Some possible solutions (In no particular order) Manually configure the default router Liable to introduce mistakes and management complexity Use SeND/IPsec Potentially complex, only one public implementation? Implement RA ‘snooping’ in switches Attractive for its simplicity, but requires configuration Use router preference option (RFC4191) Optional feature, can be used by attacker anyway |