IPv6 prefixes longer then /64: are they possible in DOCSIS networks?

• Previous message (by thread): IPv6 prefixes longer then /64: are they possible in DOCSIS networks?
• Next message (by thread): IPv6 prefixes longer then /64: are they possible in DOCSIS networks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Technically this is not true.  SLAAC is not prohibited, it does come with
side affects that complicate the deployment of IPv6.  It is technically
feasible to use SLAAC, it is just not practical in most cases.

Stateful DHCPv6 is the preferred mechanism for address and configuration
assignment.  Prefix delegation requires the use of stateful DHCPv6 in
DOCSIS networks.

John
=========================================
John Jason Brzozowski
Comcast Cable
e) mailto:john_brzozowski at cable.comcast.com
o) 609-377-6594
m) 484-962-0060
w) http://www.comcast6.net
=========================================




On 11/29/11 7:09 AM, "Dmitry Cherkasov" <doctorchd at gmail.com> wrote:

>Steven,
>
>SLAAC is prohibited for using in DOCSIS networks, router
>advertisements that allow SLAAC must be ignored by end-devices,
>therefore DHCPv6 is the only way of configuring (if not talking about
>statical assignment). I have seen at least Windows7 handling this
>properly in its default configuration: it starts DHCPv6 negotiation
>instead of auto-configuration.
>
>Dmitry Cherkasov
>
>
>
>2011/11/29 Steven Bellovin <smb at cs.columbia.edu>:
>>
>> On Nov 28, 2011, at 4:51 52PM, Owen DeLong wrote:
>>
>>>
>>> On Nov 28, 2011, at 7:29 AM, Ray Soucy wrote:
>>>
>>>> It's a good practice to reserve a 64-bit prefix for each network.
>>>> That's a good general rule.  For point to point or link networks you
>>>> can use something as small as a 126-bit prefix (we do).
>>>>
>>>
>>> Technically, absent buggy {firm,soft}ware, you can use a /127. There's
>>>no
>>> actual benefit to doing anything longer than a /64 unless you have
>>> buggy *ware (ping pong attacks only work against buggy *ware),
>>> and there can be some advantages to choosing addresses other than
>>> ::1 and ::2 in some cases. If you're letting outside packets target
>>>your
>>> point-to-point links, you have bigger problems than neighbor table
>>> attacks. If not, then the neighbor table attack is a bit of a
>>>red-herring.
>>>
>>
>> The context is DOCSIS, i.e., primarily residential cable modem users,
>>and
>> the cable company ISPs do not want to spend time on customer care and
>> hand-holding.  How are most v6 machines configured by default?  That is,
>> what did Microsoft do for Windows Vista and Windows 7?  If they're set
>>for
>> stateless autoconfig, I strongly suspect that most ISPs will want to
>>stick
>> with that and hand out /64s to each network.  (That's apart from the
>>larger
>> question of why they should want to do anything else...)
>>
>>
>>                --Steve Bellovin, https://www.cs.columbia.edu/~smb
>>
>>
>>
>>
>>
>>
>

• Previous message (by thread): IPv6 prefixes longer then /64: are they possible in DOCSIS networks?
• Next message (by thread): IPv6 prefixes longer then /64: are they possible in DOCSIS networks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]