Mysterious missing DHCPv6 feature, was Re: How does one obtain an IPv6 DNS server when VPNing to an ASA?

David Barak thegameiam at yahoo.com
Tue May 18 13:35:44 CEST 2010 




--- On Tue, 5/18/10, Mark Smith <nanog at 85d5b20a518b8f6864949bd940457dc124746ddc.nosense.org> wrote:

> It's an architectural principle of the Internet (RFC1958)
> -
> 
> 
> 3.2 If there are several ways of doing the same thing,
> choose one.
>    If a previous design, in the Internet
> context or elsewhere, has
>    successfully solved the same problem,
> choose the same solution unless
>    there is a good technical reason not
> to.  Duplication of the same
>    protocol functionality should be avoided
> as far as possible, without
>    of course using this argument to reject
> improvements.
> 
> I don't believe DHCPv6 only verses RA+DHCPv6 is a
> significant
> improvement, worth the additional costs. It doesn't save
> significant RAM
> or packets, would require additional code - which means new
> and
> different bugs, and causes more confusion as to what
> options to pick
> when deploying IPv6.


Here we disagree.  In IPv4-land, a whole bunch of functions are handled via DHCP, and modifications in a simgle place (the DHCP server) can affect a whole bunch of remote clients without any other necessary changes.  RA+DHCPv6 requires congruent configurations in N places, where N >= 2 always, and for large scale enterprises N is much greater than 2.  Moving to a DHCP-only model would restore the business processes that many, many enterprises have built using centralized management, and would allow a single authoritative server to control their remote deployments.  That is a HUGE improvement over RA+DHCPv6, and arguments against it have a religious timbre rather than a technical one.

> That's exactly my point. IPv6 methods work *FOR SOME PEOPLE AND SOME VALUES OF "WORK"*. They may not
> work how some
> people want them to, but tough, deployment of something
> that works is
> more important now than trying to change design decisions
> that have
> been in place for 10 to 15 years.

Fixed that for you.  Seriously, that attitude - "hey, this works well enough for me, you should just suck it up and redesign your business process for your multiple million customer installed base" is part of the problem, not the solution.

David Barak
Need Geek Rock?  Try The Franchise: 
http://www.listentothefranchise.com

More information about the ipv6-ops mailing list