1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
|
*****************************************************
* *
* MIS-CONFIGURATION WILL DESTROY YOUR NETWORK *
* *
*****************************************************
Recommended Hardware:
The author intended this program to run on one machine with two network
cards. One card (the monitoring interface) uses 802.1q and connects to
a switch trunk port. Virtual interfaces should be created for every vlan
that needs monitoring.
There is no need for the monitoring interface to be registered on any
of these networks. You are advised to use the operating systems firewall
to block all non-icmpv6 traffic entering/leaving the monitoring
interface. (this includes IPv4 traffic).
The second 'management interface' sits on a trusted network, where no
rogue routers will ever appear. Your <execute/>d scripts should use
this interface for outbound notifications. If you need to administer
the machine, it should be via this interface.
You should disable all auto configuration and ip-forwarding features
of the machine.
Configuration:
The sample configuration contains an explanation of the xml syntax
required.
The path to the configuration file is passed using the`-c' command-line
option. A few obvious places are checked if this is missing.
Only <clear/> routes that you know should never appear on a link.
Notification is always the best policy.
Do not <clear/> a route that you own, even if it is on the wrong link,
the two networks may be joined at the link-layer, you will DOS your own
network.
Logging:
Ramond _will_not_ log every Router-Advert it sees. On a medium sized
deployment this can be ~10M a day.
If you want a log of every RA, either parse the messages coming to
stdout, or `<execute/>' a script which generates your log.
Messages that affect the programs operation are written to the log-file
and syslog. These are messages like `file not found' or `could not open
raw socket'.
|
