22 Oct
2015
22 Oct
'15
6:07 p.m.
On 22 October 2015 at 22:57, <sthaug@nethelp.no> wrote:
- Needing OSPFv3 for IPv6 when you're alredy running OSPFv2 for IPv4 is less than optimal. I believe nowadays several vendors support OSPFv3 for both IPv4 and IPv6 - but this is not universal.
Our configuration is MPLS VPNv6 for IPv6. Therefore we have no native IPv6 in the backbone and no need for OSPFv3. The IPv4 internet is MPLS VPNv4 so there should be no easy way to attack our OSPFv2 instance from outside. The attacker is simply not in the same VRF as the routing protocol. Is this such an uncommon configuration? I am asking because nobody mentioned this in the thread. Regards, Baldur