- File formats:
- BEST CURRENT PRACTICE
- F. Gont
G. Van de Velde
- opsec (ops)
Cite this BCP: TXT
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
This document specifies a mechanism for protecting hosts connected to a switched network against rogue DHCPv6 servers. It is based on DHCPv6 packet filtering at the layer 2 device at which the packets are received. A similar mechanism has been widely deployed in IPv4 networks ('DHCP snooping'); hence, it is desirable that similar functionality be provided for IPv6 networks. This document specifies a Best Current Practice for the implementation of DHCPv6-Shield.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.