IPv6 Confusion

Dale W. Carder dwcarder at wisc.edu
Wed Feb 18 15:05:43 CST 2009


On Feb 18, 2009, at 3:00 PM, Nathan Ward wrote:
> On 19/02/2009, at 9:53 AM, Leo Bicknell wrote:
>>
>> Let me repeat, none of these solutions are secure.  The IPv4/DHCP  
>> model
>> is ROBUST, the RA/DHCPv6 model is NOT.
>
> The point I am making is that the solution is still the same -  
> filtering in ethernet devices.
>
> Perhaps there needs to be something written about detailed  
> requirements for this so that people have something to point their  
> switch/etc. vendors at when asking for compliance. I will write this  
> up in the next day or two. I guess IETF is the right forum for  
> publication of that.
>
> Is there something like this already that anyone knows of?


http://tools.ietf.org/id/draft-chown-v6ops-rogue-ra-02.txt

This is the last message I recall seeing in v6ops about it:

"It seems to me that the L2 devices are welcome to perform
whatever filtering they like regardless of any documents
that might come from the IETF. Therefore, I'd like to see
more pros/cons on this."
http://ops.ietf.org/lists/v6ops/v6ops.2008/msg01733.html

Cheers,
Dale




More information about the NANOG mailing list