-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 1/6/2014 1:08 PM, Owen DeLong wrote:
> The port isn't particularly trusted, but it is allowed to send RAs > which are forwarded to the network by default. Obviously a sane > switch would allow this configuration to be changed. We're not > talking about the security model for a network, we're talking about > the default behavior of a switch. > > Defaults are, inherently guesses to some extent. Nonetheless, a > switch must have some default behavior. > > It seems to me that in the case of switches which have otherwise > designated uplink ports, it is logical to make those ports default > to RA allowed while defaulting to not allowing RAs from other ports > by default. Some people do not want switches making IP address assignments. That's all. :-) - - ferg - -- Paul Ferguson PGP Public Key ID: 0x54DC85B2 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iF4EAREIAAYFAlLLHpMACgkQKJasdVTchbL6+gEApBli/t4RF4Eq3XroJkqrRmgn 9WYSy2ReVwo7Bx9l+PMA/16zyzwOgG4fdNc9zgt0A4Pb+dGpMBx8LkRY6Kj71F5t =J8uY -----END PGP SIGNATURE-----
