nanog mailing list archives
Re: Automatic IPv6 due to broadcast
From: Arturo Servin <arturo.servin () gmail com>
Date: Mon, 16 Apr 2012 16:32:22 -0300
Anurag, You have a rogue RA in your network. Now is just an annoying DoS, but it can easily be turned in a real security concern. I suggest to either deploy properly IPv6 or disable it. I am more on the former, but it is your choice. Regards -as On 16 Apr 2012, at 15:09, Anurag Bhatia wrote:
Hello everyone Just got a awfully crazy issue. I heard from our support team about failure of whois during domain registration. Initially I thought of port 43 TCP block or something but found it was all ok. Later when ran whois manually on server via terminal it failed. Found problem that server was connecting to whois server - whois.verisign-grs.com. I was stunned! Server got IPv6 and not just that one - almost all. This was scary - partial IPv6 setup and it was breaking things. In routing tables, routes were all going to a router which I recently setup for testing. That router and other servers are under same switch but by no means I ever configured that router as default gateway for IPv6. I found option of "broadcast" was enabled on router for local fe80... address and I guess router broadcasted IPv6 and somehow (??) all servers found that they have a IPv6 router on LAN and started using it - automated DHCP IPv6? I wonder if anyone else also had similar issues? Also, if my guesses are correct then how can we disable Red Hat distro oriented servers from taking such automated configuration - simple DHCP in IPv6 disable? Thanks -- Anurag Bhatia anuragbhatia.com or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected network! Twitter: @anurag_bhatia <https://twitter.com/#!/anurag_bhatia> Linkedin: http://linkedin.anuragbhatia.com
Current thread:
- Automatic IPv6 due to broadcast Anurag Bhatia (Apr 16)
- RE: Automatic IPv6 due to broadcast Matthew Huff (Apr 16)
- Re: Automatic IPv6 due to broadcast Seth Mos (Apr 16)
- Re: Automatic IPv6 due to broadcast Valdis . Kletnieks (Apr 16)
- Re: Automatic IPv6 due to broadcast Arturo Servin (Apr 16)
- Re: Automatic IPv6 due to broadcast Carlos Martinez-Cagnazzo (Apr 17)
- Re: Automatic IPv6 due to broadcast Seth Mos (Apr 17)
- Re: Automatic IPv6 due to broadcast Ray Soucy (Apr 17)
- Re: Automatic IPv6 due to broadcast Jared Mauch (Apr 17)
- Re: Automatic IPv6 due to broadcast Mick O'Rourke (Apr 17)
- Re: Automatic IPv6 due to broadcast Anurag Bhatia (Apr 17)
- Re: Automatic IPv6 due to broadcast Carlos Martinez-Cagnazzo (Apr 17)
- Re: Automatic IPv6 due to broadcast Valdis . Kletnieks (Apr 16)
- Re: Automatic IPv6 due to broadcast Måns Nilsson (Apr 16)
- Re: Automatic IPv6 due to broadcast Carlos Martinez-Cagnazzo (Apr 17)