In fairness, said device can do the same sort of inspection of SLAAC traffic. It just looks at neighbor discovery messages instead of DHCP messages.
<http://tools.ietf.org/html/draft-ietf-savi-fcfs> On Sun, Feb 27, 2011 at 2:17 PM, Leigh Porter <leigh.por...@ukbroadband.com> wrote: > > > On 27 Feb 2011, at 19:07, Antonio Querubin wrote: > >> On Sun, 27 Feb 2011, Mikael Abrahamsson wrote: >> >>> On Sun, 27 Feb 2011, Leigh Porter wrote: >>> >>>> Does anybody have anything neat to keep logs of what host gets what ipv6 >>>> address in an SLAAC environment? >>> >>> You'd have to correlate ND information in the router to some kind of record >>> of who has what MAC address at any given time. With SLAAC the host doesn't >>> "get" an IPv6 address, it "takes" one. >>> >>>> This is often required for legislation compliance. DHCP does this well. >>> >>> Which is one of the reasons why some of us want DHCPv6 support in hosts. >> >> So how does DHCP prevent a host from just taking or hijacking an IP address? >> >> Antonio Querubin >> e-mail/xmpp: t...@lava.net >> > > You can have devices that peek at the DHCP messages and then open filters so > that you at least know that any host that pops up on the network has used > DHCP to obtain an IP address. > > Now you cannot usually prevent somebody from later hijacking that IP address > using a fake MAC unless you do something else as well but at least you have > something of a statefull relationship between an host and the IP address it > uses. > > > -- > Leigh Porter >
