RA DHCP problem...
Hi all, Here is my summary from an online discussion. We know this affect alot of different things, RFCs, documents, not to forget many religious views, but _try_ to put all that aside for a while... We all think it's time to address this reoccurring issue and discussion on RAs and DHCP. RA isn't perfect, neither is DHCP but sometime there is a need to use DHCP instead of RAs. In short - DHCP need to be able to supply default gateway independing of RAs or no RAs. That is a client should be able to get only in a IPv6 only network _if_ there is no RAs, only DHCP there. The core change we're suggesting are to change things so: Supporting RAs is mandatory so no change there. However it is recommended to have it on by default, but NOT mandatory. We're _only_ opening up so anything else can provide defaultroute. DHCP must support defaultroute and must be decoupled from RAs, no M-bit or whatever. If DHCP and RA shows up, all should be added to the routing table and the kernel should sort it out. That is the implementer have a choice here but that's a completely other discussion thread all together. (tons of options on how DHCP and RAs can live together, all with their own pitfalls. From the simple one that dhcpclient can disable the kernel from accepting RAs with it's own pitfalls, to let the kernel sorting them out, and over to preferring either one - RAs or DHCPs defaultroute) -- -- Roger Jorgensen | - ROJO9-RIPE - RJ1866P-NORID ro...@jorgensen.no | - The Future is IPv6 --- A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail?
Re: RA DHCP problem...
On Sat, 28 Dec 2013, Roger Jørgensen wrote: supply default gateway independing of RAs or no RAs. That is a client should be able to get only in a IPv6 only network _if_ there is no RAs, only DHCP there. Why? What problem are you solving by changing the current behavior? DHCP must support defaultroute and must be decoupled from RAs, no M-bit or whatever. M-bit is a hint, nothing in the standard says a host isn't allowed to use DHCP on a network. (tons of options on how DHCP and RAs can live together, all with their own pitfalls. From the simple one that dhcpclient can disable the kernel from accepting RAs with it's own pitfalls, to let the kernel sorting them out, and over to preferring either one - RAs or DHCPs defaultroute) Personally I think it's a huge mistake for an implementor to have the kernel process RAs, all this control plane should be done in userspace, not in the kernel. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: RA DHCP problem...
hey, Why? What problem are you solving by changing the current behavior? We propose to decouple DHCP from RA, view them as two different autoconfiguration protocols. Today you can't deploy DHCP without RA and this forces you to support/secure two protocols that mostly overlap. Personally I think it's a huge mistake for an implementor to have the kernel process RAs, all this control plane should be done in userspace, not in the kernel. Kernel, userspace, doesn't matter but we propose not to make it complicated and prefer one over another. Let RA and DHCP work independently and configure interfaces/routing tables. Let kernel sort out which address/route to use based on weights or even ECMP over both RA and DHCP defaultroutes if one chooses to do so. -- tarko
Re: RA DHCP problem...
On Sat, Dec 28, 2013 at 03:41:58PM +0100, Roger Jørgensen wrote: It should be possible to have a network running DHCP without any RA, if someone wants to do that. As far as I know, and you need RAs in todays world because DHCPv6 can not give out defaultroute. It break the standard if it (DHCPv6) does... DHCPv6 does not provide any on-link information. So you would have to include those, too. IIRC dibbler dhcp implementation has their own option to specificy prefix length and on-link information so I assume you can already use it standalone without RA. But I don't see any benefit in doing so. (dibbler already supports sending gateway and route informations in dhcpv6). Greetings, Hannes
Re: RA DHCP problem...
On 28/dic/2013, at 17:36, Hannes Frederic Sowa han...@stressinduktion.org wrote: On Sat, Dec 28, 2013 at 03:41:58PM +0100, Roger Jørgensen wrote: It should be possible to have a network running DHCP without any RA, if someone wants to do that. As far as I know, and you need RAs in todays world because DHCPv6 can not give out defaultroute. It break the standard if it (DHCPv6) does... DHCPv6 does not provide any on-link information. So you would have to include those, too. IIRC dibbler dhcp implementation has their own option to specificy prefix length and on-link information so I assume you can already use it standalone without RA. But I don't see any benefit in doing so. (dibbler already supports sending gateway and route informations in dhcpv6). Dibbler sends them, but no DHCPv6 client except dibbler's can use them. Non-standard solutions are useless in this case. -- Marco Sommani Consiglio Nazionale delle Ricerche Istituto di Informatica e Telematica Via Giuseppe Moruzzi 1 56124 Pisa - Italia work: +390506212127 mobile: +393487981019 fax: +390503158327 mailto:marco.somm...@iit.cnr.it smime.p7s Description: S/MIME cryptographic signature
Re: RA DHCP problem...
On Sat, Dec 28, 2013 at 05:57:14PM +0100, Marco Sommani wrote: On 28/dic/2013, at 17:36, Hannes Frederic Sowa han...@stressinduktion.org wrote: On Sat, Dec 28, 2013 at 03:41:58PM +0100, Roger Jørgensen wrote: It should be possible to have a network running DHCP without any RA, if someone wants to do that. As far as I know, and you need RAs in todays world because DHCPv6 can not give out defaultroute. It break the standard if it (DHCPv6) does... DHCPv6 does not provide any on-link information. So you would have to include those, too. IIRC dibbler dhcp implementation has their own option to specificy prefix length and on-link information so I assume you can already use it standalone without RA. But I don't see any benefit in doing so. (dibbler already supports sending gateway and route informations in dhcpv6). Dibbler sends them, but no DHCPv6 client except dibbler's can use them. Non-standard solutions are useless in this case. Sure, I just wanted to maybe give a starting point if OP wants to bring this ot the IETF 6man's table.
Re: RA DHCP problem...
On Sat, 28 Dec 2013, Roger Jørgensen wrote: did you see the start of my mail? Yes. It should be possible to have a network running DHCP without any RA, if someone wants to do that. Why? Because I want to isn't a good technical answer. -- Mikael Abrahamssonemail: swm...@swm.pp.se