nanog mailing list archives
RE: IPv6 Deployment for the LAN
From: "TJ" <trejrco () gmail com>
Date: Sun, 18 Oct 2009 07:58:00 -0400
"> RA is needed to tell a host to use DHCPv6 This is not ideal." That is entirely a matter of opinion, and one frequently debated still. FWLIW - I think RAs are a perfectly fine way to distribute information about the router itself, and to provide hints about the environment (e.g. - "Yes, we do Stateful DHCPv6 here ("+M", and "+O' as well" ...) /TJ -----Original Message----- From: Andy Davidson [mailto:andy () nosignal org] Sent: Sunday, October 18, 2009 6:02 AM To: NANOG list Subject: Re: IPv6 Deployment for the LAN On 18 Oct 2009, at 09:22, Mark Smith wrote:
If it's because somebody could start up a rogue router and announce RAs, I think a rogue DHCPv6 server is (or will be) just as much a threat, if not more of one - I think it's more likely server OSes will include DHCPv6 servers than RA "servers".
Disagree - rogue offers affect people without a lease, so the impact of an attack is not immediate. Filtering DHCP on v4 is well understood, an update to current operational practice rather than a new system. On 18 Oct 2009, at 09:29, Nathan Ward wrote:
RA is needed to tell a host to use DHCPv6
This is not ideal. Andy
Current thread:
- Re: IPv6 Deployment for the LAN, (continued)
- Re: IPv6 Deployment for the LAN Kevin Loch (Oct 18)
- Re: {SPAM?} Re: IPv6 Deployment for the LAN Ray Soucy (Oct 18)
- RE: {SPAM?} Re: IPv6 Deployment for the LAN TJ (Oct 18)
- Re: {SPAM?} Re: IPv6 Deployment for the LAN Ray Soucy (Oct 18)
- RE: IPv6 Deployment for the LAN TJ (Oct 18)
- Re: IPv6 Deployment for the LAN Kevin Loch (Oct 18)
- Re: IPv6 Deployment for the LAN Chuck Anderson (Oct 18)
- Re: IPv6 Deployment for the LAN Nick Hilliard (Oct 18)
- RE: IPv6 Deployment for the LAN TJ (Oct 18)
- Re: IPv6 Deployment for the LAN Matthew Kaufman (Oct 18)
- RE: IPv6 Deployment for the LAN TJ (Oct 18)
- Re: IPv6 Deployment for the LAN Mohacsi Janos (Oct 19)
- Re: IPv6 Deployment for the LAN David Conrad (Oct 21)
- Re: IPv6 Deployment for the LAN Iljitsch van Beijnum (Oct 21)
- Re: IPv6 Deployment for the LAN Chris Adams (Oct 21)
- Re: IPv6 Deployment for the LAN Iljitsch van Beijnum (Oct 21)
- Re: IPv6 Deployment for the LAN Ray Soucy (Oct 21)