DHCPv6, was: Re: IPv6 Finally gets off the ground
Iljitsch van Beijnum
iljitsch at muada.com
Sun Apr 15 10:38:42 UTC 2007
On 13-apr-2007, at 21:48, David W. Hankins wrote:
> A given ISP may or may not directly communicate with end hosts
> using any form of DHCP, but the current broadband ISP models which
> are de rigeur would not be salient without DHCPv4 on the end hosts,
> even if that is only between the set top box and customer.
Sure, but that's because with IPv4, there are only three flavors:
- manual configuration
- PPP
- DHCP
With IPv6, there's of course still manual configuration, but PPP is
out because it can't negotiate IPv6 addresses. New in IPv6 is
stateless autoconfiguration, which will give you addresses and
default gateways, but (so far) not extra info such as DNS addresses.
The situation for DHCP in IPv6 is very different from the one in
IPv4: because DHCPv6 was late to the party (IIRC the final RFCs came
out around 2003, decent implementations are still not abundant) and
we have stateless autoconfig, the focus for DHCPv6 was to provide
additional information (those !#$ DNS addresses) and a new trick:
prefix delegation. This is a mechanism where routers can lease a
prefix from a DHCP server, and then use that prefix in their router
advertisements. This is a great tool for provisioning.
The DHCPv6 servers and clients that I tested two years ago didn't
even support address assignment to hosts. And note that even when
hosts do, and a DHCPv6 server is available, these hosts must still
listen for router advertisements because DHCPv6 doesn't provide a
default gateway address, like DHCP for IPv4 does.
> What DHCP and PPP did do, was to remove all of that, and make ISP
> integration of customer premise something that could "just happen"
> without any handholding or bearded geekery.
Fortunately, the IETF got things right the sixth time around (?) by
adding the stateless autoconfig to IPv6, so these additional
mechanisms aren't necessary.
> When you can plug your computer in, and automatically (with no
> clicking) get an IPv6 address,
Like I said, this part has never been a problem with IPv6.
> have something tell you where your DNS assist servers,
There will be a router advertisement option to learn DNS servers.
Note though, that this is only an issue for hosts that are IPv6-only,
which isn't exactly the typical use case today.
> configure web proxies,
??
> and solve your dynamic dns problems
Which dynamic DNS problems? It works just fine for me.
> On the subject of DNS, I think you are going to find that, since
> IPv6 addresses do not pass the 'phone test', IPv6 customers will
> have a new emphasis on having their names in DNS.
And exactly how often do people type in the address of their own
system...?
A problem with the DNS and IPv6 is that unlike IPv4, you can't pre-
populate the DNS so that each host has a valid DNS name as soon as it
receives an address. Manual configuration is problematic for more
than the obvious reasons: host may use temporary IPv6 addresses with
random lower bits to avoid exposing their MAC address. The only
reasonable way to solve this is with dynamic DNS updates. This would
be bad except that customers will usually have their own prefix in
IPv6 so this should be solvable security-wise.
More information about the NANOG
mailing list