matt.addison at lists.evilgeni.us
Wed Feb 2 15:26:53 CST 2011
On Wed, Feb 2, 2011 at 16:13, Leo Bicknell <bicknell at ufp.org> wrote:
> I love this question, because it basically admits the protocol is
> broken. To make RA's even remotely palitable, you need "RA Guard" on
> the switches. This feature does not exist, but if we bring features
> like DHCP guard forward into the IPv6 world, it's the logical solution
> and solves the problem.
RA Guard has been described in RFC 6105 (still draft, but standards track),
so that particular problem should be taken care of once vendors start
shipping code. It doesn't even require SeND- although it does accomodate it.
More information about the NANOG