On 2014-03-26, Owen DeLong <owen@delong.com> sent:
Then the spammers will grab /48s instead of /64s. Lather, rinse, repeat.
Admittedly, /48s are only 65,536 RBL entries per, but I still think that address-based reputations are a losing battle in an IPv6 world unless we provide some way for providers to hint at block sizes.
After all, if you start blocking a /64, what if it’s a /64 shared by thousands of hosting customers at one provider offering virtuals?
It was brought to my attention in a parallel thread on Mailop that such a mechanism does exist for allowing ISP to hint about the size of customer allocations, at least in the RIPE database: http://www.ripe.net/ripe/docs/ripe-513 So how do we make this universal and get ISPs to use it? If we know customer sizes, it becomes much easier to do reputation on a per-customer basis, which is probably granular enough for a lot of cases. -- Chip Marshall <chip@2bithacker.net> http://2bithacker.net/