What's a good budget option for switching a small lab or office ipv6 with RA Guard, DHCP6 snooping, and ICMP6 snooping?
Krunal Shah
Network Analyst, IP & Transport Network Engineering
O: 416-855-1805
kshah@primustel.ca
If you do deploy this, please take a look at the issues discussed in
RFC7113. Similar stuff is likely to apply to DHCPv6 snooping et al.
Thanks!
Best regards,
Not suggesting there is no use case of RA Guard, DHCP6 Snooping, ICMP6
snooping, as I deployed IPv4 equivalent pretty much the day they were
available on 3560.
You might want to consider de-perimeterisation. Do you offer way to
connect to intranet from Internet? If so, why not use same method in
office, and have equivalent 0 trust on office infra? Additional
benefit is OPEX reduction by not having users submit tickets 'X works
from VPN but not from office' and vice versa.
What's a good budget option for switching a small lab or office ipv6
with RA Guard, DHCP6 snooping, and ICMP6 snooping?If you do deploy this, please take a look at the issues discussed in
RFC7113. Similar stuff is likely to apply to DHCPv6 snooping et al.
experiences vary, if you're looking to experience them first hand, warts
implementation details and all, juniper ex2300c, cisco 3560cx are both
small variants of both providers lower-end layer2/3 switches and are
relatively inexpensive, fairly feature rich platforms.
joel