DHCPv6 PD & Routing Questions
Mark Andrews
marka at isc.org
Sun Dec 6 05:18:49 UTC 2015
In message <E82EA149-2530-41FF-9CE0-670E6CD7D097 at delong.com>, Owen DeLong writes:
>
> > On Nov 25, 2015, at 15:59 , Mark Andrews <marka at isc.org> wrote:
> >
> >
> > In message
> <CAMWxDfrh+O=SPZwPmAZhYnvAEeK2eMFw3CD0qf34Fkbb=-SaPw at mail.gmail.com>,
> Brian Knight writes:
> >> On Tue, Nov 24, 2015 at 6:34 PM, Baldur Norddahl
> >> <baldur.norddahl at gmail.com> wrote:
> >>>
> >>> DHCPv6-PD allows multiple PD requests. But did anyone actually
> implement
> >>> that? I am not aware of any device that will hand out sub delegations
> on
> >>> one interface, notice that it is out of address space and then go
> request
> >>> more space from the upstream router (*).
> >>>
> >>> DHCPv6-PD allows size hints, but it is often ignored. Also there is no
> >>> guidance for what prefix sizes you should ask for. Many CPEs will ask for
> >>> /48. If you got a /48 you will give out that /48 and then not honor any
> >>> further requests, because only one /48 per site is allowed. If you are an
> >>> ISP that gives out /48 and your customers CPE asks for a /56 you will
> >>> still ignore his size hint and give him /48.
> >>
> >> Or, worse, the ISP's DHCPv6 server honors the new request and issues
> >> the larger prefix, but refuses to route it. Ran into that myself when
> >> I replaced my home CPE router, and changed the prefix hint to ask for
> >> a /60 block (expanded from /64) at the same time. That made for a
> >> frustrating few days without IPv6 service, waiting for my original
> >> delegation to expire. (Tech support, of course, had no clue and
> >> blamed my router.)
> >>
> >> In retrospect I should have perhaps had my original CPE generate a
> >> DHCP release message for that prefix before disconnecting it. But I
> >> won't be the last person to fail to generate that.
> >>
> >> -Brian
> >
> > Well the requesting router could announce the route. ISC's client
> > has hooks that allow this to be done. That is, after all, how
> > routing is designed to work. The DHCP server usually is sitting
> > in a data center on the other side of the country with zero ability
> > to inject approptiate routes.
>
> Are you really suggesting that a residential ISP accept routes advertised
> from their customer’s CPE? Really?
PD is used internally as well as externally, and with a little bit
of crypto to prove the assigned address belongs to them there really
isn't a reason a CPE device couldn't announce a address to a ISP.
It would also allow BCP38 filters to be built rather than using RFP
which is only a approximate solution.
> That’s about the most ridiculous thing I’ve heard on NANOG in a long time
> and that’s saying something.
>
> > The DHCP relay could also have injected routes but that is a second
> > class solution.
>
> Maybe, but in an ISP/Customer PD environment, it’s certainly preferable
> to what you consider a “first class†solution.
Actually it is still a second class solution. Have the CPE generate
the routes and use information from the relay as a acceptance filter.
That way the device that was delegated the prefix decides what it
announced.
> Owen
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the NANOG
mailing list