DHCPv6-Shield: Protecting Against Rogue DHCPv6 Servers
draft-ietf-opsec-dhcpv6-shield-00
| Document | Type | Expired Internet-Draft (opsec WG) | |
|---|---|---|---|
| Authors | Fernando Gont , Will (Shucheng) LIU , Gunter Van de Velde | ||
| Last updated | 2013-06-15 (Latest revision 2012-12-12) | ||
| Replaces | draft-gont-opsec-dhcpv6-shield | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Formats |
Expired & archived
plain text
htmlized
pdfized
bibtex
|
||
| Reviews |
SECDIR Last Call review
(of
-04)
Has Nits
OPSDIR Last Call review
(of
-04)
Has Nits
GENART Last Call review
(of
-04)
Almost Ready
|
||
| Stream | WG state | WG Document | |
| Document shepherd | (None) | ||
| IESG | IESG state | Expired | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
https://www.ietf.org/archive/id/draft-ietf-opsec-dhcpv6-shield-00.txt
Abstract
This document specifies a mechanism for protecting hosts connected to a broadcast network against rogue DHCPv6 servers. The aforementioned mechanism is based on DHCPv6 packet-filtering at the layer-2 device on which the packets are received. The aforementioned mechanism has been widely deployed in IPv4 networks ('DHCP snooping'), and hence it is desirable that similar functionality be provided for IPv6 networks.
Authors
Fernando Gont
Will (Shucheng) LIU
Gunter Van de Velde
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)