Re: Recovering from multiple routers advertising routes
On Wednesday, May 14, 2003, at 10:56 AM, Bill Cerveny wrote:
My questions:
- What is the recommended set-up for Linux servers which are not
set-up as routers? In my opinion, allowing a server to add
addresses/routing every time a router starts advertising rogue
addressing blocks is dangerous and should be avoided.
Look in /proc --- you can turn of IPv6 autoconf.
-- How is an IPv6 default route added in Debian?
I think the kernel does it when in IPv6 autoconf.
-- Various resources maintain that adding a default route in Linux is
problematic and should be avoided. Is this still the case in general
and/or with Linux?
It was only ever a problem with IPv6 forwarding. Without forwarding
(i.e., a host, not a router) I don't think it ever was a problem.
- How does one recover from receiving a router advertisement from a
rogue router without rebooting the Debian Linux system?
route -6, route -A inet6, or ip route
-- Are there any IPv6-specific limitations in the "route" command?
Yes, you really should use "ip route." route -6 works reasonably well.
-- Are there any lower-level ways of removing IPv6 routes without
"route"?
ip route. Downing the interface also works.
- Finally, a general question which perhaps isn't appropriate for this
list, but I'm interested in the scope of the problem. One of the
engineers who introduced a rogue router argued that allowing a router
to confuse the IPv6 network with router advertisements is a major flaw
in the protocol.
A rogue DHCP server does the same thing. How's it different?
Reply to: