[ipv6hackers] an interesting DHCPv6 DoS

Sander Steffann sander at steffann.nl
Wed Feb 5 01:37:19 CET 2014


Op 4 feb. 2014, om 20:42 heeft Tore Anderson <tore at fud.no> het volgende geschreven:

> * Mark ZZZ Smith
>> One other question though, it also shouldn't be asking for a IA-NA
>> unless you have the M bit (Managed Address bit) switched on in RAs.
>> If you do have it switched on, it would be interesting whether
>> switching it off (just leaving the O bit switched on) would stop the
>> CPE asking for IA-NAs in its DHCPv6 requests.
> I'm not sure this is correct. RFC 6204 implies that a router may start
> DHCPv6 before having even seen an RA:
>   WPD-5:  If the IPv6 CE router initiates DHCPv6 before receiving a
>           Router Advertisement, it MUST also request an IA_NA option in
>           DHCPv6.
> While this has been taken out of RFC 7084, I see no language there that
> forbids a router from requesting IA_NA before it has seen an RA with M=1.

Agreed. While the M=1 hint is a strong one, a CPE isn't prohibited to just try and ask. The DHCP server (if there is one) is always allowed to say No :-)  But asking again and again when getting a negative is very bad behaviour, whether M=0, M=1 or M=unknown.


More information about the Ipv6hackers mailing list