nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IPv6 Deployment for the LAN

From: Nathan Ward <nanog () daork net>
Date: Mon, 19 Oct 2009 01:39:29 +1300

On 19/10/2009, at 1:10 AM, Owen DeLong wrote:


On Oct 18, 2009, at 3:05 AM, Nathan Ward wrote:


On 18/10/2009, at 11:02 PM, Andy Davidson wrote:


On 18 Oct 2009, at 09:29, Nathan Ward wrote:


RA is needed to tell a host to use DHCPv6


This is not ideal.


Why?
Remember RA does not mean SLAAC, it just means RA.


Because RA assumes that all routers are created equal.


RFC4191


Because RA is harder to filter.


DHCP in IPv4 was hard to filter before vendors implemented it, too.
Because the bifercated approach to giving a host router/mask information and address information 
        creates a number of unnecessary new security concerns.


Security concerns would be useful to explore. Can you expand on this?

--
Nathan Ward
Previous By Date Next
Previous By Thread Next

Current thread: