[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 Deployment for the LAN

Subject: IPv6 Deployment for the LAN
From: andy at nosignal.org (Andy Davidson)
Date: Sun, 18 Oct 2009 11:02:23 +0100
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]>

On 18 Oct 2009, at 09:22, Mark Smith wrote:

> If it's because somebody could start up a rogue router and announce  
> RAs, I think a rogue DHCPv6 server is (or will be) just as much a  
> threat, if not more of one - I think it's more likely server OSes  
> will include DHCPv6 servers than RA "servers".

Disagree - rogue offers affect people without a lease, so the impact  
of an attack is not immediate.  Filtering DHCP on v4 is well  
understood, an update to current operational practice rather than a  
new system.

On 18 Oct 2009, at 09:29, Nathan Ward wrote:

> RA is needed to tell a host to use DHCPv6

This is not ideal.

Andy

Follow-Ups:
- IPv6 Deployment for the LAN
  - From: nanog at daork.net (Nathan Ward)
- IPv6 Deployment for the LAN
  - From: trejrco at gmail.com (TJ)

References:
- IPv6 Deployment for the LAN
  - From: rps at maine.edu (Ray Soucy)
- IPv6 Deployment for the LAN
  - From: andy at nosignal.org (Andy Davidson)
- IPv6 Deployment for the LAN
  - From: nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org (Mark Smith)

Prev by Date: IPv6 Deployment for the LAN
Next by Date: IPv6 Deployment for the LAN
Previous by thread: IPv6 Deployment for the LAN
Next by thread: IPv6 Deployment for the LAN
Index(es):
- Date
- Thread