If you are running an IPv6 based network with SLAAC, or want to keep an eye on your network to prevent running IPv6, the use of a Neighor Discovery monitor is advisable. Such a monitor will monitor your network segments for rogue RAs (Route Advertisements) which could enable auto configuration or reconfiguration of the IPv6 stack. These RAs are used to instruct the client devices to generate an IPv6 address, enable the IPv6 stack and start the communication over IPv6 whenever the DNS (Domain Name System) returns an IPv6 answer (AAAA resource record) for a host (FQDN).
A free neighbor discovery protocol monitor with logging, alerting and mitigation is available on Sourceforge as “NDPMon“.
Loading ...
