The Wi-Fi MAC protocol has a pair of header bits that mean from AP
and to AP. In ad-hoc mode, a designated station acts as an AP, so
that's nothing special. There are a couple of non-AP modes for direct
link exchanges and peer-to-peer exchances that probably don't set from
AP but
Adrian Chadd adr...@creative.net.au wrote:
As already said, wireless in infrastructure mode (with access points)
always sends traffic between clients through the access point, so a
decent AP can filter this.
How does the client determine that the traffic came from the AP versus
another
And of course, a rogue RA station would _NEVER_ mess with that bit
in what it transmits...
Uh, yeah.
Owen
On Nov 7, 2009, at 2:41 AM, Richard Bennett wrote:
The Wi-Fi MAC protocol has a pair of header bits that mean from AP
and to AP. In ad-hoc mode, a designated station acts as an AP,
It's not all that easy unless the dude has hacked the device driver.
Owen DeLong wrote:
And of course, a rogue RA station would _NEVER_ mess with that bit
in what it transmits...
Uh, yeah.
Owen
On Nov 7, 2009, at 2:41 AM, Richard Bennett wrote:
The Wi-Fi MAC protocol has a pair of header
: Bernhard Schmidt; nanog@nanog.org
Subject: Re: {SPAM?} Re: IPv6 Deployment for the LAN
It's not all that easy unless the dude has hacked the device driver.
Owen DeLong wrote:
And of course, a rogue RA station would _NEVER_ mess with that bit
in what it transmits...
Uh, yeah.
Owen
On Nov 7
On Sat, Oct 24, 2009 at 11:33 PM, Karl Auer ka...@biplane.com.au wrote:
On Fri, 2009-10-23 at 20:48 -0700, Joel Jaeggli wrote:
the mac address of the rouge server
pedantic
It's R-O-G-U-E - rogue.
Rouge is French for red and English for red make-up.
Also the name of the Ford assembly plant
On wireless networks you can note the mac address of the rouge server
and dissociate it from the wireless network, this is rather similar to
what we did on switches prior to dhcp protection, it is reactive but it
certainly can be automatic.
Some controller based wireless systems have ips or nac
On Fri, 2009-10-23 at 20:48 -0700, Joel Jaeggli wrote:
the mac address of the rouge server
pedantic
It's R-O-G-U-E - rogue.
Rouge is French for red and English for red make-up.
/pedantic
Regards, K.
--
~~~
Karl Auer
On Sun, 25 Oct 2009 17:33:34 +1100
Karl Auer ka...@biplane.com.au wrote:
On Fri, 2009-10-23 at 20:48 -0700, Joel Jaeggli wrote:
the mac address of the rouge server
pedantic
It's R-O-G-U-E - rogue.
Rouge is French for red and English for red make-up.
/pedantic
Also the colour of
On Fri, Oct 23, 2009 at 12:50:47PM +1300, Perry Lorier wrote:
I've implemented myself a system which firewalled all ARP within the AP and
queried the DHCP server asking for the correct MAC for that lease then sent
the ARP back (as well as firewalling DHCP servers and the like). It's
quite
This to me is one of the least credible claims of the RA/SLAAC crowd.
On the one hand we have carriers around the world with millions and
millions of customers getting default routes and other config through
DHCPv4 every day. And most of the time it actually works very well!
On the other
In a message written on Thu, Oct 22, 2009 at 03:23:13PM -0400, Ray Soucy wrote:
If the argument against RA being used to provide gateway information
is rogue RA, then announcing gateway information though the use of
DHCPv6 doesn't solve anything. Sure you'll get around rogue RA, but
you'll
Sorry, not buying it.
The solution here, and one that is already being worked on by vendors,
is RA gaurd, not changing DHCPv6 in an effort to bypass RA.
What your proposing as a solution isn't much of a solution at all but
just a (seemingly) lesser problem.
On Thu, Oct 22, 2009 at 3:29 PM, Leo
In a message written on Thu, Oct 22, 2009 at 03:42:19PM -0400, Ray Soucy wrote:
The solution here, and one that is already being worked on by vendors,
is RA gaurd, not changing DHCPv6 in an effort to bypass RA.
Port based solutions don't work well on wireless networks and other
mediums.
--
Really. How do we deal with rouge DHCP on the wireless LAN, obviously
this is such a complex issue that we couldn't possibly have a solution
that could be applied to RA.
On Thu, Oct 22, 2009 at 3:50 PM, Leo Bicknell bickn...@ufp.org wrote:
In a message written on Thu, Oct 22, 2009 at 03:42:19PM
On Thu, Oct 22, 2009 at 03:57:40PM -0400, Ray Soucy wrote:
Really. How do we deal with rouge DHCP on the wireless LAN, obviously
this is such a complex issue that we couldn't possibly have a solution
that could be applied to RA.
Rogue DHCP doesn't immedately take down the entire subnet of
Correct.
Not sure if you got the sarcasm in that last reply...
As far as I'm concerned, a rogue is a rogue. Knowing about it the
instant it happens might even be better than slowly coming to the
realization that you're dealing with one. The point is that we need
to address rogues regardless of
On Oct 22, 2009, at 12:23 PM, Ray Soucy wrote:
This to me is one of the least credible claims of the RA/SLAAC crowd.
On the one hand we have carriers around the world with millions and
millions of customers getting default routes and other config through
DHCPv4 every day. And most of the time
Original Message
From: Ray Soucy r...@maine.edu
Or is it that you want IPv6 to be a 128-bit version of IPv4?
Yes, this is in fact exactly what the network operators keep saying.
RA is a
good idea and it works. You can add options to DHCPv6, but I don't
see many vendors
Owen DeLong wrote:
Not at all. People are not saying RA has to go away. They are saying we
need the option of DHCPv6 doing the job where we do not feel that RA is
the correct tool.
Then let me say it. RA needs to be able to be completely turned off.
DHCPv6 needs to be able to
Port based solutions don't work well on wireless networks and other
mediums.
Something like PSPF then? (assuming it works properly on IPv6 multicast ...
)
/TJ
Then let me say it. RA needs to be able to be completely turned off.
DHCPv6 needs to be able to completely configure all requesting hosts.
Those two statements are not synonymous ...
Sure, leave RA in the IPv6 stack. The market will decide, and we will see if
it is still on by default on
On Oct 22, 2009, at 4:32 PM, Ray Soucy wrote:
Knowing about it the
instant it happens might even be better than slowly coming to the
realization that you're dealing with one.
Might just be me, but I'm more worried about the rogue RA (or DHCPv4)
server that does not disrupt communication at
On Thu, Oct 22, 2009 at 03:57:40PM -0400, Ray Soucy wrote:
Really. How do we deal with rouge DHCP on the wireless LAN, obviously
this is such a complex issue that we couldn't possibly have a solution
that could be applied to RA.
There are some wireless equipment that claim to have a setting
On Oct 22, 2009, at 2:31 PM, TJ wrote:
Then let me say it. RA needs to be able to be completely turned
off.
DHCPv6 needs to be able to completely configure all requesting hosts.
Those two statements are not synonymous ...
They may not be synonymous, but, there is a set of operators
I generally agree with the design of RA and using DHPCv6 as a
supplement to it. The problems here seem to be more along the lines
of implementation in clients. I suspect it will take some time for
the dust to settle and vendors to get their act together.
I notice that Cisco has a prefix
And not just Cisco, IIRC it is an open standard anyone can implement ... ?
Here is the work being done on RA-Gaurd:
http://tools.ietf.org/html/draft-ietf-v6ops-ra-guard-03
--
Ray Soucy
Communications Specialist
+1 (207) 561-3526
Communications and Network Services
University of Maine
27 matches
Mail list logo