turning on comcast v6

• Previous message (by thread): turning on comcast v6
• Next message (by thread): turning on comcast v6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/30/2013 4:56 PM, Owen DeLong wrote:
> You can accomplish the same thing in IPv4….
>
>
> Plug in Sally’s PC with Internet Connection Sharing turned on and watch as her
> DHCP server takes over your network.

Not nearly as fast as bad RAs do (as others have pointed out).

>
> Yes, you have to pay attention when you plug in a router just like you’d have to pay attention if you plugged in a DHCP server you were getting ready to recycle.

But the ability to plug in a not-router and break things is oh so much 
greater.
>
> Incompetence in execution really isn’t the protocol’s fault.

But it is the protocol designer's fault... and once shipped, the 
protocol's fault. There's all sorts of things that were known at the 
time IPv6 was designed that the designers failed to build solutions for. 
As an example, routers *could* be a lot smarter about sending RAs on a 
network where routers are already present, but that's not in the spec.

Neither the ND DOS attack nor the need to protect against bogus RAs on 
every port of your switch but one (or rarely, two) are things that 
should have been a post-deployment surprise (to name just a couple pet 
peeves of mine... there's more design flaws that could have been easily 
avoided had enough people cared to do so).

Matthew Kaufman

• Previous message (by thread): turning on comcast v6
• Next message (by thread): turning on comcast v6
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]