IPv6 Router Advertisement Flags, RDNSS and DHCPv6 Conflicting Configurations: Operational & Security Implications
IPv6 defines several mechanisms for host configuration regarding addresses and DNS information, using Router Advertisements and DHCPv6. This is really good from a flexibility perspective, but, what will happen if there is contradictory configuration information provided by either one source or from more than one source? What if, for instance, the M-flag is set and a prefix information is also advertised with the A flag set? What if RDNSS information is provided from both RAs and a DHCPv6 server? Do hosts follow the aforementioned recommendation? And, what if the contradictory information is provided by RAs sent by two different routers? In all these cases, are there any operational implications, or even worse, can an attacker take advantage of such cases in order to launch (potentially very subtle) attacks?
This white paper examines some interesting cases and attempts to give an indication on what to accept (or not).
Adobe Acrobat Document