[167988] in North American Network Operators' Group
Re: turning on comcast v6
daemon@ATHENA.MIT.EDU (Gary Buhrmaster)
Fri Jan 3 12:35:43 2014
In-Reply-To: <AB40F49B-A132-463C-9A5E-FA7E886BD13A@ufp.org>
Date: Fri, 3 Jan 2014 17:35:16 +0000
From: Gary Buhrmaster <gary.buhrmaster@gmail.com>
To: Leo Bicknell <bicknell@ufp.org>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, Jan 3, 2014 at 4:09 PM, Leo Bicknell <bicknell@ufp.org> wrote:
....
> Rogue RA's can take down statically IPv6'ed boxes.
>
> Rogue DHCP servers will never affect a statically configured IPv4 box.
I believe that that would depend on whether your configuration
of a static IPv6 address on your box also disabled accepting RA.
On LInux, I believe it is something like net.ipv6.conf.<if>.autoconf=0
and net.ipv6.conf.<if>.accept_ra=0 (could easily be typos there,
doing it from memory). As with much else, your devops
scripts/processes may need to change for IPv6 vs IPv4
(which is why, especially for enterprises, it is not as easy as
just turning it on).
