Does a Linux machine know that a Router Advertisement didn't come from a
default router?
I tried to send 2 RA packets using Scapy with the destination as ff02::1.
One packet I sent using the source address of the default router, while the
other using a lower LLA.
The default routes were not gener
Thanks Marc. This is a requirement.
Thus I will conclude that the kernel doesn't limit the number of RAs. I
have to figure out a way to do this from user space.
Dheeraj
On Wed, Jun 15, 2022 at 11:49 AM Marc Haber
wrote:
> On Wed, Jun 15, 2022 at 10:23:18AM -0400, Dheeraj Kandula wrote:
> > Th
Dheeraj Kandula wrote:
> *Why?*
> This is to avoid DOS attacks using RAs from being bombarded onto a linux
> machine.
Well, you might be able to rate limit them with ip6tables/nftables, but I see
no point in only listening to the first X of them. You might as well just
disable them a
On Wed, Jun 15, 2022 at 10:23:18AM -0400, Dheeraj Kandula wrote:
> This is to avoid DOS attacks using RAs from being bombarded onto a linux
> machine.
You have malicious users on your LAN and cannot do anything against
them?
(RAs are link local communication and should not pass over routers,
thus
Hi All,
Is it possible to limit the number of Router Advertisements that will
be processed on an interface or on a Linux device as a whole (either
granularity is fine)?
*For example*, if an interface receives more than 200 RAs within a time
interval, only the first 200 will be processed.
Ther
5 matches
Mail list logo