disabling client use of SLAAC
Ole Troan
otroan at employees.org
Sun Mar 7 00:59:18 CET 2010
>>> Autoconf doesn't work for on>64 bit prefixes, so extending it to an 80
>>> is a [interesting] way of disabling it completely.
>> So is announcing RA Prefix Information options without the
>> autonomous address-configuration flag set. I'd doubt anybody
>> would be willing to standardise hack like that when there is already a
>> proper way to stop nodes autoconfiguring addresses.
>
> Except it doesn't work everywhere, for example it's not available in the most recent NX-OS 4.2 (Cisco Nexus 7000). You can either do "ipv6 nd suppress-ra" on that platform (which had (has?) the nasty problem of one RA being sent during software upgrade, hello SLAAC on >500 cluster hosts), or use a prefixlen != /64.
this is obviously a bug. I'll speak to my colleagues in NX-OS land to get that fixed.
another workaround may also be to not advertise any prefix on the link at all and just use the RA to advertise the default router. I presume you use manual addressing?
cheers,
Ole
More information about the ipv6-ops
mailing list