Android (lack of) support for DHCPv6

Mark Andrews marka at isc.org
Fri Jun 12 00:16:40 UTC 2015


In message <9DA9C5B8-E60C-4462-873A-EA5052128067 at heliacal.net>, Laszlo Hanyecz 
writes:
> Lorzenzo is probably not going to post anymore because of this.
>
> It looks to me like Lorenzo wants the same thing as most everyone here,
> aside from the university net nazis, and he's got some balls to come
> defend his position against the angry old men of NANOG.  Perhaps the
> approach of attacking DHCP is not the right one, but it sounds like his
> goal is to make IPv6 better than how IPv4 turned out.
>
> Things like privacy extensions, multiple addresses and PD are great
> because they make it harder for people to do address based tracking,
> which is generally regarded as a desirable feature except by the people
> who want to do the tracking.  DHCPv6 is a crutch that allows operators to
> simply implement IPv6 with all the same hacks as IPv4 and continue to do
> address based access control, tracking, etc.  It's like a 'goto'
> statement - it can be used to do clever things, but it can also be used
> to hack stuff and create very hard to fix problems down the road.  I
> think what Lorenzo is trying to do is to use his influence/position to
> forcefully prevent people from doing this, and while that may not be the
> most diplomatic way, I admire his courage in posting here and trying to
> reason with the mob.
>
> -Laszlo

There is a difference between arguing that additional addesses
should be supported and saying stuff consensus and stuff what you
want from the product, I am not going to give you DHCPv6 support
because it may be used to only hand out only one address.

The better long term strategy is to support DHCPv6 and then complain
that you can't get a address for 464XLAT and/or a privacy address.

Having a brower come up and say "Unable to obtain privacy address.
Do you still want to post this request" for every request will have
much more impact and is actually solvable with a couple of tweaks
to the DHCPv6 configuration than getting policy changed to support
SLACC.  Recording N addresss against a user (where N is small) is
not any harder than recording 1 address and gives the traceback
needed.

A RFC compliant DHCPv6 server will hand out multiple address by
default.  I haven't checked ISC's DHCPv6 server and if it doesn't
do multiple addresses by default please open a bug ticket
(dhcp-bugs at isc.org) as it should.

464XLAT isn't even needed to do IPv4 over a IPv6-only WiFi.  There
are other ways to do it, e.g. DS-Lite, which work better than
464XLAT.

Mark
 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the NANOG mailing list