mailing list archives
Re: turning on comcast v6
From: Owen DeLong <owen () delong com>
Date: Mon, 6 Jan 2014 13:30:00 -0800
On Jan 6, 2014, at 13:22 , Paul Ferguson <fergdawgster () mykolab com> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
On 1/6/2014 1:08 PM, Owen DeLong wrote:
The port isn't particularly trusted, but it is allowed to send RAs
which are forwarded to the network by default. Obviously a sane
switch would allow this configuration to be changed. We're not
talking about the security model for a network, we're talking about
the default behavior of a switch.
Defaults are, inherently guesses to some extent. Nonetheless, a
switch must have some default behavior.
It seems to me that in the case of switches which have otherwise
designated uplink ports, it is logical to make those ports default
to RA allowed while defaulting to not allowing RAs from other ports
Some people do not want switches making IP address assignments. That's
I don't think I said anything even remotely like that.
Re: turning on comcast v6 Enno Rey (Jan 03)