> no one is arguing nd/ra be removed entirely, as subnet anycast should be. > the argument is that there are environments where it is not needed and > dhcp should be able to be used in its place.
That's reasonable. There are cases where auto configuration does not work well. A centrally configured solution can mitigate various kind of RA/ND spoofing attacks, in the same way that static configuration can mitigate ARP spoofing attacks. -- Christian Huitema -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
