In your letter dated Tue, 15 Apr 2014 09:46:38 -0400 you wrote: >Le 2014-04-15 07:28, Toke H=F8iland-J=F8rgensen a =E9crit : >> Simon Perreault <[email protected]> writes: >> = > >>> Correct. But if DHCP or RAs are not filtered at layer 2, a rogue user >>> can already do this today without this extension. >> = > >> Right, to a certain extent that is true, of course; but not in the same >> drive-by fashion where a single packet can put everyone offline (if the >> option is not in the regular announcements). > >Sure it can. Just send them to a non-existing default gateway. Unless I >misunderstood your point.
Right now, on any network that doesn't do IPv6, sending RAs has marginal effect. Certainly traffic within the site would be unaffected if there are no IPv6 addresses in DNS. With an RA that kills IPv4, that changes dramatically. Sounds like something no sane OS vendor would enable by default. >From an OS perspective, I'd rather have this option in DHCPv4. That part of the code knows about IPv4. Getting the IPv6 stack to tell the IPv4 stack to shutdown is complicated and probably won't be implemented until enough people bitch about it (and how stupid the IETF was) for quite some time. _______________________________________________ homenet mailing list [email protected] https://www.ietf.org/mailman/listinfo/homenet
