Personally, since
I "play" with so many different home routers from different
manufacturers, I don't bother trying any well-known address to get to
the UI. I can't remember who uses what. And I hate reading the manual.
There are so many different values in use, that I find it easier to just
run ipconfig / ifconfig and see what my Default Gateway is set to. Put
that in the browser, and I'm at the router UI.
If there is to be some sort of discovery and then presenting the results
to the user in a friendly manner, then there will need to be an
application that does all this. If there's an application, it probably
doesn't care where the info comes from. Surely somewhere between all the
ND and RA and such, there must be an IPv6 address that can lead an
application to the router, without trying to mandate or recommend
support for some service discovery protocol. I don't need for a device
to advertise that it has an HTTP server at port 80 on a particular IP
address. I just need the device's IP address.
-----Original Message-----
From: owner-v6ops@ops.ietf.org [mailto:owner-v6ops@ops.ietf.org] On
Behalf Of Alain Durand
Sent: Thursday, July 24, 2008 7:23 AM
To: EricLKlein@softhome.net
Cc: v6ops@ops.ietf.org
Subject: Re: New (-02) version of IPv6 CPE Router draft is available for
review
On 7/24/08 6:29 AM, "EricLKlein@softhome.net" <EricLKlein@softhome.net>
wrote:
Having a known address is not the same as advertising it out to anyone
that
is locally connected. Admittedly it is only a short term improvement
until
the fixed address becomes commonly known via the internet, but even
then it
is only a problem if someone comes to the area of a wireless network
where
the security has not been changed from the default.
Consider the situation as follows:
Person x goes and buys a WiFI router to connect to their DSL link. But
prior
to connecting to the DSL they plug it in to configure it. The only way
that
someone would know to try to configure it would be to see it in their
available networks and then recognize the brand and to try to connect
to the
default IP address. Vs. Someone sees a new hotspot advertising a "come
configure me" service. In the first case you need to proactivly go
looking
for things to hack, in the second you are invited in to do so.
Maybe I am alone on this, but I prefer to make the hacker try harder
without
inviting them inside.
Eric,
The property of well known address is that, well, they are well known.
So if
a vendor start to use fe80::1, I guess most vendors will use it and
there is
little guesswork to be done.
Now, with service discovery, I would expect that as soon as the device
is
configured the first time, some king of security will be put in place,
if
only using a password. This can be done before the ISP connection is up.
If
the user decide not to use a passwd or any other form of security, well,
this is a different issue.
I have seen this discovery being implemented already: simply try to
configure an Apple airport.
- Alain.
*****
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential, proprietary, and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from all computers. GA622