On Sun, 11 Apr 2010 12:31:28 EDT, William Warren said: > On 4/3/2010 1:39 PM, valdis.kletni...@vt.edu wrote:
> > Given that currently most stuff is dual-stack, and IPv6 isn't totally > > widespread, what are the effects of doing IPv6 DDoS mitigation by simply > > turning off IPv6 on your upstream link and letting traffic fall back to IPv4 > > where you have mitigation gear? > Not a valid argument. When ipv6 gets widely used then the DDOS will > follow it. Totally valid. IPv6 isn't heavily used *currently*, so it may be perfectly acceptable to deal with the mythological IPv6 DDoS by saying "screw it, turn off the IPv6 prefix, deal with customers on IPv4-only for a few hours". After all, that's *EXACTLY* the way you're doing business now - IPv4 only. So that's obviously a viable way to deal with an IPv6 DDoS - do *exactly what you're doing now*.
pgpHvYxXlhv8S.pgp
Description: PGP signature