I can also take down a network with spanning-tree, but oh wait, we protect against that don't we.
Maybe protecting against rogue RA to begin with would be a better idea than waiting until a problem happens. Just saying. On Fri, Jun 10, 2011 at 9:47 AM, Leo Bicknell <bickn...@ufp.org> wrote: > In a message written on Fri, Jun 10, 2011 at 09:37:11AM -0400, Ray Soucy > wrote: >> You really didn't just write an entire post saying that RA is bad >> because if a moron of a network engineer plugs an incorrectly >> configured device into a production network it may cause problems, did >> you? > > No, I posed the easiest way to recreate this issue. > > I've seen the entire NANOG and IETF lans taken out because some > dork enabled microsoft connecting sharing to their cell card. > > I've seen entire corporate networks taken out because someone ran > the patch cable to the wrong port. > > The point is, RA's are operationally fragile and DHCP is operationally > robust. You can choose to stick your head in the sand about that > if you want, but it's still true. > > -- > Leo Bicknell - bickn...@ufp.org - CCIE 3440 > PGP keys at http://www.ufp.org/~bicknell/ > -- Ray Soucy Epic Communications Specialist Phone: +1 (207) 561-3526 Networkmaine, a Unit of the University of Maine System http://www.networkmaine.net/
