> The use of DHCPv6 is a constraint? It is just another option, which is also
> dynamic, in my opinion.
DHCP PD will work too in multi-router case but there might be limitation in
case of multi-homing.
Another option to explore is stateless address auto-configuration using
Neighbor Discovery during the startup process.
-Samita
On 8/2/11 9:42 PM, "Samita Chakrabarti" <[email protected]>
wrote:
>
>Please see below.
>
>-----Original Message-----
>From: [email protected] [mailto:[email protected]] On
>Behalf Of Shane Amante
>> do is a tall order. I also think the is more than a desire to ease
>> configuration burden, this is a must since most users on the Internet
>> have very basic technical skills.
>
>So, I agree with this point, but are we constraining our thinking too
>early? For example, if the assumption is there is a singular
>CPE-router/FW that has been allocated a /56 from a provider, then:
>- why couldn't the FW provide 'stateful firewall' service for the first
>'covering' /60 of IPv6 prefixes (/64's) allocated within the house;
>- but, the CPE-router/FW would /NOT/ provide stateful or stateless
>firewall for the remaining 7/8's of address space allocated within the
>house.
>
>Of course, just change the 'mask' lengths to represent whatever the WG
>thinks are 'sensible' defaults.
>
>And, we'd need to decide if this is something a device in the home can
>'dynamically' request from the CPE-router/FW via, say, DHCPv6 or if
>there are better options ...
>
>-shane
>
>
>SC> Agree. I would like to see more openness in the design of 'future
>home network' where in the future we might need to do more
>auto-configuration; the networks and devices might be such that they
>would be more lightweight and suitable for address auto-configuration
>than today's DCHP only home-network - though DHCP(v6) support would be
>absolutely needed for backward compatibility. But constraining homenet
>into DHCP-only network will limit the applicability of new type of
>networks, topologies, devices and services etc.
>
>-Samita
>
>
>
>
>
>
>
>
>>>
>>> A different idea is that the firewall always work in a very minimal
>>> mode by default (e.g. it passes no traffic, or maybe only outgoing
>>> port 80 traffic, but its configuration interface is enabled for the
>>> internal
>>> ports) so that the user must configure it in order to get it to do
>>> anything useful. That way, the first thing a user learns about his
>>> router/firewall is how to configure it. Then you want to focus on
>>> making the configuration interface easy to understand. (You also
>>> have to figure out how to keep the user from hooking up the internal
>>> port to the external connection.)
>> [jjmb] I said something similar to this is in an earlier email. To
>> the start there should perhaps be a basic configuration that protects
>> the user and allows the service to be usable.
>>>
>>> But these are user interface issues, not protocol issues. Perhaps
>>> they're better addressed in homenet than here.
>> [jjmb] I could image some protocol work that could ease the pain
>> here, UI for sure could facilitate ease of use.
>>>
>>> Keith
>>>
>>> _______________________________________________
>>> v6ops mailing list
>>> [email protected]
>>> https://www.ietf.org/mailman/listinfo/v6ops
>>
>> _______________________________________________
>> v6ops mailing list
>> [email protected]
>> https://www.ietf.org/mailman/listinfo/v6ops
>
>_______________________________________________
>homenet mailing list
>[email protected]
>https://www.ietf.org/mailman/listinfo/homenet
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
