Why used DHCPv6 when RA has RDNSS and DNSSL?

Fernando Gont fernando at gont.com.ar
Thu Apr 2 10:24:34 CEST 2020 

On 2/4/20 03:19, Gert Doering wrote:
> Hi,
> 
> On Thu, Apr 02, 2020 at 12:09:34AM -0300, Fernando Gont wrote:
>> On 1/4/20 14:16, Gert Doering wrote:
>> [...]
>>> Even IETF discontinued recommending DHCPv6-PD for "inside a home network",
>>> because it doesn't work.
>>
>> Would you mind elaborating on this one?
> 
> Which of the two parts? :-)
> 
> As far as I understand, the official IETF recommendation for "how to
> run a home with multiple subnets" is "homenet / HNCP" now, which distributes
> individual /64s via HNCP, not whole prefixes via DHCPv6-PD.

I haven't been following homenet, to be honest. Is it widely implemented?



> The reason why I state "DHCPv6 doesn't work" is "in practice".  There is
> a practical lack of interest from vendors to make it work properly (as in,
> you can properly tie the delegated prefix(es) to ACLs, for example).
> 
> On the "why is this a bad idea to start with" side, the chunkiness of
> subnet distribution makes it really unsuitable for anything but the most
> simple 1-level hierarchy.
> 
> 
> So, ISP-to-customer, delegates a /56.  Next-level router asks for a prefix,
> and gets... what?  Third-level router asks for a prefix, and gets what?

I guess a % of what was originally leased?

In any case, I'm not sure one would do much more than 2 or three 
hierarchies of  DHCPv6-PD.

And when it comes to the home, if the CPE could do PD on the LAN side, 
most current needs would be covered.

Clearly, without a requirements of how many levels you want to support, 
it's impossible to tell how you might want to partition your address space.

And the desire to delegate prefixes is also a bit at odds with the 
strict definition of /64 subnets which end up using a huge address space 
with a very low host density.



> Corporate ISP-to-customer delegates a /48, so theoretically, there are
> "enough /56s in there to do lots of PD delegation to next-level routers" -
> but in practice, a /48 is supposed to be sufficient for a good-sized
> office building with *lots* of internal structure, and as soon as you
> have lots of internal network segments, you have no liberty to just give
> out random /56s here and there anymore.

But, in that case, I'm not sure you'd want *dynamic* leases.



> Now, abandon the idea of "multi-level" DHCPv6-PD, and just assume "all
> you'll ever see is mobile clients asking for a single /64" (which, as
> I heard, is thinking too small, because you can have stacks of stacks,
> but stick to the /64 for the moment).  Normally, you'd assign a /64 per
> network segment - office LAN floor 1, 2, 3, guest LAN, etc. - and have
> (effectively) an infinite number of addresses for more machines than
> you can ever connect. 

Just curious: what would be the use case of /64 per host (besides trying 
to limit number of entries in the NC, etc.)?

Thanks,
-- 
Fernando Gont
e-mail: fernando at gont.com.ar || fgont at si6networks.com
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

More information about the ipv6-ops mailing list