Re: SLAAC(autoconfig) vs DHCPv6
On Mon, Aug 18, 2008 at 03:42:29PM -0400, Howard C. Berkowitz wrote: > If you want to test a resource, be it the end user or an infrastructure > interface, how do you know how to foo it (foo being some value of ping, > traceroute, look it up in SNMP/NetFlow, etc)? > > I submit that if you use dynamic assignment of any sort, you really have to > have DNS dynamic update, so you can use a known name to query the function > that's indexed by address. Otherwise, static addresses become rather > necessary if you want to check a resource. That's close. If you use dynamic assignment via DHCP (v4 or v6), then you have a handy database of all the IPv4 addresses assigned and whatever information you want to discern them by (if not by hostname) that was available to the DHCP server at the time of assignment. Strictly speaking, Dynamic DNS isn't even necessary, but it could be reasonably handy (because IPv6 addresses do not pass 'the phone test'). With technologies like SLAAC, tho, you are right. You're going to have to give devices a means to register with the network independently of their IP address allocation, because it only takes one client to Router Solicit to configure multiple clients upon the broadcast Router Advertisement reply. Unless you start sniffing for their neighbor discovery probes (part of SLAAC is to ensure the new address is not already in use), there's no transaction where the resource(s) are assigned. There is quite obviously a key distribution problem with that kind of model, and if you have to manually configure a system to configure itself dynamically, there is a significantly diminished reward. At this point in the excercise, you may as well do what the rest of us in the current SLAAC-only world have done; disable SLAAC and set v6 addresses (and DNS) manually. Welcome to 1985, the era DHCPv4 saved us from. But this leads you back to today's IPv6 operational problem; if you need registered clients, then you can install any DHCPv6 software you can find to get it via either its database or Dynamic DNS (quite a lot of DHCPv6 server software supports Dynamic DNS). But you still wont' have any DHCPv6 clients outside of Vista. This is where the chicken meets the egg on our faces. -- Ash bugud-gul durbatuluk agh burzum-ishi krimpatul. Why settle for the lesser evil? https://secure.isc.org/store/t-shirt/ -- David W. Hankins"If you don't do it right the first time, Software Engineeryou'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins pgplgk5oanCDo.pgp Description: PGP signature
RE: SLAAC(autoconfig) vs DHCPv6
1. I think ARP is effectively a ping for a mac. It verifies connectivity on level 2 between two hosts. You have to be on the same segment though To make it work, you would have to know the mac address of the remote host, clear the arp table the local host, then send the ARP request out. This would still require that each host have IP stacks in place with functioning IP addresses. Although ARP acts under IP, it still requires IP to function. 2. I think you might be able to fudge it using RARP, if you just look for signals sent to that address. 3. A kind of constant ping might be... if you knew the remote's MAC address you could poison the ARP table with an announcement, spoof the MAC locally, then do MITM stuff and relay communications. 4. Ok, after all that craziness I did a google search and found ARPING: http://en.wikipedia.org/wiki/Arping ARPING still seems to rely upon a proper IP stack and address on both hosts. Meh, your best bet might be just to scan your arp tables for the mac you are interested in. I think all NICs broadcast periodically saying "I am here". Passive ping. --p -Original Message- From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2008 3:42 PM To: nanog@nanog.org Subject: RE: SLAAC(autoconfig) vs DHCPv6 This was especially a question when L2 was "in" and routing was out: how do you ping a MAC address?
RE: SLAAC(autoconfig) vs DHCPv6 vs IP Address Lifecycle Management
Scott, There are solutions that support both static, quasi-static, also driving DHCPv6 servers and Dynamic DNS updates. There are networks that have deployed IPal to automate and consolidate their IPv4 and IPv6 block allocations and interface assignments. Router Prefix delegation, SLAAC and DHCPv6 were implemented to have a more automated method of IPv6 address assignments because of the large potential number of IPv6 addresses to be assigned in a next generation network. IPal does address block assignments for Prefix delegation, SLAAC and DHCPv6 support. It does IPv6 interface assignments of /64 EUI-64, /64 random, /126, /127 and /128 and generate the Dynamic DNS updates for those assignments. E-mail me off list if you want any additional information. John (ISDN) Lee From: Howard C. Berkowitz [EMAIL PROTECTED] Sent: Monday, August 18, 2008 3:42 PM To: nanog@nanog.org Subject: RE: SLAAC(autoconfig) vs DHCPv6 To try to stay operational about this, I have a reality testing question I've used in IPv4 and, for that matter, bridged networks: If you want to test a resource, be it the end user or an infrastructure interface, how do you know how to foo it (foo being some value of ping, traceroute, look it up in SNMP/NetFlow, etc)? I submit that if you use dynamic assignment of any sort, you really have to have DNS dynamic update, so you can use a known name to query the function that's indexed by address. Otherwise, static addresses become rather necessary if you want to check a resource. This was especially a question when L2 was "in" and routing was out: how do you ping a MAC address? Howard -Original Message- From: Scott Weeks [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2008 3:34 PM To: nanog@nanog.org Subject: SLAAC(autoconfig) vs DHCPv6 -- [EMAIL PROTECTED] wrote: From: "TJ" <[EMAIL PROTECTED]> As a general rule, most clients are following the "If we gave them static IPv4 addresses we will give them static IPv6 addresses" (infrastructure, servers, etc). The whole SLAAC(autoconfig) vs DHCPv6 is a separate (albeit related) conversation ... I'm still an IPv6 wussie and would like to learn more before moving forward, so would anyone care to share info on experiences with this decision? scott
Re: SLAAC(autoconfig) vs DHCPv6
On Mon, Aug 18, 2008 at 11:11:16PM +0200, Iljitsch van Beijnum wrote: > Forget about it on XP, but it's in Vista. You can add it to BSD/Linux > without too much trouble (are there good, bugfree implementations for those > yet?) If anyone is aware of any bugs in ISC dhclient -6, please submit them to [EMAIL PROTECTED] -- Ash bugud-gul durbatuluk agh burzum-ishi krimpatul. Why settle for the lesser evil? https://secure.isc.org/store/t-shirt/ -- David W. Hankins"If you don't do it right the first time, Software Engineeryou'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins pgpjMivi6e3Oj.pgp Description: PGP signature
Re: SLAAC(autoconfig) vs DHCPv6
Charles Wyble wrote: This was especially a question when L2 was "in" and routing was out: how do you ping a MAC address? l2ping works on bluetooth devices on Linux. Might work for other stuff as well. Not sure what Cisco offers in this regard. The ideal solution would be OAM. Of course not everything supports that and it's not on by default either. Of all the things to turn off by default, this is one thing that I'd like to see on. Justin
Re: SLAAC(autoconfig) vs DHCPv6
On Mon, 18 Aug 2008, Charles Wyble wrote: http://internecine.eu/systems/windows_xp-ipv6.html and http://internecine.eu/software/dibbler_dhcpv6.html discuss how to deploy dhcpv6 on xp. It's 3rd party but doable. Hmmm I'm getting "You don't have permission to access /systems/windows_xp-ipv6.html on this server." Antonio Querubin whois: AQ7-ARIN
RE: SLAAC(autoconfig) vs DHCPv6
Yep - absolutely. I was referring to built-in support from the stack. Dibbler is the primary third party provider we have seen for DHCPv6 support on downlevel clients. Sean -Original Message- From: Charles Wyble [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2008 2:55 PM To: [EMAIL PROTECTED] Subject: Re: SLAAC(autoconfig) vs DHCPv6 Sean Siler wrote: > Nope. XP does not support DHCPv6 - only Vista/Windows Server 2008 (and later) > can do that. > > Sean http://internecine.eu/systems/windows_xp-ipv6.html and http://internecine.eu/software/dibbler_dhcpv6.html discuss how to deploy dhcpv6 on xp. It's 3rd party but doable.
Re: SLAAC(autoconfig) vs DHCPv6
On Mon, 18 Aug 2008, Charles Wyble wrote: Forget about it on XP, Hmmm. MS says otherwise: http://www.microsoft.com/technet/network/ipv6/ipv6faq.mspx None of the XP systems here (even with all the latest service packs installed) seem to do DHCPv6. but it's in Vista. You can add it to BSD/Linux without too much trouble (are there good, bugfree implementations for those yet?) Bugfree? Nothing is bugfree :) Indeed. The Vista client has some real problems with retaining DNS info. Antonio Querubin whois: AQ7-ARIN
Re: SLAAC(autoconfig) vs DHCPv6
Sean Siler wrote: Nope. XP does not support DHCPv6 - only Vista/Windows Server 2008 (and later) can do that. Sean http://internecine.eu/systems/windows_xp-ipv6.html and http://internecine.eu/software/dibbler_dhcpv6.html discuss how to deploy dhcpv6 on xp. It's 3rd party but doable.
Re: SLAAC(autoconfig) vs DHCPv6
> Date: Mon, 18 Aug 2008 14:27:56 -0700 > From: Charles Wyble <[EMAIL PROTECTED]> > > Iljitsch van Beijnum wrote: > > On 18 aug 2008, at 22:23, Dale W. Carder wrote: > > > >> DHCPv6 > >> - doesn't ship w/ some OS's > > > > Forget about it on XP, > > Hmmm. MS says otherwise: > http://www.microsoft.com/technet/network/ipv6/ipv6faq.mspx No. MS says that support for DHCPv6 is new in Vista and Server 2008 which rather strongly implies that it is not present in XP. (And it isn't.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 pgpAWRm4gKw9u.pgp Description: PGP signature
RE: SLAAC(autoconfig) vs DHCPv6
Nope. XP does not support DHCPv6 - only Vista/Windows Server 2008 (and later) can do that. Sean -Original Message- From: TJ [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2008 2:42 PM To: [EMAIL PROTECTED] Subject: RE: SLAAC(autoconfig) vs DHCPv6 >-Original Message- >From: Charles Wyble [mailto:[EMAIL PROTECTED] >Sent: Monday, August 18, 2008 5:28 PM >To: [EMAIL PROTECTED] >Subject: Re: SLAAC(autoconfig) vs DHCPv6 > >Iljitsch van Beijnum wrote: >> On 18 aug 2008, at 22:23, Dale W. Carder wrote: >> >>> DHCPv6 >>> - doesn't ship w/ some OS's >> >> Forget about it on XP, > >Hmmm. MS says otherwise: >http://www.microsoft.com/technet/network/ipv6/ipv6faq.mspx Did you see somewhere on that site, that WinXP does DHCPv6? I don't. And it would be wrong, to boot. (Not just IPv6 support - that is one simple command ...) >> but it's in Vista. You can add it to BSD/Linux without too much >> trouble (are there good, bugfree implementations for those yet?) > >Bugfree? Nothing is bugfree :) >> but Mac is a problem for prospective DHCPv6 users because the network >> configuration mechanisms are fairly proprietary and DHCPv6 isn't >> likely to be supported any time soon. > >H. I have yet to play with the Mac Ipv6 support (typing this on a Mac >now I should try in my lab later). What auto configuration mechanisms are >you referring to? Bonjour? Isn't there an RFC or two for Zeroconf? No, I believe he is referring to the actual network configuration. Not the (almost) automatic/automated service/device discovery ... > >-- >Charles Wyble (818) 280 - 7059 /TJ
RE: SLAAC(autoconfig) vs DHCPv6
>-Original Message- >From: Charles Wyble [mailto:[EMAIL PROTECTED] >Sent: Monday, August 18, 2008 5:28 PM >To: [EMAIL PROTECTED] >Subject: Re: SLAAC(autoconfig) vs DHCPv6 > >Iljitsch van Beijnum wrote: >> On 18 aug 2008, at 22:23, Dale W. Carder wrote: >> >>> DHCPv6 >>> - doesn't ship w/ some OS's >> >> Forget about it on XP, > >Hmmm. MS says otherwise: >http://www.microsoft.com/technet/network/ipv6/ipv6faq.mspx Did you see somewhere on that site, that WinXP does DHCPv6? I don't. And it would be wrong, to boot. (Not just IPv6 support - that is one simple command ...) >> but it's in Vista. You can add it to BSD/Linux without too much >> trouble (are there good, bugfree implementations for those yet?) > >Bugfree? Nothing is bugfree :) >> but Mac is a problem for prospective DHCPv6 users because the network >> configuration mechanisms are fairly proprietary and DHCPv6 isn't >> likely to be supported any time soon. > >H. I have yet to play with the Mac Ipv6 support (typing this on a Mac >now I should try in my lab later). What auto configuration mechanisms are >you referring to? Bonjour? Isn't there an RFC or two for Zeroconf? No, I believe he is referring to the actual network configuration. Not the (almost) automatic/automated service/device discovery ... > >-- >Charles Wyble (818) 280 - 7059 /TJ
Re: SLAAC(autoconfig) vs DHCPv6
Iljitsch van Beijnum wrote: On 18 aug 2008, at 22:23, Dale W. Carder wrote: DHCPv6 - doesn't ship w/ some OS's Forget about it on XP, Hmmm. MS says otherwise: http://www.microsoft.com/technet/network/ipv6/ipv6faq.mspx but it's in Vista. You can add it to BSD/Linux without too much trouble (are there good, bugfree implementations for those yet?) Bugfree? Nothing is bugfree :) but Mac is a problem for prospective DHCPv6 users because the network configuration mechanisms are fairly proprietary and DHCPv6 isn't likely to be supported any time soon. H. I have yet to play with the Mac Ipv6 support (typing this on a Mac now I should try in my lab later). What auto configuration mechanisms are you referring to? Bonjour? Isn't there an RFC or two for Zeroconf? -- Charles Wyble (818) 280 - 7059 http://charlesnw.blogspot.com CTO Known Element Enterprises / SoCal WiFI project
Re: SLAAC(autoconfig) vs DHCPv6
On Mon, Aug 18, 2008 at 12:52:50PM -0700, Scott Weeks wrote: > Seeing Howard's quick response saying "To try to stay operational > about this..." makes me realize I may have inadvertently invited a > religious flame fest. I guess that rules me out. :( > Please! Operational content and hands-on experiences only to the > best of your ability. I want to learn from this, not delete the > whole thread. The short and simple "Where we are Today" is that the only DHCPv6 clients you are likely to encounter in your networks are either DOCSIS modems or Windows Vista. So if you are going to deploy IPv6 to customers, you are generally going to use SLAAC today, and all the headaches that entails. Although there's now an option for domain name servers and search paths in router advertisements, you'll have an even worse time finding client support. So the current state of the art is to run dual stack so that DHCPv4 can reliably provide IPv4 nameservers, which you can use to find records, enabling SLAAC'd IPv6 access. For extra credit you can supply IPv6 nameserver information statelessly, but then you're only complicating things even more. One of the little talked about issues is the potential support cost when a customer wants to resolve some issue. "My web isn't working." "Are you using v4 or v6?" "Netscape." And of course it's a non-starter for anyone who needs to assign and approve the client's configuration, let us imagine because of differing product levels, rather than letting them pick whatever they feel like. I think the above can reasonably be said to be an accurate, if brief, depiction of current IPv6 operations. If you wanted to gaze into the future, I think that isn't precisely possible without welcoming the related philosophical (not religious) debates. -- Ash bugud-gul durbatuluk agh burzum-ishi krimpatul. Why settle for the lesser evil? https://secure.isc.org/store/t-shirt/ -- David W. Hankins"If you don't do it right the first time, Software Engineeryou'll just have to do it again." Internet Systems Consortium, Inc. -- Jack T. Hankins pgpDzKuLq36CU.pgp Description: PGP signature
Re: SLAAC(autoconfig) vs DHCPv6
On 18 aug 2008, at 22:23, Dale W. Carder wrote: - really, really, really broken: it didn't support handing out any DNS info until RFC 5006, thus SLAAC still requires human intervention on a client to make "teh v6 interwebs" work. While I agree that it is bad that the DNS configuration issue took so long to fix, I wouldn't consider this a flaw of stateless autoconfiguration, which works extremely well. There have been many times that I was at conferences where the IPv4 DHCP wouldn't work so it was impossible to go online, while stateless autoconfig rarely creates any problems. (Although there could be connectivity problems upstream, though.) DHCPv6 - doesn't ship w/ some OS's Forget about it on XP, but it's in Vista. You can add it to BSD/Linux without too much trouble (are there good, bugfree implementations for those yet?) but Mac is a problem for prospective DHCPv6 users because the network configuration mechanisms are fairly proprietary and DHCPv6 isn't likely to be supported any time soon. - new (danger code), not all features implemented - router support for dhcpv6 relay very limited - advanced things like prefix delegation don't really seem to have been ironed out. Actually the prefix delegation has worked just fine for me. This is the redeeming feature in DHCPv6. In my opinion, DHCPv6 was severely misdesigned. For instance, there are stateful and stateless variations, and the _client_ has to choose which to use. DHCPv6 also doesn't give you a subnet prefix length or a default gateway, so you still need router advertisements (that are also used for stateless autoconfig). The latter can be considered a feature, but I'm guessing the lack of a subnet prefix other than the assumption that the whole world uses /64 has been giving DHCPv6 server implementers a lot of headaches. In case you weren't confused enough between the two, they are not mutually exclusive. You can run both SLAAC and DHCPv6 at the same time on the same L2. Of course there's no telling what exactly the clients are going to do in that case... Iljitsch
RE: SLAAC(autoconfig) vs DHCPv6
>-Original Message- >From: Dale W. Carder [mailto:[EMAIL PROTECTED] >Sent: Monday, August 18, 2008 4:24 PM >To: [EMAIL PROTECTED] >Cc: nanog@nanog.org >Subject: Re: SLAAC(autoconfig) vs DHCPv6 > > >Hey Scott, > >On Aug 18, 2008, at 2:33 PM, Scott Weeks wrote: >> From: "TJ" <[EMAIL PROTECTED]> >> >> As a general rule, most clients are following the "If we gave them >> static >> IPv4 addresses we will give them static IPv6 addresses" >> (infrastructure, servers, etc). The whole SLAAC(autoconfig) vs DHCPv6 >> is a separate (albeit >> related) conversation ... >> >> >> I'm still an IPv6 wussie and would like to learn more before moving >> forward, so would anyone care to share info on experiences with this >> decision? > >Here's some pro's and con's to both > >SLAAC: >- widely implemented in host v6 stacks that have shipped >- widely implemented on v6 routers >- really, really, really broken: it didn't support handing out > any DNS info until RFC 5006, thus SLAAC still requires human > intervention on a client to make "teh v6 interwebs" work. It > will probably be a painful wait until 5006 gets more widely > implemented on hosts (if ever, for some) & routers. Or rely on IPv4 to do the DNS part. I call this "cheating", but do not mean to include the negative connotations that come with that word :). >- probably "faster" than dhcpv6 w/ tuning timers. Could be > better for mobile thingys. >- supports RFC 3041 "security by obscurity" extensions. > >DHCPv6 >- doesn't ship w/ some OS's And some vendors have publicly stated that they would never support DHCPv6. While I may not fully believe them (never is a long time), that is atleast an indication not to expect it "soon". >- new (danger code), not all features implemented >- router support for dhcpv6 relay very limited >- advanced things like prefix delegation don't really seem to > have been ironed out. > >In case you weren't confused enough between the two, they are not mutually >exclusive. You can run both SLAAC and DHCPv6 at the same time on the same >L2. Indeed, Stateless DHCPv6 is exactly that. I should have mentioned that by now - sorry! > >Links for (2) dhcpv6 implementations: >http://klub.com.pl/dhcpv6/ >http://www.isc.org/index.pl?/sw/dhcp/dhcp4_0.php > >Cheers, >Dale /TJ
RE: SLAAC(autoconfig) vs DHCPv6
>-Original Message- >From: Howard C. Berkowitz [mailto:[EMAIL PROTECTED] >Sent: Monday, August 18, 2008 3:42 PM >To: nanog@nanog.org >Subject: RE: SLAAC(autoconfig) vs DHCPv6 > >To try to stay operational about this, I have a reality testing question >I've used in IPv4 and, for that matter, bridged networks: > >If you want to test a resource, be it the end user or an infrastructure >interface, how do you know how to foo it (foo being some value of ping, >traceroute, look it up in SNMP/NetFlow, etc)? > >I submit that if you use dynamic assignment of any sort, you really have to >have DNS dynamic update, so you can use a known name to query the function >that's indexed by address. Otherwise, static addresses become rather >necessary if you want to check a resource. While I mostly agree, replace Dynamic DNS with "dynamic name resolution services" (or, perhaps, a stable endpoint address) and I agree even more :). Aside from static addresses, Dynamic DNS is one approach (currently the most common). PNRP, LLMNR are other possible solutions (depending on the scope we are talking about). WRT the "stable endpoint" piece, tunneling can work here. Mobile IPv6, for example, starts off with my machine always being reachable at the same address. Some tunnel providers also allocate stable addressing - i.e. wherever I am in IPv4-land I still have the same IPv6 address. > >This was especially a question when L2 was "in" and routing was out: how do >you ping a MAC address? I prefer Layer 11 - the money :) (8 = people, 9-politics, 10=religion, 11=money) > >Howard /TJ
RE: SLAAC(autoconfig) vs DHCPv6
>-Original Message- >From: Scott Weeks [mailto:[EMAIL PROTECTED] >Sent: Monday, August 18, 2008 3:34 PM >To: nanog@nanog.org >Subject: SLAAC(autoconfig) vs DHCPv6 > > > >-- [EMAIL PROTECTED] wrote: >From: "TJ" <[EMAIL PROTECTED]> > >As a general rule, most clients are following the "If we gave them static >IPv4 addresses we will give them static IPv6 addresses" (infrastructure, >servers, etc). The whole SLAAC(autoconfig) vs DHCPv6 is a separate (albeit >related) conversation ... > > > >I'm still an IPv6 wussie and would like to learn more before moving forward, >so would anyone care to share info on experiences with this decision? Which one? "If we gave them static IPv4 addresses we will give them static IPv6 addresses" Or "SLAAC(autoconfig) vs DHCPv6" For the first ... at the simplest, it is familiar and comfortable. In general: Servers, Routers, Firewalls, Switches (atleast those with L3 addresses) == static address Hosts == dynamic ... either SLAAC or DHCPv6. Manual Configuration of hosts is a non-starter for most environments. For the latter ... that gets more involved. Many (most?) platforms do not support DHCPv6 client functionality. Ditto on the server side. OTOH, SLAAC alone cannot currently give you DNS information ... a possible deal-breaker, that. (Some work under way to change that, or the environment can cheat 0 rely on IPv4 transport for DNS :) ) > >scott HTH! /TJ
Re: SLAAC(autoconfig) vs DHCPv6
Howard C. Berkowitz wrote: To try to stay operational about this, H. I think this is an operational topic, but I can see how it would be seen as more of a strategic item. I have a reality testing question I've used in IPv4 and, for that matter, bridged networks: I submit that if you use dynamic assignment of any sort, you really have to have DNS dynamic update, so you can use a known name to query the function that's indexed by address. Otherwise, static addresses become rather necessary if you want to check a resource. Naturally. DNS name would be required, or a static address. In an ISP/service provider environment I imagine that being able to hand out dynamic ranges would be useful. Having to handle that statically would be painful. :) This was especially a question when L2 was "in" and routing was out: how do you ping a MAC address? l2ping works on bluetooth devices on Linux. Might work for other stuff as well. Not sure what Cisco offers in this regard. -- Charles Wyble (818) 280 - 7059 http://charlesnw.blogspot.com CTO Known Element Enterprises / SoCal WiFI project
Re: SLAAC(autoconfig) vs DHCPv6
Hey Scott, On Aug 18, 2008, at 2:33 PM, Scott Weeks wrote: From: "TJ" <[EMAIL PROTECTED]> As a general rule, most clients are following the "If we gave them static IPv4 addresses we will give them static IPv6 addresses" (infrastructure, servers, etc). The whole SLAAC(autoconfig) vs DHCPv6 is a separate (albeit related) conversation ... I'm still an IPv6 wussie and would like to learn more before moving forward, so would anyone care to share info on experiences with this decision? Here's some pro's and con's to both SLAAC: - widely implemented in host v6 stacks that have shipped - widely implemented on v6 routers - really, really, really broken: it didn't support handing out any DNS info until RFC 5006, thus SLAAC still requires human intervention on a client to make "teh v6 interwebs" work. It will probably be a painful wait until 5006 gets more widely implemented on hosts (if ever, for some) & routers. - probably "faster" than dhcpv6 w/ tuning timers. Could be better for mobile thingys. - supports RFC 3041 "security by obscurity" extensions. DHCPv6 - doesn't ship w/ some OS's - new (danger code), not all features implemented - router support for dhcpv6 relay very limited - advanced things like prefix delegation don't really seem to have been ironed out. In case you weren't confused enough between the two, they are not mutually exclusive. You can run both SLAAC and DHCPv6 at the same time on the same L2. Links for (2) dhcpv6 implementations: http://klub.com.pl/dhcpv6/ http://www.isc.org/index.pl?/sw/dhcp/dhcp4_0.php Cheers, Dale
RE: SLAAC(autoconfig) vs DHCPv6
-Original Message- From: Scott Weeks [mailto:[EMAIL PROTECTED] -- [EMAIL PROTECTED] wrote: As a general rule, most clients are following the "If we gave them static IPv4 addresses we will give them static IPv6 addresses" (infrastructure, servers, etc). The whole SLAAC(autoconfig) vs DHCPv6 is a separate (albeit related) conversation ... I'm still an IPv6 wussie and would like to learn more before moving forward, so would anyone care to share info on experiences with this decision? -- [EMAIL PROTECTED] wrote: From: "Howard C. Berkowitz" <[EMAIL PROTECTED]> To try to stay operational about this Seeing Howard's quick response saying "To try to stay operational about this..." makes me realize I may have inadvertently invited a religious flame fest. Please! Operational content and hands-on experiences only to the best of your ability. I want to learn from this, not delete the whole thread. scott
RE: SLAAC(autoconfig) vs DHCPv6
To try to stay operational about this, I have a reality testing question I've used in IPv4 and, for that matter, bridged networks: If you want to test a resource, be it the end user or an infrastructure interface, how do you know how to foo it (foo being some value of ping, traceroute, look it up in SNMP/NetFlow, etc)? I submit that if you use dynamic assignment of any sort, you really have to have DNS dynamic update, so you can use a known name to query the function that's indexed by address. Otherwise, static addresses become rather necessary if you want to check a resource. This was especially a question when L2 was "in" and routing was out: how do you ping a MAC address? Howard -Original Message- From: Scott Weeks [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2008 3:34 PM To: nanog@nanog.org Subject: SLAAC(autoconfig) vs DHCPv6 -- [EMAIL PROTECTED] wrote: From: "TJ" <[EMAIL PROTECTED]> As a general rule, most clients are following the "If we gave them static IPv4 addresses we will give them static IPv6 addresses" (infrastructure, servers, etc). The whole SLAAC(autoconfig) vs DHCPv6 is a separate (albeit related) conversation ... I'm still an IPv6 wussie and would like to learn more before moving forward, so would anyone care to share info on experiences with this decision? scott