nanog mailing list archives
Re: IPv6 Confusion
From: Mikael Abrahamsson <swmike () swm pp se>
Date: Wed, 18 Feb 2009 21:52:29 +0100 (CET)
On Thu, 19 Feb 2009, Nathan Ward wrote:
It seems there are lots of people who want auto configuration in IPv6 but who clearly do not do this in IPv4. That seems strange, to me.
"Everybody" uses DHCP in IPv4, it's just that there is functionality in the equipment we use to make sure it can only be received from certain places and we apply security based on snooping the DHCP traffic.
So, the fact that "RA guard" isn't widely available is a showstopper for deploying native IPv6 in a lot of environments because it just can't be done in a secure manner.
I am sure the equivalent measures can be implemented for IPv6, it's just that someone needs to do it, and it's a mystery to me how all these security functions aren't available from the IETF already. As said before, a lot of the security mechanisms involved in securing IPv4 hasn't been implemented in IPv6.
-- Mikael Abrahamsson email: swmike () swm pp se
Current thread:
- Re: IPv6 Confusion, (continued)
- Re: IPv6 Confusion Leen Besselink (Feb 18)
- Re: IPv6 Confusion Jack Bates (Feb 18)
- Re: IPv6 Confusion Randy Bush (Feb 18)
- Re: IPv6 Confusion Nathan Ward (Feb 18)
- Re: IPv6 Confusion Valdis . Kletnieks (Feb 18)
- Re: IPv6 Confusion Nathan Ward (Feb 18)
- Re: IPv6 Confusion sthaug (Feb 18)
- Re: IPv6 Confusion Nathan Ward (Feb 18)
- Re: IPv6 Confusion Leo Bicknell (Feb 18)
- Re: IPv6 Confusion Nathan Ward (Feb 18)
- Re: IPv6 Confusion Mikael Abrahamsson (Feb 18)
- Re: IPv6 Confusion Leo Bicknell (Feb 18)
- Re: IPv6 Confusion Nathan Ward (Feb 18)
- Re: IPv6 Confusion Dale W. Carder (Feb 18)
- Re: IPv6 Confusion Joel Jaeggli (Feb 18)
- Message not available
- Re: IPv6 Confusion Tim Chown (Feb 19)
- Re: IPv6 Confusion Leo Bicknell (Feb 18)
- Re: IPv6 Confusion Nathan Ward (Feb 18)
- RE: IPv6 Confusion (back to technical conversation) TJ (Feb 19)
- Re: IPv6 Confusion Aria Stewart (Feb 18)
- Re: IPv6 Confusion Kevin Loch (Feb 18)