nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Android (lack of) support for DHCPv6

From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Thu, 11 Jun 2015 00:30:07 +0900
Lorenzo Colitti wrote:


It's not the *only* option. There are large networks - O(100k) IPv6 nodes -
that do ND monitoring for accountability, and it does work for them. Many
devices support this via syslog, even. As you can imagine, my Android
device gets IPv6 at work, even though it doesn't support DHCPv6. Other
universities, too. It's obviously  not your chosen or preferred mechanism,
but it does work.


Considering that a DOS attack from a node using a lot of addresses to
effectively disable logging, SLAAC must not be used, unless maximum N,
the maximum number of addresses for a node to have, is standardized (
assuming a node is securely identified through the first hop security,
which is necessary to enforce the number of addresses used by each node).

                                                        Masataka Ohta
Previous By Date Next
Previous By Thread Next

Current thread: