I think the usual deployment scenario to use DHCPv6 will be to configure routers to send RAs with M/O bits set and PIOs for prefixes on the link with 'A' bits not set. That is, hosts will be aware of prefixes on the link, for routing decisions, while using only addresses assigned through DHCP. We've tested this deployment scenario with Vista and some flavors of *NIX and it works as expected.
And, I think the usual deployment scenario will be to coordinate the routers and the DHCP service so that the same prefixes are advertised on the link and used for address assignment. Assuming DHCP is desired by the network administrator, the host could, in fact, generate CGA addresses and send them to the DHCP server as a hint. If you're postulating changes to the IPv6 stack to generate the CGAs, it seems reasonable to me that the DHCPv6 implementation could be extended to send the CGA as a hint. In the case that the network administrator wants to assign an address from, say, only one of the available prefixes on the link, I suppose the host could generate a CGA from each prefix, and then the DHCP server can select the appropriate CGA to actually assign. - Ralph On 6/20/07 12:58 PM, "James Kempf" <[EMAIL PROTECTED]> wrote: > The basic issue is that the host must know which subnet prefix to use prior > to sending the DHCP REQUEST if it is to generate a CGA. The prefix is part > of the CGA parameters data structure used in the hash calculation for the > crypto-id, as described in Section 3 of RFC 3972. The host then includes an > IA Address Option (Section 22.6 of RFC 3315) with the address in a DHCP > REQUEST. So that means that the RA must include a prefix information option > so that the host has the prefix in order to generate the address. > > Exactly how that interacts with address autoconfiguration is something that > would need to be addressed in generating the draft describing how to do CGAs > with DHCP. I don't know whether hosts using DHCPv6 commonly propose > addresses today, but I suspect probably not, since it isn't done in IPv4 and > I suspect DHCPv6 is most commonly used in a way that works as much like the > v4 case as possible. Others with more operational and deployment knowledge > of DHCP use please correct me if I am wrong. > > jak > > ----- Original Message ----- > From: "Thomas Narten" <[EMAIL PROTECTED]> > To: "James Kempf" <[EMAIL PROTECTED]> > Cc: "marcelo bagnulo braun" <[EMAIL PROTECTED]>; "Stig Venaas" > <[EMAIL PROTECTED]>; "INT Area" <[EMAIL PROTECTED]> > Sent: Wednesday, June 20, 2007 8:32 AM > Subject: Re: DHCPv6 and CGA (was: Re: [Int-area] SeND & CGA Extensions BOF) > > > "James Kempf" <[EMAIL PROTECTED]> writes: > >> I think it is already possible for a node to use CGAs with DHCPv6. The >> node >> sends an Interface ID Option (Section 22.18 of RFC 3315) along with the >> REQUEST, containing a cryptographically generated interface id. The DHCP >> server assigns the address having this id. For this to work, the subnet >> prefixes must be advertised in the RA even though the 'M' flag is set, >> since >> the cryptographic generation process uses the subnet prefix. If the RA >> advertises more than one subnet, there might be a problem, since there is >> no >> way to indicate to the server which subnet the host has selected. > > Do you mean that the RA must include a prefix information option? If > so, with which bits set? if the autoconfigure bit must be set for this > to work, that seems like a non-starter, since now there is no point in > using DHCP to get an address you already legitimitely have. (I don't > know the details right off here, hence I'm asking.) > > Thomas > > > > > _______________________________________________ > Int-area mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/int-area _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
