[167610] in North American Network Operators' Group
Re: turning on comcast v6
daemon@ATHENA.MIT.EDU (Matthew Huff)
Fri Dec 20 15:50:39 2013
From: Matthew Huff <mhuff@ox.com>
To: Owen DeLong <owen@delong.com>
Date: Fri, 20 Dec 2013 15:50:12 -0500
In-Reply-To: <6CEF1F06-E96B-42D0-874F-F30EA93BD667@delong.com>
Cc: nanog2 <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 20, 2013, at 3:23 PM, Owen DeLong <owen@delong.com> wrote:
>=20
> On Dec 20, 2013, at 6:29 AM, Matthew Huff <mhuff@ox.com> wrote:
>=20
>> With RA, what is the smallest interval failover will work? Compare that =
with NHRP such as HSRP, VRRP, etc with sub-second failover.
>=20
> RA and VRRP are not mutually exclusive. What you can=92t have (currently)=
is routing information distributed by a DHCP server which may or may not a=
ctually know anything about the routing environment to which it is sending =
such information.
>=20
>> In corporate networks most of the non-client systems will be statically =
addressed with privacy addresses turned off. This is for regulatory, audit,=
security and monitoring requirement. One of the many challenges of ipv6 in=
a corporate environment.
>=20
> There=92s no problem doing this in IPv6. You can easily statically addres=
s a system and you can easily turn off privacy addresses. You can even do t=
hat and still get your default router via RA or you can statically configur=
e the default router address.
>=20
> As such, can someone please explain what is the actual missing or problem=
atic requirement for the corporate world?
>=20
> Owen
Reality.
Owen, not all OS and especially hardware appliances (dedicated NTP applianc=
es, UPS cards, ILO), etc... will work with RA and static addresses. They ju=
st don't. Some OS's won't disable SLAAC unless you disable autoconf on the =
switch. When you do that, they loose the ability to pickup RA. Some will on=
ly work with link local gateway addresses, some will only work with link gl=
obal gateway addresses. There is a lot of cruft out there in the enterprise=
world that claims IPv6 compatibility, but in the real world doesn't work c=
onsistently. Almost all can be made to work, but require custom configurati=
on. Far too much work for many organizations to see value in deployment. In=
at least on IT department I know of, IPv6 is banned because the CIO read a=
bout one of the "advantages" of IPv6 is bringing back the p2p model of IP, =
and most corporate management has zero interest in having any p2p connectiv=
ity within their network.
For our desktop environments (Windows 7 and RHEL6) we have two different co=
nfigurations on the switches on separate VLANs using SLAAC with DHPCv6 and =
that works fine with RA announcing the NHRP. Other equipment, not so much.
