[112050] in North American Network Operators' Group
RE: IPv6 Confusion
daemon@ATHENA.MIT.EDU (Tony Hain)
Wed Feb 18 16:36:21 2009
From: "Tony Hain" <alh-ietf@tndh.net>
To: "'Owen DeLong'" <owen@delong.com>,
"'Jack Bates'" <jbates@brightok.net>
In-Reply-To: <0C57E3C1-24D7-4A80-823B-9C9C2DB1C428@delong.com>
Date: Wed, 18 Feb 2009 13:36:13 -0800
Cc: 'nanog list' <nanog@nanog.org>
Reply-To: alh-ietf@tndh.net
Errors-To: nanog-bounces@nanog.org
Owen DeLong wrote:
> ...
> If you want SLAAC or RA or whatever, more power to you. Some
> installations
> do not. They want DHCP equivalent functionality with the same
> security model.
It is always amusing when people equate DHCP with security... Outside of
that, I do agree with you that the operational model around DHCP needs to
be complete and stand-alone, just as the RA model needs to be. Right now
neither works stand-alone.
FWIW: there is SEND (RFC 3971) to deal with rouge RA's and other miscreant
behavior. Implementations have been slow to come to market because network
operators are not demanding it from their vendors.
Tony
