IPv6 RA-Guard
draft-vandevelde-v6ops-ra-guard-01
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | Gunter Van de Velde , Eric Levy-Abegnoli , Chip Popoviciu , János Mohácsi | ||
| Last updated | 2008-01-28 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
When using IPv6 within a single L2 network segment it is neccesary to ensure that all routers advertising their services within it are valid. In cases where it is not convinient or possible to use SeND [1] a rogue Router Advertisement (RA) [2] could be sent by accident due to misconfiguraton or ill intended. Simple solutions for protecting against rogue RAs are beneficial in complementing SeND in securing the L2 domain for ceratin types of devices or in certain transitional situations. This document proposes a solution to reduce the threat of rogue RAs by enabling layer 2 devices to forward only RAs received over designated ports.
Authors
Gunter Van de Velde
Eric Levy-Abegnoli
Chip Popoviciu
János Mohácsi
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)