On Mon, 19 Mar 2007, Rémi Denis-Courmont wrote:
In short term I think logging can alert admins. I long term a kind of switch assisted solution would nice to have. I am willing to invest some more time to investigate the problem....Yes. Though logging has not been very satisfactory from my personal experience. Even after the "offensive" node was brought down (disabling its port through SNMP), it still took a full week to remove the stall prefix from every other nodes. Worst yet, unplugging the offensive host actually broke everything - it kinda works, albeit slowly and insecurely, as long as the bogus advertiser is up and running.
I am not claiming that log+alert is perfect solution. For a short term, until proper solution is in place, it is better than nothing. The admins knows at least he has to work.... In SLAAC there is no methods to enforce reconfiguration for that one you should use DHCPv6. However I doubt there is lots of DHCPv6 implementation supports server initiated reconfiguration.
By the way, I think It is matter of time that the poorly (auto)configured system will use the higher precedence in their RAs. Maybe a statement would be useful somewhere in IPv6 autoconfig spec, that higher precedence value in RAs must be used only on manually configured, and managed routers....
Regards, Janos Mohacsi Network Engineer NIIF/HUNGARNET