quietly....

Mohacsi Janos mohacsi at niif.hu
Thu Feb 3 08:45:29 UTC 2011




On Wed, 2 Feb 2011, Tony Finch wrote:

> On Wed, 2 Feb 2011, Iljitsch van Beijnum wrote:
>>
>> Example: if you give administrators the option of putting a router
>> address in a DHCP option, they will do so and some fraction of the time,
>> this will be the wrong address and things don't work. If you let routers
>> announce their presence, then it's virtually impossible that something
>> goes wrong because routers know who they are. A clear win.
>
> Counterexample: rogue RAs from Windows boxes running 6to4 or Teredo and
> Internet Connection Sharing. This is a lot harder to fix than a
> misconfigured DHCP server.
>
> http://malc.org.uk/6doom

Force your switch vendor to implement rogue RA filter (ra guard) in your 
box:

http://tools.ietf.org/html/draft-ietf-v6ops-ra-guard

Best Regards,
 	Janos Mohacsi




More information about the NANOG mailing list