RA & DHCP problem...
Tarko Tikan
tarko at lanparty.ee
Mon Dec 30 14:17:00 CET 2013
hey,
> Many host operating systems network stacks expect to have exactly one
> default route. (If you have more than one, which is the default?)
> This is not connected to the question of how many IP addresses they have
> configured on whichever many interfaces. This is the question "if I have
> conflicting information from DHCP and RA, where should the packets go",
> and there is no immediately obvious answer to that question.
Agreed this wasn't the best example but it's valid for two default gw's
as well. You can also have same situation with mix of manual config and
RA or two routers of which one cannot be used for transit traffic (or
even second malicious router).
> -If- there get to be DHCP v6 routing options -and- there is no clear
> guidance what to do when DHCP and RA conflict, sooner rather than later
> best practise will be not to run DHCP and RA on the same network, because
> information will disagree often enough if you give it any chance at all to
> do so.
I would say it's definetly not best practice. But no real harm will be
done if you accidently do it (or during migration), kernel will not go
into deadlock or something like that. You can have traffic blackholing
but it's not really different from todays situation.
There is no need to prefer one protocol over another and make it
complicated (also complicated to implement if RA is in kernel ja DHCP in
userland).
> My personal guess is that this would mean that RA would vanish due to lack
> of use. Too many people are familiar with DHCP in v4 to not just translate
> their setups 1:1 with longer adresses if they get half a chance.
No. In our setup it's DHCPv6 with IA_PD only on HGW WAN and RA +
RDNSS/stateless DHCPv6 on LAN. This makes total sense because RA is
widely supported in enduser systems.
> Note this is not an argument against or for routing options for IPv6 in
> DHCP; it's just an argument against declaring it Someone Elses Problem
> how to handle conflicting information if that way gets chosen.
> I have the suspicion I would wind up being Someone Else in this case,
> and would rather not be happy with the results :-P
It's not exactly someone elses problem as someone else don't need to do
work if default gw is added to DHCPv6. But I agree in the end it can
make sense to specify protocol preference but I feel it will be even
more heated discussion compared to this one.
--
tarko
More information about the ipv6-ops
mailing list