> > It is true that a bad guy on-link can do a lot of harm, some of which > > can be alleviated by SEND. However, most of other attacks require a > > constant stream of packets, and increase the risk that the attack will > > be detected and traced. The recommendation to turn off the interface > > amplifies the powers of this bad guy: they can kick someone off the > > network with a single packet. In short, just because someone broke in, > > there is no reason to hand her a sledge hammer. > > but then, if we change it to MAY, what is the point in running DAD > process? if you do not disable interface (or the address on the > interface) the owner of the same address will get confused, > peers of the address get confused, you will do bad things to the > original owner of the address.
Disabling the address is OK, as you can always configure a new one. -------------------------------------------------------------------- IETF IPv6 working group mailing list [EMAIL PROTECTED] Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------