[101275] in North American Network Operators' Group
Re: v6 subnet size for DSL & leased line customers
daemon@ATHENA.MIT.EDU (Leo Bicknell)
Wed Dec 26 11:26:53 2007
Date: Wed, 26 Dec 2007 11:26:03 -0500
From: Leo Bicknell <bicknell@ufp.org>
To: North American Network Operators Group <nanog@merit.edu>
Mail-Followup-To: North American Network Operators Group <nanog@merit.edu>
In-Reply-To: <47709891.4070304@kl.net>
Errors-To: owner-nanog@merit.edu
--YiEDa0DAkWCtVeE4
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
In a message written on Tue, Dec 25, 2007 at 12:43:45AM -0500, Kevin Loch w=
rote:
> RA is a shotgun. All hosts on a segment get the same gateway. I have=20
> no idea what a host on multiple segments with different gateways would=20
> do. Hosting environments can get complex thanks to customer
I would like to point out that in IPv4 we have ICMP Router
Advertisement messages. I have never seen them used on a production
network. I know one of the worries is security, that a compromised host
could send out advertisements, drawing traffic to it that it can then
snoop and pass on to the real gateway.
Having not looked in great detail, I am unclear if IPv6 has done
something to fix this concern or not.
Is this feature going to get turned off when the first worm comes along
that spoofs RA's
--=20
Leo Bicknell - bicknell@ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org
--YiEDa0DAkWCtVeE4
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (FreeBSD)
iD8DBQFHcoB0Nh6mMG5yMTYRAgP5AJ9w9H78/XEBL2YY+KkWCFfI19qGDACeKp8p
ny0ii8OYWZ7A2Drv9ko+NO4=
=73ur
-----END PGP SIGNATURE-----
--YiEDa0DAkWCtVeE4--
