turning on comcast v6

• Previous message (by thread): turning on comcast v6
• Next message (by thread): turning on comcast v6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jan 5, 2014, at 11:44 PM, Valdis.Kletnieks at vt.edu wrote:

> If Joe Home User has a rogue device spewing RA's, he probably has a bigger
> problem than just not having RA Guard enabled.  He either has a badly
> misconfigured router (and one that's disobeying the mandate to not RA
> if you don't have an uplink), or he has a compromised malicious host.
> 
> In either case, he's got bigger fish to fry.

"mandate" isn't the right description.

http://tools.ietf.org/html/rfc6059

There is a ~3 year old _proposed standard_ for the behavior you describe.

I have yet to see any compliant equipment at $LocalBigBox, but maybe I'm
not purchasing the right gear.

So yet again, the response I get to "ra's are fragile" is "deploy this
brand new band-aid that can't be purchased yet".

Can we just have DHCPv6, please?  How many dozens of technologies are we
going to invent to try and avoid putting a default route in DHCP?

-- 
       Leo Bicknell - bicknell at ufp.org - CCIE 3440
        PGP keys at http://www.ufp.org/~bicknell/





-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 793 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140106/a05eb173/attachment.sig>

• Previous message (by thread): turning on comcast v6
• Next message (by thread): turning on comcast v6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]