DHCPv6 PD & Routing Questions

• Previous message (by thread): DHCPv6 PD & Routing Questions
• Next message (by thread): DHCPv6 PD & Routing Questions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Nov 20, 2015 at 01:35:55PM -0800, Jim Burwell wrote:
> My questions are:
> 
> 1) Does the DHCPv6 protocol include any standards/mechanisms/methods for
> managing routes to prefixes it delegates, or does it consider this
> outside of its function?  (I suspect the latter)

It's considered outside of function.  It makes a lot of sense, from the
*protocol's* viewpoint, not to go constraining itself in any way.

*Implementations*, on the other hand, appear to have kinda dropped the ball,
insofar as none of the OSS DHCPv6 servers that can do PD appear to have put
any thought into what to do with the prefixes delegated.

> 2) What are the most common ways of managing the routing of delegated
> prefixes in the ISPs routing domain?  Has a standard method/best
> practice emerged yet?  Routing protocols?  IPv6 RAs?

I hacked some code into ISCP DHCPD to give called scripts sufficient knowledge
to add routes to the local machine's routing table:

    http://www.hezmatt.org/~mpalmer/blog/2014/11/20/multi-level-prefix-delegation-is-not-a-myth-ive-seen-it.html

(Holy crap, I published that post almost exactly a year ago today...)

More recently, I'm doing some work with a production containerised
environment, and I decided to use RAs to propagate /64 routes amongst the
container hosts and immediate upstream router (the upstream router has the
whole /48 routed to it, and the router then gets the RAs to know which
machine to send the /64 to).  It seems to work rather well.  If I had any
more complicated a setup, I'd definitely have broken out the OSPF or
something.

> One obvious answer would be routing protocols.  In my brief googling,
> I've seen a forum post that seems to indicate that Comcast makes use of
> RIPng on their CPE to propagate routing information for prefixes
> delegated to it.  Can someone confirm this?  This would seem as good a
> method as any to do this, albeit with obvious security concerns.

I can't confirm Comcast's use of anything in particular, but I'd certainly
consider it a possibility.  In an ISP environment, I think I'd prefer for my
routing to *not* be under the control of anything that the customer can get
their fingers into, but I'm sure there's suitable filters in place to stop a
customer trying to announce all of 2000::/3...

> What's the best way to implement a DHCPV6 PD client on a Linux router? 
> Dibbler seems to do everything except route propagation (asks for PD,
> puts PD address on local NIC if asked).  Anything better out there?

Well, I'm quite partial to the solution I hacked up for ISC DHCPD, but it's
hard to argue that I'm an unbiased observer.  <grin>

- Matt

• Previous message (by thread): DHCPv6 PD & Routing Questions
• Next message (by thread): DHCPv6 PD & Routing Questions
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]