Groups | Search | Server Info | Login | Register
Groups > linux.debian.maint.ipv6 > #142
| From | Michael Richardson <mcr@sandelman.ca> |
|---|---|
| Newsgroups | linux.debian.maint.ipv6 |
| Subject | Re: Limit the number of Router Advertisements processed on an interface |
| Date | 2022-06-15 18:10 +0200 |
| Message-ID | <EyDKF-50sK-17@gated-at.bofh.it> (permalink) |
| References | <EyCbT-4Zr0-3@gated-at.bofh.it> |
| Organization | linux.* mail to news gateway |
[Multipart message — attachments visible in raw view] - view raw
Dheeraj Kandula <dkandula@gmail.com> wrote:
> *Why?*
> This is to avoid DOS attacks using RAs from being bombarded onto a linux
> machine.
Well, you might be able to rate limit them with ip6tables/nftables, but I see
no point in only listening to the first X of them. You might as well just
disable them and configure a static IPv6.
You should also check out "RAGuard" functionality on your L2 switch.
RFC6105.
Back to linux.debian.maint.ipv6 | Previous | Next — Previous in thread | Find similar
Limit the number of Router Advertisements processed on an interface Dheeraj Kandula <dkandula@gmail.com> - 2022-06-15 16:30 +0200
Re: Limit the number of Router Advertisements processed on an interface Marc Haber <mh+debian-ipv6@zugschlus.de> - 2022-06-15 17:50 +0200
Re: Limit the number of Router Advertisements processed on an interface Dheeraj Kandula <dkandula@gmail.com> - 2022-06-15 18:30 +0200
Re: Limit the number of Router Advertisements processed on an interface Dheeraj Kandula <dkandula@gmail.com> - 2022-07-11 22:00 +0200
Re: Limit the number of Router Advertisements processed on an interface Michael Richardson <mcr@sandelman.ca> - 2022-06-15 18:10 +0200
csiph-web