Automatic IPv6 due to broadcast
Arturo Servin
arturo.servin at gmail.com
Mon Apr 16 19:32:22 UTC 2012
Anurag,
You have a rogue RA in your network. Now is just an annoying DoS, but it can easily be turned in a real security concern.
I suggest to either deploy properly IPv6 or disable it. I am more on the former, but it is your choice.
Regards
-as
On 16 Apr 2012, at 15:09, Anurag Bhatia wrote:
> Hello everyone
>
>
>
> Just got a awfully crazy issue. I heard from our support team about failure
> of whois during domain registration. Initially I thought of port 43 TCP
> block or something but found it was all ok. Later when ran whois manually
> on server via terminal it failed. Found problem that server was connecting
> to whois server - whois.verisign-grs.com. I was stunned! Server got IPv6
> and not just that one - almost all. This was scary - partial IPv6 setup and
> it was breaking things.
>
> In routing tables, routes were all going to a router which I recently setup
> for testing. That router and other servers are under same switch but by no
> means I ever configured that router as default gateway for IPv6. I found
> option of "broadcast" was enabled on router for local fe80... address and I
> guess router broadcasted IPv6 and somehow (??) all servers found that they
> have a IPv6 router on LAN and started using it - automated DHCP IPv6?
>
> I wonder if anyone else also had similar issues? Also, if my guesses are
> correct then how can we disable Red Hat distro oriented servers from taking
> such automated configuration - simple DHCP in IPv6 disable?
>
>
>
>
> Thanks
>
> --
>
> Anurag Bhatia
> anuragbhatia.com
> or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected
> network!
>
> Twitter: @anurag_bhatia <https://twitter.com/#!/anurag_bhatia>
> Linkedin: http://linkedin.anuragbhatia.com
More information about the NANOG
mailing list