[ipv6hackers] Fwd: Some stats on IPv6 fragments and EH filtering on the Internet

Tim Chown tjc at ecs.soton.ac.uk
Tue Nov 5 01:07:26 CET 2013

On 4 Nov 2013, at 23:57, Fernando Gont <fgont at si6networks.com> wrote:

> On 11/04/2013 03:49 PM, Eric Vyncke (evyncke) wrote:
>> Interesting piece of data, it is even worse than what I guessed before
> Yep. I had the same reaction: I didn't expect it to be that bad. :-(

Indeed, which is why I have another student verifying the previous result and developing the scapy-based test suite further.  At present scapy only supports four extension header types.  But in reality it’s enough to show the scale of the problem.  And Fernando’s results are basically verifying the scale of the problem.

One of the ideas the student is working on is to have a “looking glass” type capability so you can see what happens into your own networks remotely (with the usual anti-DoS looking glass measures of course :)   His code would all be openly available, including any enhancements to scapy.

If anyone is interested feel free to contact me off-list and I can put you in touch with the student.


More information about the Ipv6hackers mailing list