...
What did that just do to your per-site /64? That you have no hope of ever seeing a user use up? It just turned that /64 into a /112 (16 bits of port space, 32 bits of cloud identifier space.) What's the next killer app that'll chew up more of your IPv6 space?
Dude... You missed... It's not supposed to be a /64 per site. The plan is a /48 per site. Yes, you managed to use one of the subnets up pretty well... ON A SINGLE SUBNET. Now, what do you do for the other 65,535 of them at the one site?
I'm all for IPv6. And I'm all for avoiding conjecture and getting to the task at hand. But simply assuming that the IPv6 address space will forever remain that - only unique host identifiers - I think is disingenious at best. :-)
Well.. There's assuming (like your assumption that a /64 per site was the original plan) and then there's doing the math. Even with the utilization you've mentioned above, my math still holds. Owen
Adrian
On Tue, Jan 25, 2011, Owen DeLong wrote:
I love this term... "repetitively sweeping a targets /64".
Seriously? Repetitively sweeping a /64? Let's do the math...
2^64 = 18,446,744,073,709,551,616 IP addresses.
Let's assume that few networks would not be DOS'd by a 1,000 PPS storm coming in so that's a reasonable cap on our scan rate.
That means sweeping a /64 takes 18,446,744,073,709,551 sec. (rounded down).
There are 86,400 seconds per day.
18,446,744,073,709,551 / 86,400 = 213,503,982,334 days.
Rounding a year down to 365 days, that's 584,942,417 years to sweep the /64 once.
If we increase our scan rate to 1,000,000 packets per second, it still takes us 584,942 years to sweep a /64.
I don't know about you, but I do not expect to live long enough to sweep a /64, let alone do so repetitively.
Owen
-- - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support - - $24/pm+GST entry-level VPSes w/ capped bandwidth charges available in WA -