IPv6 Deployment for the LAN
Ray Soucy
rps at maine.edu
Thu Oct 22 21:34:07 UTC 2009
It's certainly encouraging to see how there is such consensus among
NANOG on IPv6 deployment. :-)
Recent exchanges seem to be getting a little personal, so we might
want to take a step back and breath.
I don't think adding default gateway support to DHCPv6 will have much
of an impact, but I'm OK with people trying to get it implemented.
Another tool in the box. I just wouldn't hold your breath waiting for
it.
I think the better approach is to take a firm stand on security and
make RA gaurd and DHCPv6 snooping expected for network devices. These
problems will still exist if default gateway options for DHCPv6 get
implemented.
As for RA taking down a network quickly, well, it can be restored
quickly too. The fact that RA is actually responsive can be a benefit
in some situations.
Hopefully if anything has come out of this thread its that both
stateless and stateful configuration have a place in IPv6, and that
there is still work to be done before IPv6 is really ready for the
enterprise LAN.
Others may have their specific requests from vendors, but here are mine:
1. Include DHCPv6 client functionality as part of any IPv6 implementation.
2. Support RA-gaurd and DHCPv6 snooping in L2 network infrastructure.
A lot of the frustration seems to come from Windows ICS acting as an
IPv6 router. I think everyone here has been after Microsoft to either
remove ICS or make it more difficult to enable at one point or
another. While a rogue RA can come from anywhere, Windows is usually
the guilty party. I would argue that since NAT is not a component of
IPv6, no host should be implementing ICS-like functionality for IPv6.
It's unlikely that there would be a situation on an IPv6 network that
a host needed to share it's IPv6 address to get others online.
Just my thoughts. Maybe someone from Microsoft who can do something
about it lurks on this list.
--
Ray Soucy
Communications Specialist
+1 (207) 561-3526
Communications and Network Services
University of Maine System
http://www.maine.edu/
More information about the NANOG
mailing list