Hello, all. I would like to share my interests on this issue and discuss DHCPv6 based solution more. Solutions suggested by Pekka are below. 1) run DHCPv6 again, with a different DUID or client identifier (could it get more /128's that way, 2) use DHCPv6 IAs to request multiple addresses? Then it would proxy these specific addresses instead of a whole /64.
IMHO, if we need much closer( = transparent) solution to the SLAAC plus ND proxy for the Internet sharing of local hosts, the box should be able to behave as DHCPv6 proxy agent. This means, if the box receivs Solicit message from a local host, it should be able to populate a state for message transaction and translate the received message to a proxyed message in both directions. I would like to know your opinion about this approach. Thank you in advance. Joseph 2008/10/30 Pekka Savola <[EMAIL PROTECTED]>: > On Thu, 30 Oct 2008, [EMAIL PROTECTED] wrote: >>>> >>>> Consider cellular host case: >>>> - host implements e.g. ND proxy and DHCPv6 PD for WAN connection >>>> sharing >>>> - host attaches to a network where only DHCPv6 happens to be used >>>> - host gets single /128 IPv6 address from DHCPv6 >>>> - host tries to get some prefixes for its LAN interface with DHCPv6 >>>> PD, but network's policy rejects the prefix request > > ... >> >> IMHO network that is giving out only /128 to hosts that are providing >> "network sharing feature" is forcefully creating "localized IPv6 address >> space exhaustion scenario" for the hosts, which I fear may be tackled >> with mechanisms familiar from IPv4 address exhaustion scenarios, i.e. >> with IPv6 NAPT. > > FWIW, I agree this would be a problem. > > But, maybe there is an implementable workaround to this operational issue. > Would it be possible for the host to either 1) run DHCPv6 again, with a > different DUID or client identifier (could it get more /128's that way, or > 2) use DHCPv6 IAs to request multiple addresses? Then it would proxy these > specific addresses instead of a whole /64. If neither of these is possible, > how would this scenario be different from the mobile terminal operating as a > L2 bridge and multiple devices behind it requesting addresses with DHCPv6? > > -- > Pekka Savola "You each name yourselves king, yet the > Netcore Oy kingdom bleeds." > Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > [email protected] > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- > -------------------------------------------------------------------- IETF IPv6 working group mailing list [email protected] Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
