IPv6 Deployment for the LAN

Andy Davidson andy at nosignal.org
Sun Oct 18 10:02:23 UTC 2009

On 18 Oct 2009, at 09:22, Mark Smith wrote:

> If it's because somebody could start up a rogue router and announce  
> RAs, I think a rogue DHCPv6 server is (or will be) just as much a  
> threat, if not more of one - I think it's more likely server OSes  
> will include DHCPv6 servers than RA "servers".

Disagree - rogue offers affect people without a lease, so the impact  
of an attack is not immediate.  Filtering DHCP on v4 is well  
understood, an update to current operational practice rather than a  
new system.

On 18 Oct 2009, at 09:29, Nathan Ward wrote:

> RA is needed to tell a host to use DHCPv6

This is not ideal.


More information about the NANOG mailing list