<div dir="ltr"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Primarily the ability to end-to-end authenticate end devices. The<br>primary and largest glaring issue is that DHCPv6 from the client does<br>not include the MAC address, it includes the (I believe) UUID.<br></blockquote><div><br></div><div>DHCPv6 Option 79</div><div><br></div><div><a href="https://datatracker.ietf.org/doc/html/rfc6939">https://datatracker.ietf.org/doc/html/rfc6939</a><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br></blockquote></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Mar 19, 2022 at 6:58 PM Matt Hoppes <<a href="mailto:mattlists@rivervalleyinternet.net">mattlists@rivervalleyinternet.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
<br>
On 3/19/22 6:50 PM, Michael Thomas wrote:<br>
> <br>
> On 3/19/22 3:47 PM, Matt Hoppes wrote:<br>
>> It has "features" which are at a minimum problematic and at a maximum <br>
>> show stoppers for network operators.<br>
>><br>
>> IPv6 seems like it was designed to be a private network communication <br>
>> stack, and how an ISP would use and distribute it was a second though.<br>
> <br>
> What might those be? And it doesn't seem to be a show stopper for a lot <br>
> of very large carriers.<br>
<br>
Primarily the ability to end-to-end authenticate end devices. The <br>
primary and largest glaring issue is that DHCPv6 from the client does <br>
not include the MAC address, it includes the (I believe) UUID.<br>
<br>
We have to sniff the packets to figure out the MAC so that we can <br>
authenticate the client and/or assign an IP address to the client properly.<br>
<br>
It depends how you're managing the network. If you're running PPPoE you <br>
can encapsulate in that. But PPPoE is very 1990 and has its own set of <br>
problems. For those running encapsulated traffic, authentication to the <br>
modem MAC via DHCP that becomes broken. And thus far, I have not seen a <br>
solution offered to it.<br>
<br>
<br>
Secondly - and less importantly to deployment, IPv6 also provides a <br>
layer of problematic tracking for advertisers. Where as before many <br>
devices were behind a PAT, now every device has a unique ID -- probably <br>
for the life of the device. Marketers can now pinpoint down not just to <br>
an IP address that identifies a single NAT interface, but each <br>
individual device. This is problematic from a data collection standpoint.<br>
<br>
</blockquote></div>