Home page logo
/

nanog logo nanog mailing list archives

Re: IPv6 end user addressing
From: Jeroen Massar <jeroen () unfix org>
Date: Wed, 10 Aug 2011 15:57:54 +0200

On 2011-08-10 15:02 , Owen DeLong wrote:
[..]
Why do I want my appliance network's multicast packets getting tossed
around on the guest wireless?

Even wikipedia knows the answer to that:
http://en.wikipedia.org/wiki/IGMP_snooping
which is the first hit for IGMP snooping, which is generally a feature
that is present in the better (and thus more expensive) switching gear
(and thus probably not present in every home, but those homes probably
also don't care about that).

Granted, routing is the better and more appropriate way to isolate these
kind of packets and definitely more appropriate for broadcast nastyness
(mDNS is such a nice one there too...).

That said, /56 or /48 to the home should be what is happening.

The whole point of settling on a single prefix btw is so that networks
can at least keep the same numbering plan when they switch from one PA
prefix to another.

Greets,
 Jeroen

PS: the more power to your kids if they can sniff the network for your
'adult content', decode it, and then actually watch it (though if they
are technically inclined actually not too difficult, but heck, is that
not where crypto comes into play, as when they can pull that off on your
kiddienetwork they can also just plug something into the kiddie-'adult
content'-network and sniff it off there... something with 802.1x comes
to mind to solve that step.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault