Hi,
Is there a mechanism to protect against a denial of service attack using
prefixes with very small Valid Lifetimes? RFC 2462, section 5.5.3 e) talks
about it but does not seam to cover the scenario where:
1) A user defines a small Preferred and Valid Lifetimes (i.e.,
10sec and 15sec), and
2) The initial Router Advertisement message has very small
Preferred and Valid Lifetimes for a Prefix, and
3) The received Lifetime is equal to Stored Lifetime.
With the small lifetime, address expires quickly and is created soon after.
Applications using this address go up and down periodically and get into
trouble.
Have this issue already been addressed?
Regards,
Dušan Mudrić
Software Architect
Avaya
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------
