Re: IPv6 Deployment for the LAN

[Nathan Ward <nanog () daork net>]

On 18/10/2009, at 9:22 PM, Mark Smith wrote:

> I'm curious what the issue is with not having a default-router option
> in DHCPv6?

This mechanism is provided by RA.
RA is needed to tell a host to use DHCPv6, so RA is going to be there  
whenever you have DHCPv6.
There's no point putting a default router option in to DHCPv6 at this  
point.

> If it's because somebody could start up a rogue router and announce
> RAs, I think a rogue DHCPv6 server is (or will be) just as much a
> threat, if not more of one - I think it's more likely server OSes will
> include DHCPv6 servers than RA "servers".


Perhaps, but if you're operating a LAN segment you're going to want to  
filter rouge RA and DHCPv6 messages from your network, just like you  
do with DHCP in IPv4.
Filtering RA and DHCPv6 are done in very similar ways.

--
Nathan Ward