On 4/3/2010 1:39 PM, Valdis.Kletnieks@vt.edu wrote:
On Sat, 03 Apr 2010 08:06:44 EDT, Jeffrey Lyon said:
For small companies the cost of moving to IPv6 is far too great, especially when we rely on certain DDoS mitigation gear that does not yet have an IPv6 equivalent.
So? How many people are *realistically* being hit by IPv6 DDoS right now? (I saw a number in the last 2-3 days that 2-3% of spam is now being delivered via SMTP-over-IPv6). You may not need that gear as much as you thought...
Did you tell your mitigation gear vendor 5 years ago that their next model needed to have IPv6 support?
Given that currently most stuff is dual-stack, and IPv6 isn't totally widespread, what are the effects of doing IPv6 DDoS mitigation by simply turning off IPv6 on your upstream link and letting traffic fall back to IPv4 where you have mitigation gear?
Not a valid argument. When ipv6 gets widely used then the DDOS will follow it. I have to agree with the previous poster about not wanting to move until his DDOS mitigation gear supports V6. Many of the security products i use are just now starting to go v6 capable. I would not want to move to V6 even if i could until all of my security gear/software is properly V6 tested.