Unwanted RA on LAN

Brian E Carpenter brian.e.carpenter at gmail.com
Wed Mar 9 19:35:30 CET 2011


Tim, these are 6to4 addresses. Is there a specific reason for that, do you think?

Regards
   Brian

On 2011-03-09 20:14, Tim Chown wrote:
> On 9 Mar 2011, at 07:05, Rod James Bio wrote:
> 
>> Hello,
>>
>>    I've been seeing 2002:ca5a::/32 advertise on our LAN recently, actually it's two /64 advertised by two machine. I was wondering if anybody had any past experience on this? I would like to know what application or operating system feature is causing this so I could disable it and remove this RA's on our LAN. Already search Google about this but no luck in finding anything. Below is the output of ifconfig on my workstation. Thank you.
>>       inet6 addr: 2002:ca5a:9f36:4:216:eaff:fec5:ebc/64 Scope:Global
>>       inet6 addr: 2002:ca5a:9f5a:9:216:eaff:fec5:ebc/64 Scope:Global
>>
>> Rod
>>
> Almost certainly a Windows box with ICS turned on.    See RFC6104 on rogue RAs.
> 
> Try http://ramond.sourceforge.net as one way to deprecate them (albeit a hack), otherwise wait for implementations of RA Guard (RFC6105), or add ACLs to filter the RAs on switch ports that don't have router interfaces upstream.  
> 
> Tim


More information about the ipv6-ops mailing list