Mac OS X 10.7, still no DHCPv6

Leigh Porter leigh.porter at ukbroadband.com
Sun Feb 27 13:17:20 CST 2011


On 27 Feb 2011, at 19:07, Antonio Querubin wrote:

> On Sun, 27 Feb 2011, Mikael Abrahamsson wrote:
> 
>> On Sun, 27 Feb 2011, Leigh Porter wrote:
>> 
>>> Does anybody have anything neat to keep logs of what host gets what ipv6 address in an SLAAC environment?
>> 
>> You'd have to correlate ND information in the router to some kind of record of who has what MAC address at any given time. With SLAAC the host doesn't "get" an IPv6 address, it "takes" one.
>> 
>>> This is often required for legislation compliance. DHCP does this well.
>> 
>> Which is one of the reasons why some of us want DHCPv6 support in hosts.
> 
> So how does DHCP prevent a host from just taking or hijacking an IP address?
> 
> Antonio Querubin
> e-mail/xmpp:  tony at lava.net
> 

You can have devices that peek at the DHCP messages and then open filters so that you at least know that any host that pops up on the network has used DHCP to obtain an IP address. 

Now you cannot usually prevent somebody from later hijacking that IP address using a fake MAC unless you do something else as well but at least you have something of a statefull relationship between an host and the IP address it uses.


--
Leigh Porter



More information about the NANOG mailing list