[136383] in North American Network Operators' Group
Re: quietly....
daemon@ATHENA.MIT.EDU (Matt Addison)
Wed Feb 2 16:26:57 2011
In-Reply-To: <20110202211312.GA92881@ussenterprise.ufp.org>
Date: Wed, 2 Feb 2011 16:26:53 -0500
From: Matt Addison <matt.addison@lists.evilgeni.us>
To: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Feb 2, 2011 at 16:13, Leo Bicknell <bicknell@ufp.org> wrote:
> I love this question, because it basically admits the protocol is
> broken. To make RA's even remotely palitable, you need "RA Guard" on
> the switches. This feature does not exist, but if we bring features
> like DHCP guard forward into the IPv6 world, it's the logical solution
> and solves the problem.
RA Guard has been described in RFC 6105 (still draft, but standards track),
so that particular problem should be taken care of once vendors start
shipping code. It doesn't even require SeND- although it does accomodate it.
~Matt
