[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Wed, 2 Feb 2011, Tony Finch wrote:

> On Wed, 2 Feb 2011, Iljitsch van Beijnum wrote:
>> Example: if you give administrators the option of putting a router
>> address in a DHCP option, they will do so and some fraction of the time,
>> this will be the wrong address and things don't work. If you let routers
>> announce their presence, then it's virtually impossible that something
>> goes wrong because routers know who they are. A clear win.
> Counterexample: rogue RAs from Windows boxes running 6to4 or Teredo and
> Internet Connection Sharing. This is a lot harder to fix than a
> misconfigured DHCP server.
> http://malc.org.uk/6doom

Force your switch vendor to implement rogue RA filter (ra guard) in your 


Best Regards,
 	Janos Mohacsi