[180804] in North American Network Operators' Group
Re: Android (lack of) support for DHCPv6
daemon@ATHENA.MIT.EDU (Ted Hardie)
Wed Jun 10 17:05:07 2015
X-Original-To: nanog@nanog.org
Date: Wed, 10 Jun 2015 14:00:26 -0700
From: Ted Hardie <ted.ietf@gmail.com>
To: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On Wed, Jun 10, 2015 at 11:51 AM, Matthew Huff <mhuff@ox.com> wrote:
> +1
>
> One IP per device will almost most likely be the preference and
> implementation in corporate/enterprise deployments. Too much procedure,
> regulation and other roadblocks prevent any other solution.
>
> Authentication, Authorization, Accounting, ACLS, NMS, IDS, IP management,
> custom software, and other roadblocks will certainly stall if not stop IP=
v6
> deployments in enterprises if there isn=E2=80=99t at least the choice of =
static,
> single IPv6 addresses per device. SLAAC will probably be a complete
> non-starter in many corporate environments. It is in ours. The more
> ideologues preach about restoring peer-to-peer connectivity, dynamic IPs,
> privacy addresses, etc=E2=80=A6 the less penetration IPv6 will happen in =
corporate
> networks.
>
>
> So, the critical piece of what you assert above appears to be "static",
not "single". If a local address management system is always configured to
hand out the same /N to the same device, there doesn't seem to be a
requirement in the above that N=3D1.
Lorenzo has detailed why N=3D1 doesn't work for devices that need to use xl=
at
or which might want to tether other devices; he's volunteered to work with
folks on a document and to write code for the case where a device
successfully gets a useful value of N>1.
Can you help me understand why that doesn't work for you?
On the related topic of privacy addresses, I believe we should all be ready
for increasing variability in MAC address emitted by devices, and that if
you are intending to use MAC auth to assign that /N, you may now be or
will soon be surprised. In addition to the work Apple has done and which
can be done with Android, see the IEEE work here:
http://www.ieee802.org/PrivRecsg/
regards,
Ted
