[141955] in North American Network Operators' Group
Re: The stupidity of trying to "fix" DHCPv6
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Jun 14 18:13:17 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <5E6F93FB-0FDA-4B23-BDD3-977369955B3E@bjencks.net>
Date: Tue, 14 Jun 2011 15:05:59 -0700
To: Ben Jencks <ben@bjencks.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jun 14, 2011, at 11:00 AM, Ben Jencks wrote:
> On Jun 14, 2011, at 1:41 PM, Owen DeLong wrote:
>=20
>> Then use RA and move on. However, please understand that yours
>> is not the only environment and that there are real-world scenarios
>> where having the router-guys dictate the host configuration is =
considered
>> unacceptable at best.
>=20
> This has always confused me. What aspect of host configuration is the =
router providing that's so problematic? The prefix, which has to match =
on the router and host in order for anything to work anyway? The =
indication to go use DHCPv6, which doesn't really add anything since you =
need to configure a DHCPv6 proxy anyway? There's just so little =
information in an RA, and the router needs to know it all anyway, that =
I'm having trouble understanding what environment would find this so =
horrifying.
>=20
> -Ben
Imagine this scenario...
[RA] [RB] [RC] [RD]
| | | |
[-+---+---+---+---+----+---+---+---+---+---+---+---+---+---+-]
| | | | | | | | | | |
[AR] [AP] [ACCTG] [D1] | [D2] | [D3] | [W1] [W2]
[L1] [R1]
AR is Accts Receivable
AP is Accts Payable
ACCTG is the Accts server
D1-D3 are developer workstations.
W1-W2 are internal application web servers
L1 is the lobby computer (badging kiosk)
R1 is the Receptionist.
RA, RB are routers which are run by IT and connect off to the
IT subnets in the main building.
RC, RD are routers which are run by the DEV group and connect
off to the DEV group subnets in the main building.
See... This is an oversimplification, but, these things happen in the =
real world.
The desire is for the AR/AP/ACCTG/L1/R1 hosts to use the RA/RB prefixes
and default gateways. Currently that's done by the DHCP server knowing =
which
MAC addresses to expect for those systems. Everything else gets shunted =
to
the DEV network.
Yes, the right solution would be to at least separate the VLANs and =
clean up this
mess. However, due to software packages that need to talk to each other =
over
common local broadcast across that boundary, this isn't possible in this =
particular
organization (don't get me started on the bad software, but, that's what =
there is.)
There are large varieties of other situations where having the router =
supply
prefix and default gateway information on the theory that all routers on =
a
link are created equal and anyone on a link may use any router (priority
doesn't help here because the goal is to have different hosts use =
different
sets of gateways).
Which prefix does "the prefix" have to match? How, using RA, do you =
assign
the RC/RD prefix(es) to the D1-D3 hosts and the RA/RB prefix(es) to =
everything
else (or vice versa)?
Sometimes link !=3D subnet.
Owen
