Hi All,
Is it possible to limit the number of Router Advertisements that will
be processed on an interface or on a Linux device as a whole (either
granularity is fine)?
*For example*, if an interface receives more than 200 RAs within a time
interval, only the first 200 will be processed.
There are sysctls to *disable* RA completely. i.e.
net.ipv6.conf.default.accept_ra=0,
Disable processing Default routes: net.ipv6.conf.default.accept_ra_defrtr=0
Disable processing Prefix: net.ipv6.conf.default.accept_ra_pinfo=0.
But I want to enable the above 3 functionalities but limit the number of
them being processed.
*Why?*
This is to avoid DOS attacks using RAs from being bombarded onto a linux
machine.
Dheeraj
