In message <32825.1296757039@localhost>, Valdis.Kletnieks@vt.edu writes:
--==_Exmh_1296757039_6170P Content-Type: text/plain; charset=us-ascii
On Thu, 03 Feb 2011 09:18:25 +1100, Mark Andrews said:
Or you just filter them out in the laptop. With the proper tools you just ignore and RA's containing 2002:. Done that for years now.
You're welcome to stop by and fix 30,000+ systems here, most of which we do *not* have administrative control over because they're personal laptops and t he like. For most of these users, if it doesn't do the filtering correctly out of the box when they pick it at Best Buy or Walmart or whatever, it isn't going to get reconfigured. (We do provide a free "configure your box for our network" CD that does all this stuff and installs a site-licensed AV and all that, but no t everybody actually uses it, and there's no really good way to mandate it - an d anyhow, that's a purely local fix for a problem that's more than local).
(We'll overlook the fun and games that start when you have a laptop that travels between a site where 2002:: is verboten, and another where 2002:: is the way it has to be done... Doesn't happen much.. *yet*. Good luck explaini ng *that* to Joe Sixpack)
Joe sixpack is quite capable of learning this stuff. That said modern OS also come with connection profiles which make this even easier and will reduce the incidents of rougue RA as DHCP as connection sharing gets tied to the profile. Additionally connection sharing will shift for using 6to4 to doing prefix delegation. OS vendors that support connection sharing should also look at the IPv6 CPE draft as lots of that is applicable. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org