nanog mailing list archives
Re: turning on comcast v6
From: Owen DeLong <owen () delong com>
Date: Sat, 4 Jan 2014 11:03:21 -0800
For IPv6, you can become a/the router for a segment with the origination of a single packet. Instantly. That’s something you can never do with DHCPv4.
A router, yes. THE router, not unless the network is very stupidly put together.
Well… Sure, 15 years after DHCP attacks first started being a serious problem… I doubt it will take anywhere near 15 years for RA guard on by default to be the norm in switches, etc.It'll **NEVER** be a default because it breaks too many clueless people's networks. Just like, surprise, DHCP "guard" isn't on by default in any gear I'm aware of.
I disagree. Unlike with DHCP guard, RA guard can make reasonable predictions in most cases. Switches with “uplink” ports designated, for example, could easily default to permitting RAs only from those ports. Owen
Current thread:
- Re: turning on comcast v6, (continued)
- Re: turning on comcast v6 Baldur Norddahl (Jan 03)
- Re: turning on comcast v6 Doug Barton (Jan 03)
- Re: turning on comcast v6 Baldur Norddahl (Jan 04)
- Re: turning on comcast v6 Doug Barton (Jan 06)
- Re: turning on comcast v6 Owen DeLong (Jan 06)
- Re: turning on comcast v6 Matt Palmer (Jan 03)
- Re: turning on comcast v6 Owen DeLong (Jan 03)
- Re: turning on comcast v6 Paul Ferguson (Jan 03)
- RE: turning on comcast v6 Raymond Burkholder (Jan 03)
- Re: turning on comcast v6 Ricky Beam (Jan 03)
- Re: turning on comcast v6 Owen DeLong (Jan 04)
- Re: turning on comcast v6 Ricky Beam (Jan 06)
- Re: turning on comcast v6 Owen DeLong (Jan 06)
- Re: turning on comcast v6 Paul Ferguson (Jan 06)
- Re: turning on comcast v6 Owen DeLong (Jan 06)
- Re: turning on comcast v6 Aled Morris (Jan 06)
- Re: turning on comcast v6 Leo Bicknell (Jan 04)
- Re: turning on comcast v6 Valdis . Kletnieks (Jan 05)
- Re: turning on comcast v6 Leo Bicknell (Jan 06)
- Re: turning on comcast v6 Valdis . Kletnieks (Jan 06)
- Re: turning on comcast v6 Leo Bicknell (Jan 03)