Re: [Kea-users] [EXTERNAL] Re: Dhcp6 Prefix Exclude use case question

Fri, 23 Jun 2023 05:38:42 -0700 

Thanks, Darren. This mostly has to do with how the clients in the space USE the 
v6 PDs. It’s a MAP-T environment where use of that block correlates to that 
client devices sending all traffic using source-ports of 1-1023 (which is 
obviously problematic). Unlikely corner case, just trying to ensure this will 
work the way we are hoping IF it’s used.

Thanks.
Dan

From: Kea-users <kea-users-boun...@lists.isc.org> on behalf of Darren Ankney 
<darren.ank...@gmail.com>
Date: Friday, June 23, 2023 at 6:31 AM
To: kea-users@lists.isc.org <kea-users@lists.isc.org>
Subject: [EXTERNAL] Re: [Kea-users] Dhcp6 Prefix Exclude use case question
Hi Dan,

I don't think that is the purpose of the option, but I suppose if no
device asks for an excluded prefix then the prefix will not be
allocated to any device.  How would you be able to guarantee this?  I
would think a better solution would be to engineer your network
differently such that you don't need to leave off part of the prefix
delegation.  Surely there are plenty of IPv6 subnets to go around to
accomplish this?

Thank you,

Darren Ankney

On Wed, Jun 21, 2023 at 5:09 PM Dan Geist <d...@polter.net> wrote:
>
> Greetings, all. I'm exploring using the "prefix exclude" feature to do 
> something a little different than what it's RFC describes and would like to 
> know if my scenario would work. In the kea ARM, the example config is as 
> follows:
>
> "Dhcp6": {
>     "subnet6": [
>         {
>             "subnet": "2001:db8:1::/48",
>             "pd-pools": [
>                 {
>                     "prefix": "2001:db8:1:8000::",
>                     "prefix-len": 56,
>                     "delegated-len": 64,
>                     "excluded-prefix": "2001:db8:1:8000:cafe:80::",
>                     "excluded-prefix-len": 72
>                 }
>             ]
>         }
>     ]
> }
>
> This allows a device that sends a Prefix Exclude option to be allocated the 
> indicated /72.
>
> In my environment, we'd like to be able to allocate PDs from a block that is 
> discrete from the subnet and in which the very first PD is NEVER assigned, 
> ala:
>
> "Dhcp6": {
>     "subnet6": [
>         {
>             "subnet": "2001:db8:1::/48",
>             "pd-pools": [
>                 {
>                     "prefix": "2001:db8:2::",
>                     "prefix-len": 48,
>                     "delegated-len": 60,
>                     "excluded-prefix": "2001:db8:2::",
>                     "excluded-prefix-len": 60
>                 }
>             ]
>         }
>     ]
> }
>
> Assuming I don't have any dhcpv6 endpoint devices sending the excluded prefix 
> option, does this accomplish what I'm attempting, which is: never use the 
> first /60 from the PD /48 prefix?
>
> Thanks
> Dan
>
> --
> Dan Geist dan(@)polter.net
>
> --
> ISC funds the development of this software with paid support subscriptions. 
> Contact us at 
> https://urldefense.com/v3/__https://www.isc.org/contact/__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVpxEDd1KQ$<https://urldefense.com/v3/__https:/www.isc.org/contact/__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVpxEDd1KQ$>
>   for more information.
>
> To unsubscribe visit 
> https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$>
>  .
>
> Kea-users mailing list
> Kea-users@lists.isc.org
> https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$>
--
ISC funds the development of this software with paid support subscriptions. 
Contact us at 
https://urldefense.com/v3/__https://www.isc.org/contact/__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVpxEDd1KQ$<https://urldefense.com/v3/__https:/www.isc.org/contact/__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVpxEDd1KQ$>
  for more information.

To unsubscribe visit 
https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$>
 .

Kea-users mailing list
Kea-users@lists.isc.org
https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$>

-- 
ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.

To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users.

Kea-users mailing list
Kea-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/kea-users

Reply via email to