Dale W. Carder wrote: > > On Feb 18, 2009, at 3:00 PM, Nathan Ward wrote: >> On 19/02/2009, at 9:53 AM, Leo Bicknell wrote: >>> >>> Let me repeat, none of these solutions are secure. The IPv4/DHCP model >>> is ROBUST, the RA/DHCPv6 model is NOT. >> >> The point I am making is that the solution is still the same - >> filtering in ethernet devices. >> >> Perhaps there needs to be something written about detailed >> requirements for this so that people have something to point their >> switch/etc. vendors at when asking for compliance. I will write this >> up in the next day or two. I guess IETF is the right forum for >> publication of that. >> >> Is there something like this already that anyone knows of? > > > http://tools.ietf.org/id/draft-chown-v6ops-rogue-ra-02.txt > > This is the last message I recall seeing in v6ops about it: > > "It seems to me that the L2 devices are welcome to perform > whatever filtering they like regardless of any documents > that might come from the IETF. Therefore, I'd like to see > more pros/cons on this." > http://ops.ietf.org/lists/v6ops/v6ops.2008/msg01733.html
There is also: http://tools.ietf.org/html/draft-vandevelde-v6ops-ra-guard-01 > Cheers, > Dale >
