On Wed, Jan 27, 2010 at 1:19 PM, Igor Gashinsky <igor@gashinsky.net> wrote:
1) ping-ponging of packets on Sonet/SDH links 2) ping sweep of death ... For most people, using /127's will be a lot operationaly easier then maintain those crazy ACLs, but, like I said before, YMMV..
I'm in the /112 camp - it's not going to be much worse for attack 2, and I've been dealing with a lot of IPv4 operational issues where you need subnets with enough addresses for VRRP/HSRP/NSRP/etc, equipment management addresses for devices that aren't the main address, byte-aligned database entries, monitoring boxes of various sorts, extra NATs for applications nobody told you about when you set things up, splitting subnets into smaller contiguous subnets because of equipment limitations or vendor compatibility problems with IPSEC tunnels, etc. And the other interesting address length proposal was 80 bits, typically imagined as 20 BCD digits, proposed by phone company types. 128 is better... -- ---- Thanks; Bill Note that this isn't my regular email account - It's still experimental so far. And Google probably logs and indexes everything you send it.