The stupidity of trying to "fix" DHCPv6

Ray Soucy rps at maine.edu
Fri Jun 10 13:27:41 UTC 2011


My goodness, this argument comes up a lot.

Firstly, RA isn't broken, and DHCPv6 isn't broken.

Second, work IS being done to provide DHCPv6 with a method of handing
out additional routing information:

http://tools.ietf.org/html/draft-ietf-mif-dhcpv6-route-option-01

So I'm not sure what all the fuss is about here.

Third, the point of keeping RA and DHCPv6 separate was exactly this.
You make a change to RA and it will take 10 years to get implemented;
you add a feature to DHCPv6 and you have a good chance of seeing it
adopted in months rather than years.

While I support the route option in DHCPv6; I support it for
administrators who need non-standard routing setups because they're
stuck on some archaic topology that they are unable to migrate away
from.

I'd counter the OPs assertion that RA is "silly" with the suggestion
of using DHCPv6 only and not RA is even more silly.

The router knows if it's up, the router knows what it's connected to,
the router can making routing decisions in real time.  The DHCPv6
server has no idea if the router is up or what it's connected to
beyond what it's been told, and because updates are infrequent it
makes any changes take very long.

You still need to protect against rogue DHCPv6, and it still needs to
be done at the switch.

Not really sure what everyone is so worked up about here, aside from
wanting IPv6 to be more like IPv4 (ignoring that they were probably
the ones complaining about IPv4 working this way when they were
migrating away from Apple Talk or IPX).

On Fri, Jun 10, 2011 at 8:48 AM, Tim Franklin <tim at pelican.org> wrote:
>> Standing back a little, I can see an argument that IPv6 would be an
>> easier 'sell' if there were two modes of operation, one with only
>> RAs, and one with only DHCPv6.
>
> This +1.
>
> There are plenty of enterprises, employing actual network engineers (allegedly), who are just about getting to grips with CIDR and VLSM.  They are *thinking* about reconfiguring their hosts to stop having 10.x.x.x/8 as the interface address, and letting proxy-arp on the routers worry about which subnets are which.  They *might* have been convinced that an ATM cloud (or sometimes even MPLS!) has robust traffic separation, and they don't need a full mesh of leased lines any more.
>
> IPv6 is hugely scary as it is, without breaking their "hosts and host info" / "routers and routing info" silo model.  Not all of the networking world runs on Internet time :(
>
> Regards,
> Tim.
>
>



-- 
Ray Soucy

Epic Communications Specialist

Phone: +1 (207) 561-3526

Networkmaine, a Unit of the University of Maine System
http://www.networkmaine.net/




More information about the NANOG mailing list