I’ve just published two new IETF Internet-Drafts, that document the problem of RA-Guard evasion, and propose mitigations.
They are two Internet-Drafts:
- IPv6 Router Advertisement Guard (RA-Guard) Evasion, available at: http://tools.ietf.org/id/draft-gont-v6ops-ra-guard-evasion-00.txt
- Security Implications of the Use of IPv6 Extension Headers with IPv6 Neighbor Discovery, available at: http://tools.ietf.org/id/draft-gont-6man-nd-extension-headers-00.txt
Any comments on these documents will be more than welcome.