In a message written on Fri, Sep 03, 2010 at 04:33:23PM -0400, Deepak Jain wrote:
Moreover, when every enterprise has a /48 or better, network admins are going to need to be able to track down machines/devices/ear pieces/what have you on a better basis then trapping them when they speak up. There is a huge potential for sleepers in IPv6 space that we don't see any more in IPv4 (because the tools are better). Eventually someone will find an approach to do this kind of surveying and then make it cheap enough everyone can do it. (how often do security-admins use NMAP/Nessus/what have you to survey their own space -- an IPv6 analog will *need* to be created eventually).
If you are the network admin, walking the L2 devices MAC tables and comparing with the L3 devices ARP/ND/whatever tables is likely more efficient for sparse address space. Also keep in mind, IPv6 devices will often have multiple addresses, and may move addresses quite regularly. For instance, I use "privacy" or "temporary" addresses, my machine hops to a new IPv6 address every 10 minutes. A scan will likely be out of date before it completes for these sorts of addresses. -- Leo Bicknell - bicknell@ufp.org - CCIE 3440 PGP keys at http://www.ufp.org/~bicknell/