[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [69ATTENDEES] DHCP

To: v6ops@ops.ietf.org
Subject: Re: [69ATTENDEES] DHCP
From: Kevin Loch <kloch@kl.net>
Date: Fri, 14 Sep 2007 18:08:23 -0400
In-reply-to: <5B2D63FB-62CF-4777-ADC7-4441D3B1826D@muada.com>
References: <20070913063729.GX69215@Space.Net> <20070913064631.86A19233C5@coconut.itojun.org> <20070913065634.GZ69215@Space.Net> <46E99741.4050303@gmail.com> <20070914072646.33ff331d.ipng@69706e6720323030352d30312d31340a.nosense.org> <20070914065337.GQ69215@Space.Net> <46EA98E5.5030802@kl.net> <F8EA3330-2626-4236-B9D3-D106F30D2283@muada.com> <46EADBC9.5060900@kl.net> <5B2D63FB-62CF-4777-ADC7-4441D3B1826D@muada.com>
User-agent: Thunderbird 1.5.0.9 (X11/20070127)

Apologies to the list, this will be my last post on this subject.

Iljitsch van Beijnum wrote:

On 14-sep-2007, at 21:06, Kevin Loch wrote:

RA's are great in certain situations, and I use it on some subnets but
we must have a full set of tools that work with RA turned off.


Why?


There are situations where hosts on the same segment need to use
different gateways.  There are many cases where self assigned
IPs (which might be used to source packets) are not desired.  Firewall
rules, accounting, VPN SA's and load balancers are just the tip of the
iceberg.  Convoluted topology due to mergers or migrations, customer
legacy designs or other odd requirements adds to the mess.  We have
tools in IPv4 to deal with this and the shotgun approach of RA would
not help here.

Even in cases where RA could be used, it is often desirable to use
manually selected non EUI-64 addresses which tend to be simpler.  This
also applies to ranges used by DHCP.  People still have to type and work
with IP addresses in IPv6.

There are situations where I cannot have hosts (serversin particular) autoconfigure addresses or gateways, even
accidentally.

Then they shouldn't listen to discovery protocols such as RA but alsoDHCP (and VRRP in the sense that you were suggesting although VRRP isn'tdesigned to be that).

VRRP for failover of a statically configured gateway IP address is veryuseful. I could use it today on my network if vendors supported it.


I can also see scenarios where VRRP + DHCP - RA could be useful in
mixed DHCP/static segments.  DHCP allows fine control over which
hosts are allowed to use it as well as which features are used.  You
don't always have administrative control over all hosts on a segment to
control behavior regarding RA's.

I'm not bashing RA completely.  It's a small efficient design and is
very convenient in certain situations. It just isn't appropriate for
every situation and many times will need to be turned off.  In those
cases we need other methods (like DHCP, VRRP).

- Kevin

References:
- Re: [69ATTENDEES] DHCP
  - From: Gert Doering <gert@space.net>
- Re: [69ATTENDEES] DHCP
  - From: itojun@itojun.org (Jun-ichiro itojun Hagino)
- Re: [69ATTENDEES] DHCP
  - From: Gert Doering <gert@space.net>
- Re: [69ATTENDEES] DHCP
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: [69ATTENDEES] DHCP
  - From: Mark Smith <ipng@69706e6720323030352d30312d31340a.nosense.org>
- Re: [69ATTENDEES] DHCP
  - From: Gert Doering <gert@space.net>
- Re: [69ATTENDEES] DHCP
  - From: Kevin Loch <kloch@kl.net>
- Re: [69ATTENDEES] DHCP
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: [69ATTENDEES] DHCP
  - From: Kevin Loch <kloch@kl.net>
- Re: [69ATTENDEES] DHCP
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: RE: [69ATTENDEES] DHCP
Next by Date: Re: [69ATTENDEES] DHCP
Previous by thread: Re: [69ATTENDEES] DHCP
Next by thread: RE: [69ATTENDEES] DHCP
Index(es):
- Date
- Thread