[168042] in North American Network Operators' Group
Re: turning on comcast v6
daemon@ATHENA.MIT.EDU (Owen DeLong)
Mon Jan 6 16:32:49 2014
From: Owen DeLong <owen@delong.com>
In-Reply-To: <52CB1E93.6030806@mykolab.com>
Date: Mon, 6 Jan 2014 13:30:00 -0800
To: fergdawgster@mykolab.com
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 6, 2014, at 13:22 , Paul Ferguson <fergdawgster@mykolab.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 1/6/2014 1:08 PM, Owen DeLong wrote:
>
>> The port isn't particularly trusted, but it is allowed to send RAs
>> which are forwarded to the network by default. Obviously a sane
>> switch would allow this configuration to be changed. We're not
>> talking about the security model for a network, we're talking about
>> the default behavior of a switch.
>>
>> Defaults are, inherently guesses to some extent. Nonetheless, a
>> switch must have some default behavior.
>>
>> It seems to me that in the case of switches which have otherwise
>> designated uplink ports, it is logical to make those ports default
>> to RA allowed while defaulting to not allowing RAs from other ports
>> by default.
>
> Some people do not want switches making IP address assignments. That's
> all. :-)
>
Huh???
I don't think I said anything even remotely like that.
Owen
