[ipv6hackers] Windows 7/2008 R2 Improved Resilliency to IPv6 Floods
torh-ipv6hackers at bogus.net
Wed Apr 17 10:45:49 CEST 2013
On Sun, Apr 14, 2013 at 03:51:09AM -0300, Fernando Gont wrote:
> This list is not about whether to deploy IPv6 or not. That's, as far as
> this list is concerned, mostly off-topic.
> Marc didn't compare v6 with v4 (who cares, for the most part?). And even
> if he (or anyone) were to, that shouldn't lead to "to deploy or not to
> deploy v6 kind of thread".
> Not only off-topic -- that's even boring. Since this list is about
> hacking, I expect subscribers to be clueful. Which means they should be
> able to analize Marc's and others' experiments, tests, and reports, and
> make up their own mind whether they want to deploy v6 or not.
I'd say it highlights one important aspect of IPv6 deployment, namely HOW
you deploy it. Marc's test shows perhaps that dual stack may introduce
unacceptable risk to existing infrastructure.
Carriers might not want to dual stack their existing mobile broadband
gateways, because the Internet access architecture for mobile is often
achieved through a choke point (one firewall cluster filtering the traffic
for all the mobile clients), quite unlike regular "fixed line" Internet
access, where each customer has their own RG/CPE.
Enabling IPv6 on that cluster could potentially ruin the day for the
millions of existing IPv4-only mobile customers; it may make business sense
to process IPv6 in a separate cluster (in this example).
More information about the Ipv6hackers