quietly....

Owen DeLong owen at delong.com
Wed Feb 2 13:10:20 UTC 2011


On Feb 2, 2011, at 4:50 AM, Iljitsch van Beijnum wrote:

> On 2 feb 2011, at 12:39, Owen DeLong wrote:
> 
>> I would point to 6to4 and the RAs coming from Windows Laptops that think they are routers because someone clicked on an ICS checkbox as a counter example that letting things that think they are routers announce their presence is, in fact, proof that it is not only possible that something goes wrong, but, commonplace.
> 
> I didn't say they were necessarily good routers.
> 
No, you said the router always knows better than the DHCP server. This is an example of a common case where
it does not.

> The issue of rogue routers and DHCP servers is a separate one. Obviously if you have rogue RAs but no rogue DHCPv6 then it helps if you can ignore the RAs and put all the info in DHCPv6. But the same bad practices that created rogue RAs can just as easily create rogue DHCPv6 servers so this is not a real solution, just very limited managing of symptoms.
> 
It really isn't. If the DHCP server on a subnet could override the rogue routers RA messages by policy, then, it would actually make it fairly trivial to address this issue.

Unfortunately because administrators don't have that option, we're stuck.

> But there's so much wrong with DHCPv6 that trying to fix it is pretty much useless, we need to abandon DHCP and start from scratch. Good thing IPv6 works just fine without DHCPv6.

This is a clear example of the myopia in the IETF that has operators so frustrated.

Owen





More information about the NANOG mailing list