Rogue IPv6 Router Advertisement detection and mitigation

IPv6 global unicast stateless address auto-con guration (SLAAC) is one of the processes used by a host to assign a routable IPv6 address to a multicast enabled interface without the use of any servers like DHCPv6. The host generates its own address using a combination of locally available informa- tion and a valid pre x informations advertised by routers on a speci ed link and con gures the corresponding global unicast addresses for each adver- tised pre xes on the interface. In addition the host creates a default route entry in the default routers list for every advertising router with a valid Router Lifetime entry. Unintended hosts and routers miscon gurations, by users or network ad- ministrators, may lead to rogue RAs being present, which in turn can cause operational problems for hosts on the network. In this technical report we describe the network monitoring tool we developed to detect and mitigate rogue IPv6 router advertisements. The tool has been integrated as an ex- tension to the 6MoN monitoring software which we described in a previous technical report (1).