Bill, You should check out the work of the Secure Neighbour Discovery (SEND) Working Group in the IETF which is working hard right now to address this issue, and also the broader issue of securing the Neighbour Discovery procedure in IPv6.
http://www.ietf.org/html.charters/send-charter.html Regards, Mat. ---------- On Wednesday 14th May, 2003, Bill Cerveny wrote: This was also the engineer's point -- he felt IPv4 DHCP was broken in this manner and this broken behavior was being perpetuated via IPv6 router advertisements. I did find a mention of something similar to this problem in an IETF Internet-draft for proposed extensions to router advertisements at <http://www.ietf.org/internet-drafts/draft-ietf-ipv6-router-selection-02.tx t>, although no solutions were offered: A malicious node could send Router Advertisement messages, specifying High Default Router Preference or carrying specific routes, with the effect of pulling traffic away from legitimate routers. However, a malicious node could easily achieve this same effect in other ways. For example, it could fabricate Router Advertisement messages with zero Router Lifetime from the other routers, causing hosts to stop using the other routes. Hence, this document has no new appreciable impact on Internet infrastructure security. Bill