DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers
draft-ietf-opsec-dhcpv6-shield-00
| The information below is for an old version of the document | |||||
|---|---|---|---|---|---|
| Document | Type | Expired Internet-Draft (opsec WG) | |||
| Authors | Fernando Gont , Will LIU , Gunter Van de Velde | ||||
| Last updated | 2013-06-15 (latest revision 2012-12-12) | ||||
| Replaces | draft-gont-opsec-dhcpv6-shield | ||||
| Stream | IETF | ||||
| Intended RFC status | (None) | ||||
| Formats |
Expired & archived
pdf
htmlized (tools)
htmlized
bibtex
|
||||
| Reviews | |||||
| Additional Resources |
|
||||
| Stream | WG state | WG Document | |||
| Document shepherd | None | ||||
| IESG | IESG state | Expired | |||
| Consensus Boilerplate | Unknown | ||||
| Telechat date | |||||
| Responsible AD | (None) | ||||
| Send notices to | (None) | ||||
https://www.ietf.org/archive/id/draft-ietf-opsec-dhcpv6-shield-00.txt
Abstract
This document specifies a mechanism for protecting hosts connected to a broadcast network against rogue DHCPv6 servers. The aforementioned mechanism is based on DHCPv6 packet-filtering at the layer-2 device on which the packets are received. The aforementioned mechanism has been widely deployed in IPv4 networks ('DHCP snooping'), and hence it is desirable that similar functionality be provided for IPv6 networks.
Authors
Fernando Gont
(fgont@si6networks.com)
Will LIU
(liushucheng@huawei.com)
Gunter Van de Velde
(gunter@cisco.com)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)