NDP has one last really interesting feature. NDP is responsible for announcing routers. This is the first really new-to-us feature we've come across.
As anyone who has tried to manage a network knows, configuring the hosts on it can be difficult and tedious using static addressing. DHCP is a necessary feature. With the increase of address space, the lack of a true broadcast, etc, the thoughts of the designers was that the network could configure itself. IPv6 can configure itself (we'll talk about how later), but one of the mechanisms it uses to pass data on network configuration to a host is via a 'Router Advertisement'.
Router advertisements contain details of how network hosts should be configured and what the network looks like from the client's perspective. It only contains IP addressing details and NOT DNS/NTP/WINS and other such features we expect from DHCP. Oh, and router advertisements are ideally _only_ sent by routers.
In 1998, the term 'router' was very specific. Routers were run by network administrators, and very few OSs (and even fewer deployed) that had the features to route traffic in any sort of robust fashion outside of a device specifically built to route packets. NAT devices were not as widespread as they are now. So in 1998, it was completely expected that only routers would want to advertise routes. This is somewhat laughable in 2010, but this is how it works. It is a non-negotiable function of the protocol.
A device which presents as a 'rogue router' works in much the same way as a 'rogue DHCP' server. It would have the potential to knock a system offline. There is a priority feature, so what happens to hosts depends on what a client's default behavior is, what the legitimate routers are doing, and what the particular circumstances of the rouge router is. We're going to talk about some of the security issues around this later, but lets move on to what these route advertisements are used for.... configuring IPs.
No comments:
Post a Comment