The rogue dhcp server has to reply faster than the actual one. We don't actually have an protection against rogue dhcp servers currently in my understanding. so if you don't see any it's because there aren't any. joel On Wed, Jun 17, 2009 at 7:08 AM, Michael Sinatra<michael@rancid.berkeley.edu> wrote:
On 6/16/09 3:25 PM, Tom Pusateri wrote:
Shouldn't we see the same problem with rogue DHCP servers in v4?
That's what has always confused me. Part of the reason we may not is that the rogue comes on-line at a time when nobody is doing DHCPDISCOVER and then goes off-line. OTOH, if the rogue sends out just one RA, other machines will configure the address and might even add a candidate route immediately, regardless of whether they already have a v6 address.
However, I have been in other situations where I see RAs in IPv6, but I don't have rogue DHCP issues in v4 on a particular net. (At the same time, we do see a bunch of rogue DHCP servers on our wireless nets at Berkeley.)
michael
_______________________________________________ Attendee mailing list Attendee@nanog.org http://mailman.nanog.org/mailman/listinfo/attendee