disabling client use of SLAAC
Mark Smith
nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org
Sun Mar 7 01:41:40 CET 2010
On Sun, 07 Mar 2010 00:42:51 +0100
Bernhard Schmidt <berni at birkenwald.de> wrote:
> On 06.03.2010 22:41, Mark Smith wrote:
>
> Bernhard
>
> >> Autoconf doesn't work for on>64 bit prefixes, so extending it to an 80
> >> is a [interesting] way of disabling it completely.
> > So is announcing RA Prefix Information options without the
> > autonomous address-configuration flag set. I'd doubt anybody
> > would be willing to standardise hack like that when there is already a
> > proper way to stop nodes autoconfiguring addresses.
>
> Except it doesn't work everywhere, for example it's not available in the
> most recent NX-OS 4.2 (Cisco Nexus 7000). You can either do "ipv6 nd
> suppress-ra" on that platform (which had (has?) the nasty problem of one
> RA being sent during software upgrade, hello SLAAC on >500 cluster
> hosts), or use a prefixlen != /64.
>
So the IETF should develop and standardise another mechanism to disable
address autoconf, and then have all implementations of IPv6 (routers and
end-nodes) be updated to support it, just because Cisco haven't
got around to implementing the cli option to flip a bit in an RA option
on one of their product lines?
I think this is clearly a Cisco issue, not an IETF one, so Cisco are
the ones who need to fix it. Lodge a fault with them.
> Bernhard
More information about the ipv6-ops
mailing list