Educause Security Discussion mailing list archives

Re: IPv6 and DHCP

From: Rich Graves <rgraves () CARLETON EDU>
Date: Wed, 23 May 2012 14:03:37 -0500

I think what Randy was talking about was statically defined DUIDs.

For the medium term, I'm thinking of going with SLAAC, and relying on the IPv4 side of the dual-stack host to supply 
DNS and such. I'd think that only IPv6-only hosts would really need DHCPv6 or rfc6106.

I'm certainly not worried about "losing" DHCP logs or option-82 information. Any infrastructure that supports option-82 
can give *better* information with some combination of port security traps, DHCP snooping, bridge tables, ARP/NDP, etc.

(For the short term, we're head firmly in sand, blocking v6.)

Current thread:

Re: Compromised Accounts Procedures, (continued)
- - - Re: Compromised Accounts Procedures Tonkin, Derek K. (May 23)
    - Re: Compromised Accounts Procedures Rich Graves (May 23)
    - Re: Compromised Accounts Procedures Bidwell, Lesley (May 23)
    - Re: Compromised Accounts Procedures Pollock, Joseph (May 23)
    - Re: Compromised Accounts Procedures Matthew Hodgett (May 23)
    - Re: Compromised Accounts Procedures Rick Lesniak (May 23)
    - Re: Compromised Accounts Procedures Steven Tardy (May 24)
    - Re: Compromised Accounts Procedures Schoenefeld, Keith P. (May 24)
    - Re: IPv6 and DHCP randy marchany (May 23)
    - Re: IPv6 and DHCP Mark Boolootian (May 23)
    - Re: IPv6 and DHCP Rich Graves (May 23)
- Re: IPv6 and DHCP Curtis, Bruce (May 22)