Geoff on IPv4 Exhaustion

Jussi Peltola pelzi at pelzi.net
Sun Nov 20 18:16:24 CET 2011


On Sun, Nov 20, 2011 at 03:02:39PM +0000, Olipro wrote:
> On Sunday 20 Nov 2011 06:02:13 Jussi Peltola wrote:
> > On Sun, Nov 20, 2011 at 12:32:08PM +0900, Erik Kline wrote:
> > > > You want to run a routing protocol on hosts? Are you going to add
> > > > knobs to DHCP to configure it? Or walk to every host when you
> > > > want to reconfigure the routing protocol?
> > > 
> > > The hosts already run a [mini]routing protocol: ICMPv6.
> > > 
> > > They can learn about multiple routers, and merge router preferences
> > > to
> > > select which router should be used for a default router.  They can
> > > detect the loss of a router and switch to using another router on
> > > link.  They can learn about multiple prefixes on link, and cope with
> > > when they go away.  They can even learn about non-default routes, via
> > > RIOs.
> > 
> > And people *will* want to configure all this with DHCP. Not being to
> > able to configure the things you need to when moving a machine to
> > another network defeats the purpose of DHCP. At a minimum, said routing
> > protocol would have to be turned on and off with DHCP.
> 
> Is DHCP some sort of panacea for you that you think any arbitrary 
> functionality should be thrown into?

No. DHCP has worked for years, and I do not see any need to break it up
and replace it with solutions looking for problems. But I guess it's too
late.

> > ARP/ND/ICMP or RIP on hosts have been found problematic in practical use.
> > Would anyone run RIP on hosts instead of defining different settings
> > with DHCP? I do not need or want any more unauthenticated broadcast-type
> > protocols. DHCPv4 is of course also one of those, but more manageable,
> > having transactions between the server and each client instead of
> > broadcasts that are not usually logged or easy to troubleshoot after the
> > fact.
> 
> Given that solicitations for RAs and solicitations for DHCPv6 both use 
> multicast (not broadcast, this isn't IPv4) I still fail to understand 
> exactly what benefit you think you're supposed to gain from using DHCPv6 
> over RAs given that there is no additional security, unless you want to 
> start filtering on client DUIDs (and just how secure or reliable do you 
> think that'll be?)

Now, show me some unsolicited DHCPv4 packets that modify routing tables
without a 2-way exchange, please. And the question was not about
security per se, but ease of debugging and predictability. With DHCPv4
the DHCP configuration specifies the client's config rather well, with
RAs and DHCPv6 this is not the case and the results are much less
predictable.

Even routing protocols of today are not susceptible to the perils of
unidirectional communication. Would you run an IGP that will happily
send traffic towards an unidirectional link where it can see
announcements?

> If anything, considering that you can already configure radvd to dish out 
> routing information beyond a default route, this is a done deal; if you're 
> asking for DHCPv6 to be handing out routing information, my wager is that 
> your head is still stuck in the IPv4 world and you've failed to understand 
> what you can do with ICMPv6

Yet another arrogant reply.

The fact is that IPv6 in its current state does not allow many of the
operationally necessary things DHCPv4 does. If the only reply to this
problem that is available is nitpicking about the difference between
broadcasts and multicast groups named "all-routers" and "all-hosts",
I rest my case.

Jussi Peltola




More information about the ipv6-ops mailing list