On Feb 3, 2010, at 7:34 AM, Suresh Krishnan wrote: > Hi Dusan, > It is not clear to me where the denial of service occurs. This is just a > configuration error on the router (to have such small lifetimes).
That is my thought as well. Bob > > NOTE: RFC2462 has been obsoleted by RFC4862. > > Cheers > Suresh > > On 10-02-02 12:37 PM, Dusan Mudric wrote: >> Hi, >> Is there a mechanism to protect against a denial of service attack using >> prefixes with very small Valid Lifetimes? RFC 2462, section 5.5.3 e) talks >> about it but does not seam to cover the scenario where: >> 1) A user defines a small Preferred and Valid Lifetimes >> (i.e., 10sec and 15sec), and >> 2) The initial Router Advertisement message has very small >> Preferred and Valid Lifetimes for a Prefix, and >> 3) The received Lifetime is equal to Stored Lifetime. >> With the small lifetime, address expires quickly and is created soon after. >> Applications using this address go up and down periodically and get into >> trouble. >> Have this issue already been addressed? >> Regards, >> DuĊĦan Mudric' >> Software Architect >> Avaya > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
