The stupidity of trying to "fix" DHCPv6
jfbeam at gmail.com
Fri Jun 10 15:24:58 CDT 2011
On Fri, 10 Jun 2011 09:47:44 -0400, Leo Bicknell <bicknell at ufp.org> wrote:
> The point is, RA's are operationally fragile and DHCP is operationally
No. Both are just as fragile... if you haven't taken steps to protect
them. If you aren't doing any sort of DHCP snooping, anyone can setup a
rogue DHCP server and kill your network -- been there, laughed at them.
Even my *home* lan has DHCP snooping configured.
The only question is support for "RA Guard" in your network hardware. A
lot of old gear isn't going to support it. But DHCP was no different.
PS: Don't read into this... I hate SLAAC and RA, more than most people.
(it's been a bad idea from day one.)
More information about the NANOG