On Mar 11, 2011, at 11:34 AM, George Bonser wrote:
And I say taking down 10 such farms is no bigger problem than taking down 10 /64 backbone links.
Yes, but the difference is in routine attacker behavior. And of course, iACLs should be protecting p2p links and loopbacks, irrespective of CIDR length, anyways.
If something breaks while using a /127, the doctor might tell you to stop sticking the spoon in your eye.
If vendors are somehow optimizing for or restricting functionality to certain CIDR lengths, they should stop this immediately. Features and functionality should work the same, irrespective of CIDR length. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> The basis of optimism is sheer terror. -- Oscar Wilde