[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [69ATTENDEES] DHCP

To: IPv6 Operations <v6ops@ops.ietf.org>, 69attendees@ietf.org
Subject: Re: [69ATTENDEES] DHCP
From: james woodyatt <jhw@apple.com>
Date: Tue, 24 Jul 2007 13:08:21 -0500
In-reply-to: <EDB09D3C-2A1F-4932-9D7D-56C0C279E48E@muada.com>
References: <20070724151937.B5F6A233C5@coconut.itojun.org> <EDB09D3C-2A1F-4932-9D7D-56C0C279E48E@muada.com>

On Jul 24, 2007, at 12:17, Iljitsch van Beijnum wrote:

On 24-jul-2007, at 10:19, Jun-ichiro itojun Hagino wrote:
good reason to use IPv6 entirely, as long as you have IPv6 DNSserver:-P
[...] A good reason to make sure that it's possible to run IPv6with all that that entails (= DNS resolver addresses) without theneed to run DHCPv6 if running DHCPv6 isn't specifically desired.


dns-sd -Q _domain._udp.local SRV --> /etc/resolv.conf

Quite a thrilling proposal from a security perspective, but it'sworth contrasting with the idea of reserving a global IPv6 anycastaddress for DNS resolving proxy servers. At least with the latter, apublic network operator has an easier time keeping rogue DNSresolvers from poisoning the network. On the other hand, the former*is* clearly BETTER THAN NOTHING, which is what we have now.



--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering

References:
- Re: [69ATTENDEES] DHCP
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: CPE equipments and stateful filters
Next by Date: Re: [69ATTENDEES] DHCP
Previous by thread: Re: cpe simple security and the opportunity cost of stateful packet filters
Next by thread: Re: [69ATTENDEES] DHCP
Index(es):
- Date
- Thread