RA & DHCP problem...

Lorenzo Colitti lorenzo at google.com
Sun Dec 29 21:48:52 CET 2013 

On Sun, Dec 29, 2013 at 12:37 PM, Nick Hilliard <nick at foobar.org> wrote:

Ok, I'll bite.

On 28/12/2013 15:07, Philipp Kern wrote:
> > how do these deployments look like?
>
> large.  Either small numbers of very large l2 domains or else large
> numbers of l2 domains with lots of hosts.  In either case, the use case is
> tens of thousands of ipv6 hosts.
>

Is the size an issue here? Is there something about having tens of
thousands of IPv6 hosts that makes RAs unsuitable?

The alternative is to advertise RAs at the rfc-specified minimum interval
> of 3s, giving a failover time of 10s.  This isn't compatible with many
> business cases.
>

Why 10s? Have two routers send out RAs every 3 seconds and give them a
lifetime of 5 seconds. That should give you maximum 5s failover (average
2.5s), because after 5s the RA will expire.

1. running RA+DHCPv6 is running two protocols to handle autoconfiguration,
> which is not particularly compatible with the KISS principal because two
> protocols is by necessity more fragile than operating with just one.  If
> alternatively dhcpv6 were able to provide a defgw option, we could drop an
> entire protocol.

2. two protocols is inherently more difficult and therefore expensive to
> debug than one.
>

The operator can drop a protocol, but the host implementer needs to handle
2. Also, it's possible that you don't need to run DHCP. If routing and DNS
are all you need, then you can simply run RAs only.

3. there is no way of specifying a global unicast ipv6 address.  You can
> only specify link-local addresses.
>

What?

4. there is no way for RAs to deploy different gateways to different hosts:
> all hosts on the network must be configured in the same way.
>

You can use unicast RA replies for that.


> 5. there is no way to specify anything other than a default gateway.
>

What do you mean? If you mean there's no way to configure more specific
routes, RFC 4191 has allowed that since 2005.


> 6. the failover characteristics of RAs are very poor by modern standards.
>

DHCP doesn't help there. If you want better than that, you need to use
something like VRRP anyway.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20131229/779ab643/attachment.html

More information about the ipv6-ops mailing list