The stupidity of trying to "fix" DHCPv6
Ricky Beam
jfbeam at gmail.com
Fri Jun 10 20:24:58 UTC 2011
On Fri, 10 Jun 2011 09:47:44 -0400, Leo Bicknell <bicknell at ufp.org> wrote:
> The point is, RA's are operationally fragile and DHCP is operationally
> robust.
No. Both are just as fragile... if you haven't taken steps to protect
them. If you aren't doing any sort of DHCP snooping, anyone can setup a
rogue DHCP server and kill your network -- been there, laughed at them.
Even my *home* lan has DHCP snooping configured.
The only question is support for "RA Guard" in your network hardware. A
lot of old gear isn't going to support it. But DHCP was no different.
--Ricky
PS: Don't read into this... I hate SLAAC and RA, more than most people.
(it's been a bad idea from day one.)
More information about the NANOG
mailing list