Re: [DNA] Re: RS/RA Exchange

[Greg Daley <greg.daley@eng.monash.edu.au>]

Soliman Hesham wrote:
>  > > I think you want to put any additional information in packets that
>  > > are only sent between the routers. The RAs are sent to 
>  > all-nodes hence
>  > > the hosts will see all these added bytes which they don't 
>  > derive any use from.
>  > 
>  > There's some ideas here which may have parallels with VRRP.
>  > (private - routers only signalling, effects on router
>  > discovery/forwarding).
>  > 
>  > Personally, I think that the lack of security in VRRP is the
>  > killer for using this technology in DNA.  It may be trivial
>  > on a wireless link to become the [fastest responder, VRRP master].
> 
> => But the routers don't have to talk VRRP over the wireless
> link. Surely they can do that on the wired side.

On WLAN with switched ethernet, broadcasts go over the wireless link.

Most switches today treat multicast as broadcast.

So multicast all-routers RA/VRRP goes over the wireless link.

A device which can transmit onto the wirless link will have its
vrrp or all-routers messages bridged onto the wired link, and will
also be able to snoop the status of the conversation from the wired
side.

Since VRRPv6 is unsecured, this is trivial to do.

Greg