turning on comcast v6

Matthew Kaufman matthew at matthew.at
Fri Jan 3 04:57:14 UTC 2014

On 12/30/2013 4:56 PM, Owen DeLong wrote:
> You can accomplish the same thing in IPv4….
> Plug in Sally’s PC with Internet Connection Sharing turned on and watch as her
> DHCP server takes over your network.

Not nearly as fast as bad RAs do (as others have pointed out).

> Yes, you have to pay attention when you plug in a router just like you’d have to pay attention if you plugged in a DHCP server you were getting ready to recycle.

But the ability to plug in a not-router and break things is oh so much 
> Incompetence in execution really isn’t the protocol’s fault.

But it is the protocol designer's fault... and once shipped, the 
protocol's fault. There's all sorts of things that were known at the 
time IPv6 was designed that the designers failed to build solutions for. 
As an example, routers *could* be a lot smarter about sending RAs on a 
network where routers are already present, but that's not in the spec.

Neither the ND DOS attack nor the need to protect against bogus RAs on 
every port of your switch but one (or rarely, two) are things that 
should have been a post-deployment surprise (to name just a couple pet 
peeves of mine... there's more design flaws that could have been easily 
avoided had enough people cared to do so).

Matthew Kaufman

More information about the NANOG mailing list