
- Re: [v6ops] Operational guidelines for a company/… Fernando Gont
- Re: [v6ops] Operational guidelines for a company/… Fernando Gont