marka at isc.org
Thu Feb 3 15:38:50 CST 2011
In message <32825.1296757039 at localhost>, Valdis.Kletnieks at vt.edu writes:
> Content-Type: text/plain; charset=us-ascii
> On Thu, 03 Feb 2011 09:18:25 +1100, Mark Andrews said:
> > Or you just filter them out in the laptop. With the proper tools you just
> > ignore and RA's containing 2002:. Done that for years now.
> You're welcome to stop by and fix 30,000+ systems here, most of which we do
> *not* have administrative control over because they're personal laptops and t
> like. For most of these users, if it doesn't do the filtering correctly out
> the box when they pick it at Best Buy or Walmart or whatever, it isn't going
> get reconfigured. (We do provide a free "configure your box for our network"
> that does all this stuff and installs a site-licensed AV and all that, but no
> everybody actually uses it, and there's no really good way to mandate it - an
> anyhow, that's a purely local fix for a problem that's more than local).
> (We'll overlook the fun and games that start when you have a laptop that
> travels between a site where 2002:: is verboten, and another where 2002:: is
> the way it has to be done... Doesn't happen much.. *yet*. Good luck explaini
> *that* to Joe Sixpack)
Joe sixpack is quite capable of learning this stuff. That said
modern OS also come with connection profiles which make this even
easier and will reduce the incidents of rougue RA as DHCP as
connection sharing gets tied to the profile.
Additionally connection sharing will shift for using 6to4 to doing
prefix delegation. OS vendors that support connection sharing
should also look at the IPv6 CPE draft as lots of that is applicable.
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG