Running IPv6 on a large L2 network
Göran Weinholt
weinholt at csbnet.se
Tue Sep 9 12:43:04 CEST 2008
weinholt at csbnet.se (Göran Weinholt) writes:
> In the scenario I posted it doesn't matter if I disconnect the user
> that sent the RA, the network will still be broken for other hosts
> because of the bogus on-link route. To remove the route I might send
> my own RA with the announced prefixes and a very low lifetime, but the
> lowest lifetime allowed according to RFC4862 is two hours (ironically
> changed recently to address a possible DoS...)
Ok, I did some tests and both Linux and Windows Vista will actually
honor a AdvValidLifetime and AdvPreferredLifetime of zero. So now I
just have to write a program that counteracts bad RAs and everything
should be fine.
Thanks for the other suggestions in this thread, but if we could
afford to upgrade to a routed network (with one VLAN per customer or
what have you) we would. :)
Regards,
--
Göran Weinholt,
Network Administrator,
Chalmers Studentbostäder
More information about the ipv6-ops
mailing list