[c-nsp] IPV6 in general was Re: Large networks

Gert Doering gert at greenie.muc.de
Thu Aug 27 09:08:31 EDT 2009 

Hi,

On Thu, Aug 27, 2009 at 01:05:11PM +0100, Phil Mayers wrote:
> Gert Doering wrote:
> 
> >A bit more tolerance and less "my solution is the only one that has any
> >right to survive!" would have helped a lot here.
> 
> You're right, and my language was unhelpful. Basically I'm venting ;o) 
> and I'm sorry if I've offended you Gert - particularly as I've a lot of 
> respect for your writing on this list.

No offense taken.  I'm just a bit tired of this discussion, which keeps
coming up on various lists every now and then - there's the "everything
must be DHCP!" crowd, and the "DHCP is IPv4 crap, IPv6 doesn't need
any of this!" crowd.  

Both sides usually refuse to acknowledge that the other side might have to 
offer something - and both sides stick to their ideology, slowing down 
progress for everyone.  Like in "DNS options in SLAAC" - without any way
to discover DNS, SLAAC is indeed completely useless, but the in-fighting
inside IETF delayed this for how long?  10 years?


Indeed, there are a few things wrong with SLAAC - but OTOH, there a few
things *right*.  For example: a router can do RA / SLAAC to add a new
prefix to a network "in flight", which is tremendously cool to help
renumbering - you add a prefix, deprecate the old prefix (but it's
still usable), peacefully migrate DNS and what else can't be done 
automatically, and then turn off the old prefix.  With the DHCP model
of "a client has to go out and query for the prefix to be used" this
would either mean "long turnover times" or "lots of query traffic".


What I don't like about this model is that the hosts are supposed to
auto-discover the routers, and "just pick one".  We *like* to configure
static default routes on our servers, and this just breaks with HSRP/VRRP
doing link-local only.  (VRRP doesn't require that, btw, it's just the
way vendor J seems to have implemented it).

So, yes, lots of things to learn and things to improve.

(Which makes "rolling out IPv6 to get things fixed in time!" even more
important)


> Interestingly I'm going to get a chance to find out how wrong my 
> assumptions are - since SXI doesn't support DHCPv6 & 6vPE, we're going 
> to have SLAAC everywhere. Hmm...

I hope that you'll find it useful enough for a number of scenarios :-) -
and most of the "other" scenarios can be handled by static configuration...

Where DHCPv6 is really needed is "DHCP prefix delegation to the CPE router
and the network behind the CPE router".  This would save lots of effort 
for large-scale deployments.

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20090827/04695aee/attachment.bin>

More information about the cisco-nsp mailing list