On 10Jan2012 10:00, nullv@xxxxxxx <nullv@xxxxxxx> wrote: | I've been using radvd to set up a group of clients using RA | broadcasts. I also have a group of client PCs using static IPv6 in a | different ::/64 subnet altogether but on the same physical network. The | two networks have to remain separate for security reasons. If they're on the same physical network, they _aren't_ separate from a security standpoint. Forget this. You might configure the machines to not use these addresses using iptables or something, but that is machine-internal policy. If users can plug other things into the network or if any uses can configure a machine's network settings you are not secure. No more than a lot of people in a room agreeing not to look at each other are. If you want actual security, you need two rooms with a door (i.e. two physical networks with a firewalling router). Cheers, -- Cameron Simpson <cs@xxxxxxxxxx> DoD#743 http://www.cskk.ezoshosting.com/cs/ More computing sins have been committed in the name of performance, without necessariliy achieving it, than for all other reasons combined. - Wulf -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
