[152176] in North American Network Operators' Group
Re: Automatic IPv6 due to broadcast
daemon@ATHENA.MIT.EDU (Arturo Servin)
Mon Apr 16 15:33:13 2012
From: Arturo Servin <arturo.servin@gmail.com>
In-Reply-To: <CAJ0+aXay94WmoCqOtx_NydaRVf9y9xKQXiQBHxQZiYs4-STU_Q@mail.gmail.com>
Date: Mon, 16 Apr 2012 16:32:22 -0300
To: Anurag Bhatia <me@anuragbhatia.com>
Cc: NANOG Mailing List <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Anurag,
You have a rogue RA in your network. Now is just an annoying =
DoS, but it can easily be turned in a real security concern.
I suggest to either deploy properly IPv6 or disable it. I am =
more on the former, but it is your choice.
Regards
-as
On 16 Apr 2012, at 15:09, Anurag Bhatia wrote:
> Hello everyone
>=20
>=20
>=20
> Just got a awfully crazy issue. I heard from our support team about =
failure
> of whois during domain registration. Initially I thought of port 43 =
TCP
> block or something but found it was all ok. Later when ran whois =
manually
> on server via terminal it failed. Found problem that server was =
connecting
> to whois server - whois.verisign-grs.com. I was stunned! Server got =
IPv6
> and not just that one - almost all. This was scary - partial IPv6 =
setup and
> it was breaking things.
>=20
> In routing tables, routes were all going to a router which I recently =
setup
> for testing. That router and other servers are under same switch but =
by no
> means I ever configured that router as default gateway for IPv6. I =
found
> option of "broadcast" was enabled on router for local fe80... address =
and I
> guess router broadcasted IPv6 and somehow (??) all servers found that =
they
> have a IPv6 router on LAN and started using it - automated DHCP IPv6?
>=20
> I wonder if anyone else also had similar issues? Also, if my guesses =
are
> correct then how can we disable Red Hat distro oriented servers from =
taking
> such automated configuration - simple DHCP in IPv6 disable?
>=20
>=20
>=20
>=20
> Thanks
>=20
> --=20
>=20
> Anurag Bhatia
> anuragbhatia.com
> or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected
> network!
>=20
> Twitter: @anurag_bhatia <https://twitter.com/#!/anurag_bhatia>
> Linkedin: http://linkedin.anuragbhatia.com
