[167817] in North American Network Operators' Group
Re: turning on comcast v6
daemon@ATHENA.MIT.EDU (Lee Howard)
Mon Dec 30 13:58:46 2013
Date: Mon, 30 Dec 2013 13:58:17 -0500
From: Lee Howard <Lee@asgard.org>
To: Ryan Harden <hardenrm@uchicago.edu>
In-Reply-To: <595B1A61-2198-44E9-91EB-827C7091EA9F@uchicago.edu>
Cc: Jamie Bowden <jamie@photon.com>,
North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 12/30/13 1:04 PM, "Ryan Harden" <hardenrm@uchicago.edu> wrote:
>On Dec 24, 2013, at 8:15 AM, Lee Howard <Lee@asgard.org> wrote:
>
>>> default route information via DHCPv6. That's what I'm still waiting
>>>for.
>>=20
>> Why?
>> You say, "The protocol suite doesn't meet my needs; I need default
>>gateway
>> in DHCPv6." So the IETF WG must change for you to deploy IPv6. Why?
>>=20
>> Lee
>
>There are many places that wish to severely restrict or even block RA.
>Implementations of Captive Portal/NetReg/Bump in the wire auth/etc like
>to do redirection based on MAC. Many are doing this with very short DHCP
>leases that hand out different name servers and/or gateways until you
>properly auth via $method. You might be able to do this with something
>like RADVD, but when you have systems that have been doing this for IPv4
>for years, there=B9s little interest (read: budget) in rewriting everything
>for IPv6.
Thank you very much for presenting an actual use case.
Seems like a dot1x kind of application, where the host is in a temporary
VLAN until authenticated (etc.), right? Same use case, different network
solution.
>
>'Rewrite all of your tools and change your long standing business
>practices=B9 is a very large barrier to entry to IPv6. If adding gateway as
>an optional field will help people get over that barrier, why not add it?
>Sure it doesn=B9t fit into the =B3IPv6 way,=B2 but bean counters don=B9t care
>much for that when you have to ask for developer time to rewrite
>everything.
Well, the tools have to be rewritten to support IPv6 fields, sockets, and
structures anyway. However, there's a difference between, "Make sure you
call IP family agnostic libraries and increase field sizes, then let it
run" and "Rebuild your network security." DHCP+RA just works in most
networks; this is a use case where it could be made to work, but only by
changing the network.
As for "why not add it?" my answer is that if it's needed, we should add
it. If it's not needed, we should not add it. "I want default gateway in
DHCPv6" does not answer the question of whether it's needed, which is why
I asked why.
>=20
>
>Disclaimer: I don=B9t condone said methods and trickery mentioned above,
>just pointing out their use.
Will consider more.
Lee
>
>/Ryan
