blocking rogue router advertisements on switches

Steinar H. Gunderson sesse at
Fri May 6 13:50:22 CEST 2011

Den 6. mai 2011 13:06 skrev Gavin McCullagh <gavin.mccullagh at> følgende:
> We also found that setting the priority to "high" on our adverts helped.
> The misconfigured laptops don't seem to do that thankfully.

Note that RA=high will only solve part of the problem; it does not
affect address selection at all, only the routing table decisions. So
if you have a rogue RA with a bogus prefix, the end clients can
happily try to connect through _your_ gateway (since RA=high) using
_their_ prefix, which will probably break.

/* Steinar */
Software Engineer, Google Switzerland

More information about the ipv6-ops mailing list