[Attendee] Rogue RA
joel jaeggli
joelja at gmail.com
Wed Jun 17 14:15:51 UTC 2009
The rogue dhcp server has to reply faster than the actual one. We
don't actually have an protection against rogue dhcp servers currently
in my understanding. so if you don't see any it's because there aren't
any.
joel
On Wed, Jun 17, 2009 at 7:08 AM, Michael
Sinatra<michael at rancid.berkeley.edu> wrote:
> On 6/16/09 3:25 PM, Tom Pusateri wrote:
>> Shouldn't we see the same problem with rogue DHCP servers in v4?
>
> That's what has always confused me. Part of the reason we may not is
> that the rogue comes on-line at a time when nobody is doing DHCPDISCOVER
> and then goes off-line. OTOH, if the rogue sends out just one RA, other
> machines will configure the address and might even add a candidate route
> immediately, regardless of whether they already have a v6 address.
>
> However, I have been in other situations where I see RAs in IPv6, but I
> don't have rogue DHCP issues in v4 on a particular net. (At the same
> time, we do see a bunch of rogue DHCP servers on our wireless nets at
> Berkeley.)
>
> michael
>
> _______________________________________________
> Attendee mailing list
> Attendee at nanog.org
> http://mailman.nanog.org/mailman/listinfo/attendee
>
More information about the Attendee
mailing list