On 4 January 2014 06:06, Ricky Beam jfb...@gmail.com wrote:
It'll **NEVER** be a default because it breaks too many clueless people's
networks. Just like, surprise, DHCP guard isn't on by default in any
gear I'm aware of.
Spanning-tree portfast isn't on by default, and that breaks plenty of
On Jan 5, 2014, at 11:44 PM, valdis.kletni...@vt.edu wrote:
If Joe Home User has a rogue device spewing RA's, he probably has a bigger
problem than just not having RA Guard enabled. He either has a badly
misconfigured router (and one that's disobeying the mandate to not RA
if you don't have
On Mon, 06 Jan 2014 09:44:32 -0600, Leo Bicknell said:
mandate isn't the right description.
http://tools.ietf.org/html/rfc6059
There is a ~3 year old _proposed standard_ for the behavior you describe.
I'll make the case that if a router becomes unable to forward packets
because it has lost
On 01/04/2014 05:42 AM, Baldur Norddahl wrote:
On Sat, Jan 4, 2014 at 2:12 AM, Doug Barton do...@dougbarton.us wrote:
If you did add default route to DHCPv6, what is then supposed to happen to
the other routes, that the client might discover?
You would configure the client not to do RS,
On Jan 6, 2014, at 10:37 , Doug Barton do...@dougbarton.us wrote:
On 01/04/2014 05:42 AM, Baldur Norddahl wrote:
On Sat, Jan 4, 2014 at 2:12 AM, Doug Barton do...@dougbarton.us wrote:
If you did add default route to DHCPv6, what is then supposed to happen to
the other routes, that the
On Sat, 04 Jan 2014 14:03:21 -0500, Owen DeLong o...@delong.com wrote:
A router, yes. THE router, not unless the network is very stupidly put
together.
Like every win7 and win8 machine on the planet? (IPv6 is installed and
enabled by default. Few places have IPv6 enabled on their LAN, so a
On Jan 6, 2014, at 12:57 , Ricky Beam jfb...@gmail.com wrote:
On Sat, 04 Jan 2014 14:03:21 -0500, Owen DeLong o...@delong.com wrote:
A router, yes. THE router, not unless the network is very stupidly put
together.
Like every win7 and win8 machine on the planet? (IPv6 is installed and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 1/6/2014 1:08 PM, Owen DeLong wrote:
The port isn't particularly trusted, but it is allowed to send RAs
which are forwarded to the network by default. Obviously a sane
switch would allow this configuration to be changed. We're not
talking
On Jan 6, 2014, at 13:22 , Paul Ferguson fergdawgs...@mykolab.com wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 1/6/2014 1:08 PM, Owen DeLong wrote:
The port isn't particularly trusted, but it is allowed to send RAs
which are forwarded to the network by default. Obviously a
On Sat, 04 Jan 2014 10:10:24 -0600, Leo Bicknell said:
What happens when Joe Home User buys a new Linksys and wants to plug it in to
get a firmware update before installing it? Are we really supposed to expect
that every Joe Homeowner understands RA Guard and configures it for their home
On Sat, Jan 4, 2014 at 2:12 AM, Doug Barton do...@dougbarton.us wrote:
If you did add default route to DHCPv6, what is then supposed to happen to
the other routes, that the client might discover?
You would configure the client not to do RS, and to ignore any RAs that it
receives. Simple.
On Jan 3, 2014, at 7:52 PM, Owen DeLong o...@delong.com wrote:
Well… Sure, 15 years after DHCP attacks first started being a serious
problem… I doubt it will take anywhere near 15 years for RA guard on by
default to be the norm in switches, etc.
I count over a dozen ethernet switches in my
For IPv6, you can become a/the router for a segment with the origination of a
single packet. Instantly. That’s something you can never do with DHCPv4.
A router, yes. THE router, not unless the network is very stupidly put together.
Well… Sure, 15 years after DHCP attacks first started
On 01/02/2014 10:30 PM, TJ wrote:
I'd argue that while the timing may be different, RA and DHCP attacks
are largely the same and are simply variations on a theme.
Utter nonsense. The ability to nearly-instantly switch traffic for
nearly-all nodes on the network is a very different thing than
On Fri, Jan 3, 2014 at 9:40 AM, Doug Barton do...@dougbarton.us wrote:
On 01/02/2014 10:30 PM, TJ wrote:
I'd argue that while the timing may be different, RA and DHCP attacks
are largely the same and are simply variations on a theme.
Utter nonsense. The ability to nearly-instantly switch
On 01/03/2014 01:15 AM, Baldur Norddahl wrote:
On Fri, Jan 3, 2014 at 9:40 AM, Doug Barton do...@dougbarton.us wrote:
On 01/02/2014 10:30 PM, TJ wrote:
I'd argue that while the timing may be different, RA and DHCP attacks
are largely the same and are simply variations on a theme.
Utter
On Fri, Jan 03, 2014 at 12:40:42AM -0800, Doug Barton wrote:
Further, by far the common case is for network gear to _already_ be
configured to avoid permitting hosts to act as DHCP servers unless
they are supposed to be. It's rare to even find a network device
that has RA Guard capabilities,
On Fri, Jan 3, 2014 at 10:24 AM, Doug Barton do...@dougbarton.us wrote:
... and yet most IPv4 networks are not completely unprotected.
We are apparently talking about completely unprotected networks here.
Otherwise there is simply no problem. You would be filtering RA and many
other things,
On Jan 3, 2014, at 12:30 AM, TJ trej...@gmail.com wrote:
I'd argue that while the timing may be different, RA and DHCP attacks are
largely the same and are simply variations on a theme.
Rogue RA's can take down statically IPv6'ed boxes.
Rogue DHCP servers will never affect a statically
On Fri, Jan 3, 2014 at 4:09 PM, Leo Bicknell bickn...@ufp.org wrote:
Rogue RA's can take down statically IPv6'ed boxes.
Rogue DHCP servers will never affect a statically configured IPv4 box.
I believe that that would depend on whether your configuration
of a static IPv6 address on your
On 01/03/2014 04:01 AM, Baldur Norddahl wrote:
On Fri, Jan 3, 2014 at 10:24 AM, Doug Barton do...@dougbarton.us wrote:
And you still haven't provided an argument about why the default route
should not be added to DHCPv6.
I was not arguing that it didn't. Just that the perceived problem is
On Jan 3, 2014, at 12:40 AM, Doug Barton do...@dougbarton.us wrote:
On 01/02/2014 10:30 PM, TJ wrote:
I'd argue that while the timing may be different, RA and DHCP attacks
are largely the same and are simply variations on a theme.
Utter nonsense. The ability to nearly-instantly switch
What DHCP attacks?
Humor me... What DHCP attacks?
- ferg
On 1/3/2014 5:52 PM, Owen DeLong wrote:
On Jan 3, 2014, at 12:40 AM, Doug Barton do...@dougbarton.us wrote:
On 01/02/2014 10:30 PM, TJ wrote:
I'd argue that while the timing may be different, RA and DHCP attacks
are largely the
There is simply no good reason not to include default route in the
configuration for DHCPv6, and it's long overdue.
As I've said before, if we're going to bother doing it, we should just
include
RIO options, but otherwise, I agree with you.
Are DHCPv6 and/or NDP extendible for other
On Fri, 03 Jan 2014 20:52:25 -0500, Owen DeLong o...@delong.com wrote:
Not entirely true, actually… If you’re willing to work hard enough at
it, most hosts can be “encouraged” to renew early.
Short of commandline access, no there isn't. (crashing or otherwise
triggering a reboot, isn't a
On 12/30/2013 4:56 PM, Owen DeLong wrote:
You can accomplish the same thing in IPv4….
Plug in Sally’s PC with Internet Connection Sharing turned on and watch as her
DHCP server takes over your network.
Not nearly as fast as bad RAs do (as others have pointed out).
Yes, you have to pay
I'd argue that while the timing may be different, RA and DHCP attacks are
largely the same and are simply variations on a theme.
And, regardless of the protocol in question, represent attacks which should
be defended against.
As is often (always?) the case, there are tradeoffs - and the pros and
Hi,
On Thu, Jan 02, 2014 at 08:57:14PM -0800, Matthew Kaufman wrote:
On 12/30/2013 4:56 PM, Owen DeLong wrote:
You can accomplish the same thing in IPv4?.
Plug in Sally?s PC with Internet Connection Sharing turned on and watch as
her
DHCP server takes over your network.
for the
The reason RIP isn't used to hand out routes is not based on age, or
protocol design. It's based on the fact that we don't want host segment
routes (usually only default) to be announcement based, because that leads
to problems and uncomfortable meetings with VPs. DHCP will happily give out
a
On Tue, Dec 31, 2013 at 12:24 AM, Leo Bicknell bickn...@ufp.org wrote:
Here's what you will soon find:
1) The IPv6 pings on both machines cease to work.
That will not actually happen. An IPv6 router is only allowed to announce a
prefix by RA if it has a working uplink.
Nonetheless you are
Now, boss man comes in and has a new office opening up. Go grab the r1 box
out of the closet, you need to upgrade the code and reconfigure it. Cable
it up to your PC with a serial port, open some some sort of terminal program
so you can catch the boot and password recover it. Plug it's
On Dec 31, 2013, at 1:10 AM, Timothy Morizot tmori...@gmail.com wrote:
I've been in the process of rolling out IPv6 (again this night) across a
very large, highly conservative, and very bureaucratic enterprise. (Roughly
100K employees. More than 600 distinct site. Yada. Yada.) I've had no
...@ufp.org]
Sent: Monday, December 30, 2013 3:25 PM
To: Lee Howard
Cc: Jamie Bowden; North American Network Operators' Group
Subject: Re: turning on comcast v6
On Dec 30, 2013, at 2:49 PM, Lee Howard l...@asgard.org wrote:
I'm not really an advocate for or against DHCP or RAs. I really just
On Dec 31, 2013, at 12:36 PM, Tony Hain alh-i...@tndh.net wrote:
likely pointless. Do you really believe that dhcp messages picked up by the
rogue router wouldn't end up answering with the wrong values and breaking
both IPv4 IPv6? Next, do you really believe that DHCP Guard for an IPv4
Ryan Harden wrote:
...
IMO, being able to hand out gateway information based on $criteria via
DHCPv6 is a logical feature to ask for. Anyone asking for that isn't
trying to tell
you that RA is broken, that you're doing things wrong, or that their way
of
thinking is more important that yours.
On Dec 31, 2013, at 2:16 PM, Tony Hain alh-i...@tndh.net wrote:
Ryan Harden wrote:
...
IMO, being able to hand out gateway information based on $criteria via
DHCPv6 is a logical feature to ask for. Anyone asking for that isn't
trying to tell
you that RA is broken, that you're doing
On Dec 31, 2013, at 12:11 PM, Ryan Harden harde...@uchicago.edu wrote:
On Dec 31, 2013, at 1:10 AM, Timothy Morizot tmori...@gmail.com wrote:
I've been in the process of rolling out IPv6 (again this night) across a
very large, highly conservative, and very bureaucratic enterprise. (Roughly
Please note that Ryan’s “manage their IPv6 systems” really means “run their
business”. In many organizations the routing network is managed by a
different group with different business goals and procedures than end
systems. Allowing flexibility for this, if it is not overwhelmingly
From: Matthew Petach mpet...@netflight.com
Date: Saturday, December 21, 2013 10:55 PM
To: Lee Howard l...@asgard.org
Cc: Jamie Bowden ja...@photon.com, Owen DeLong o...@delong.com,
m...@kenweb.org m...@kenweb.org, nanog@nanog.org nanog@nanog.org
So there's an interesting question. You
On Dec 24, 2013, at 8:15 AM, Lee Howard l...@asgard.org wrote:
Why?
You say, The protocol suite doesn't meet my needs; I need default gateway
in DHCPv6. So the IETF WG must change for you to deploy IPv6. Why?
Why must the people who want it justify to _you_?
This is fundamental part I've
You say, The protocol suite doesn't meet my needs; I need default
gateway in DHCPv6. So the IETF WG must change for you to deploy
IPv6. Why?
this is actually a non-trivial barrier to enterprise deployment and the
ietf has been in stubborn denial for years. when an it department has
been
On Tue, 24 Dec 2013, Lee Howard wrote:
I used to run an enterprise network. It was very different from an ISP
network. I didn't say, You're wrong! I said, What's missing?
default route information via DHCPv6. That's what I'm still waiting for.
Why?
You say, The protocol suite doesn't meet
On Dec 24, 2013, at 8:15 AM, Lee Howard l...@asgard.org wrote:
default route information via DHCPv6. That's what I'm still waiting for.
Why?
You say, The protocol suite doesn't meet my needs; I need default gateway
in DHCPv6. So the IETF WG must change for you to deploy IPv6. Why?
Lee
On 12/30/13 11:19 AM, Leo Bicknell bickn...@ufp.org wrote:
On Dec 24, 2013, at 8:15 AM, Lee Howard l...@asgard.org wrote:
Why?
You say, The protocol suite doesn't meet my needs; I need default
gateway
in DHCPv6. So the IETF WG must change for you to deploy IPv6. Why?
Why must the people
On 12/30/13 1:04 PM, Ryan Harden harde...@uchicago.edu wrote:
On Dec 24, 2013, at 8:15 AM, Lee Howard l...@asgard.org wrote:
default route information via DHCPv6. That's what I'm still waiting
for.
Why?
You say, The protocol suite doesn't meet my needs; I need default
gateway
in DHCPv6.
On Dec 30, 2013, at 12:58 PM, Lee Howard l...@asgard.org wrote:
'Rewrite all of your tools and change your long standing business
practices¹ is a very large barrier to entry to IPv6. If adding gateway as
an optional field will help people get over that barrier, why not add it?
Sure it
The better question is are you using RIP or ICMP to set gateways in your
network now?
If you don't use those now, why is RA a better solution in ipv6?
-Blake
On Mon, Dec 30, 2013 at 1:20 PM, Ryan Harden harde...@uchicago.edu wrote:
On Dec 30, 2013, at 12:58 PM, Lee Howard l...@asgard.org
On 12/30/13 2:20 PM, Ryan Harden harde...@uchicago.edu wrote:
On Dec 30, 2013, at 12:58 PM, Lee Howard l...@asgard.org wrote:
'Rewrite all of your tools and change your long standing business
practices¹ is a very large barrier to entry to IPv6. If adding gateway
as
an optional field
,
nanog@nanog.org nanog@nanog.org
Subject: Re: turning on comcast v6
The better question is are you using RIP or ICMP to set gateways in your
network now?
I disagree that that's a better question.
I'm not using RIP because my hosts don't support it (at least, not without
additional configuration
On Dec 30, 2013, at 8:19 AM, Leo Bicknell bickn...@ufp.org wrote:
On Dec 24, 2013, at 8:15 AM, Lee Howard l...@asgard.org wrote:
Why?
You say, The protocol suite doesn't meet my needs; I need default gateway
in DHCPv6. So the IETF WG must change for you to deploy IPv6. Why?
Why must
On Dec 30, 2013, at 10:04 AM, Ryan Harden harde...@uchicago.edu wrote:
On Dec 24, 2013, at 8:15 AM, Lee Howard l...@asgard.org wrote:
default route information via DHCPv6. That's what I'm still waiting for.
Why?
You say, The protocol suite doesn't meet my needs; I need default gateway
...@uchicago.edu
Cc: Lee Howard l...@asgard.org, Jamie Bowden ja...@photon.com,
nanog@nanog.org nanog@nanog.org
Subject: Re: turning on comcast v6
The better question is are you using RIP or ICMP to set gateways in your
network now?
I disagree that that's a better question.
I'm not using RIP
On Dec 30, 2013, at 3:43 PM, Owen DeLong o...@delong.com wrote:
The current situation isn’t attributable to “the current IPv6 crowd” (whoever
that is), it’s the current IETF consensus position. Changing that IETF
consensus position is a matter of going through the IETF process and getting
On Dec 30, 2013, at 2:49 PM, Lee Howard l...@asgard.org wrote:
I'm not really an advocate for or against DHCP or RAs. I really just want
to understand what feature is missing.
I encourage you to try this simple experiment in your lab, because this
happens all day long on corporate networks
On Dec 30, 2013, at 4:37 PM, Victor Kuarsingh vic...@jvknet.com wrote:
On Mon, Dec 30, 2013 at 3:49 PM, Lee Howard l...@asgard.org wrote:
The better question is are you using RIP or ICMP to set gateways in your
network now?
I disagree that that's a better question.
I'm not using RIP
What the enterprise folks need is IPv6 champions, like yourself, like Lee, to
user stand their use case that even if you don't end up deploying it on your
own network you will show up at the IETF, or at least participate on the IETF
mailing lists and help them get what they need, so IPv6
You can accomplish the same thing in IPv4….
Plug in Sally’s PC with Internet Connection Sharing turned on and watch as her
DHCP server takes over your network.
Yes, you have to pay attention when you plug in a router just like you’d have
to pay attention if you plugged in a DHCP server you
On Dec 30, 2013, at 7:51 PM, Owen DeLong o...@delong.com wrote:
I have yet to see a use case from enterprise that actually requires RIO or
default route in DHCPv6, and I have seen many many use cases.
Most of them are, actually, better solved through education, so I tend to
focus my
On Dec 30, 2013, at 6:56 PM, Owen DeLong o...@delong.com wrote:
You can accomplish the same thing in IPv4….
Plug in Sally’s PC with Internet Connection Sharing turned on and watch as her
DHCP server takes over your network.
No, the failure mode is still different.
With IPv6 RA's, the
On 12/30/2013 8:16 PM, Leo Bicknell wrote:
There's a reason why there's huge efforts to put RA guard in switches, and do
cryptographic RA's.
These are two admissions that the status quo does not work for many
folks, but for some reason these two solutions get pushed over a simple
DHCP router
On Mon, Dec 30, 2013 at 6:31 PM, Leo Bicknell bickn...@ufp.org wrote:
On Dec 30, 2013, at 4:37 PM, Victor Kuarsingh vic...@jvknet.com wrote:
On Mon, Dec 30, 2013 at 3:49 PM, Lee Howard l...@asgard.org wrote:
The better question is are you using RIP or ICMP to set gateways in
your
Leo,
On Mon, Dec 30, 2013 at 6:24 PM, Leo Bicknell bickn...@ufp.org wrote:
On Dec 30, 2013, at 2:49 PM, Lee Howard l...@asgard.org wrote:
I'm not really an advocate for or against DHCP or RAs. I really just
want
to understand what feature is missing.
I encourage you to try this
On Dec 30, 2013, at 9:29 PM, Victor Kuarsingh vic...@jvknet.com wrote:
I think a new initiative to revive this concept will need to address the
[negative] points from those previous experiences and contrast them to the
operational benefits of having it available. I am willing to help out
I've been in the process of rolling out IPv6 (again this night) across a
very large, highly conservative, and very bureaucratic enterprise. (Roughly
100K employees. More than 600 distinct site. Yada. Yada.) I've had no
issues whatsoever implementing the IPv6 RA+DHCPv6 model alongside the IPv4
On Fri, Dec 20, 2013 at 5:25 AM, Lee Howard l...@asgard.org wrote:
On 12/20/13 8:07 AM, Jamie Bowden ja...@photon.com wrote:
Parity isn't enough information; what features are missing? RA is
part
of IPv6, but you don't have to use SLAAC.
I'd say it's the DHC people who need to
From: Owen DeLong [mailto:o...@delong.com]
I'm almost afraid to ask about the phrase add-default-route=yes in the
dhcp-client configuration. That seems wrong on the face of it since you
should be getting your routing information from RA and not DHCP.
No, no, no, a thousand times no. I'm
On 12/20/13 7:36 AM, Jamie Bowden ja...@photon.com wrote:
From: Owen DeLong [mailto:o...@delong.com]
I'm almost afraid to ask about the phrase add-default-route=yes in the
dhcp-client configuration. That seems wrong on the face of it since you
should be getting your routing information
On 12/20/2013 12:30 AM, Owen DeLong wrote:
I'd like to encourage people to use prefix-hint=::/48.
The router should accept the /60 and deal with it, but it's better to have
Comcast's logs show that you requested a proper full-size prefix.
I'm almost afraid to ask about the phrase
From: Lee Howard [mailto:l...@asgard.org]
On 12/20/13 7:36 AM, Jamie Bowden ja...@photon.com wrote:
From: Owen DeLong [mailto:o...@delong.com]
I'm almost afraid to ask about the phrase add-default-route=yes in the
dhcp-client configuration. That seems wrong on the face of it since you
On 12/20/13 8:07 AM, Jamie Bowden ja...@photon.com wrote:
Parity isn't enough information; what features are missing? RA is
part
of IPv6, but you don't have to use SLAAC.
I'd say it's the DHC people who need to hear it, not the IPv6 people,
but
YMMV.
I have a question. Why does DHCP
...@asgard.org]
Sent: Friday, December 20, 2013 8:25 AM
To: Jamie Bowden; Owen DeLong; m...@kenweb.org
Cc: North American Network Operators' Group
Subject: Re: turning on comcast v6
On 12/20/13 8:07 AM, Jamie Bowden ja...@photon.com wrote:
Parity isn't enough information; what features
Thus spake Jamie Bowden (ja...@photon.com) on Fri, Dec 20, 2013 at 01:07:27PM
+:
From: Lee Howard [mailto:l...@asgard.org]
On 12/20/13 7:36 AM, Jamie Bowden ja...@photon.com wrote:
From: Owen DeLong [mailto:o...@delong.com]
I'm almost afraid to ask about the phrase
On Fri, 20 Dec 2013 12:36:38 +, Jamie Bowden said:
How many times do the IPv6 people have to hear that until DHCPv6 reaches
feature parity with DCHPv4, IPv6 is dead to enterprise networks?
How many times do the IPv4 people have to hear that many sites are running
IPv6 on enterprise
On 12/20/2013 05:25 AM, Lee Howard wrote:
So there's an interesting question. You suggest there's a disagreement
between enterprise network operators and protocol designers. Who should
change?
Rather obviously the protocol designers, since they are clearly out of
touch with real-world
LLC | Phone: 914-460-4039
-Original Message-
From: Lee Howard [mailto:l...@asgard.org]
Sent: Friday, December 20, 2013 8:25 AM
To: Jamie Bowden; Owen DeLong; m...@kenweb.org
Cc: North American Network Operators' Group
Subject: Re: turning on comcast v6
On 12/20/13 8:07
On Fri, 20 Dec 2013 15:16:57 -0500, Doug Barton do...@dougbarton.us
wrote:
On 12/20/2013 05:25 AM, Lee Howard wrote:
So there's an interesting question. You suggest there's a disagreement
between enterprise network operators and protocol designers. Who should
change?
Rather obviously the
On Dec 20, 2013, at 3:23 PM, Owen DeLong o...@delong.com wrote:
On Dec 20, 2013, at 6:29 AM, Matthew Huff mh...@ox.com wrote:
With RA, what is the smallest interval failover will work? Compare that with
NHRP such as HSRP, VRRP, etc with sub-second failover.
RA and VRRP are not
On Dec 20, 2013, at 12:50 PM, Matthew Huff mh...@ox.com wrote:
On Dec 20, 2013, at 3:23 PM, Owen DeLong o...@delong.com wrote:
On Dec 20, 2013, at 6:29 AM, Matthew Huff mh...@ox.com wrote:
With RA, what is the smallest interval failover will work? Compare that
with NHRP such as
On Fri, 20 Dec 2013 15:50:12 -0500, Matthew Huff said:
There is a lot of cruft out there in the enterprise
world that claims IPv6 compatibility, but in the real world doesn't work
consistently. Almost all can be made to work, but require custom
configuration.
The exact same
Not all devices have working IPv6 stacks. OK, they’re broken, complain to the
vendor and get them to fix their product or buy a working product from a
different vendor.
I don't know that this is a practical option... for say some systems I
know that don't do v6 properly or at all, and
In message
CAL9jLaa=qkumlc7djtmru92f3tqcyp3ehr060nrcfkg-ho+...@mail.gmail.com,
Christopher Morrow writes:
Not all devices have working IPv6 stacks. OK, they're broken, complain
to the vendor and get them to fix their product or buy a working product
from a different vendor.
I don't
Owen,
Have you ever worked in a corporate environment? Replacing equipment can be a
5-7 year window and has to be justified and budgeted. Replacing a piece of
equipment because it's an incomplete IPv6 implementation (which has changed
considerably as it has been deployed), isn't feasible.
You can request a fully working IPv6 implementation, but it's not going to stop
a purchasing if it doesn't. If you are deciding between two vendors and one is
better/cheaper and doesn't have IPv6 and you choose the other, it's likely you
will be looking for another job. There is no strong
On Dec 20, 2013, at 14:27 , Matthew Huff mh...@ox.com wrote:
You can request a fully working IPv6 implementation, but it's not going to
stop a purchasing if it doesn't. If you are deciding between two vendors and
one is better/cheaper and doesn't have IPv6 and you choose the other, it's
On Dec 20, 2013, at 14:16 , Matthew Huff mh...@ox.com wrote:
Owen,
Have you ever worked in a corporate environment? Replacing equipment can be a
5-7 year window and has to be justified and budgeted. Replacing a piece of
equipment because it's an incomplete IPv6 implementation (which has
On Fri, Dec 20, 2013 at 5:16 PM, Matthew Huff mh...@ox.com wrote:
Owen,
Have you ever worked in a corporate environment? Replacing equipment can
be a 5-7 year window and has to be justified and budgeted. Replacing a
piece of equipment because it's an incomplete IPv6 implementation (which
I did an OK job of getting my Linksys E2100L working with Comcast v6 on
OpenWRT. It is not officially supported on this platform per se, but a
simple hack of the source for WRT160NL allows it to be built.
Since I was already rolling my own firmware, I checked the box for 'ipv6'
and got the
On 12/11/2013 10:23 PM, Rob Seastrom wrote:
Eric Oosting eric.oost...@gmail.com writes:
It brings a tear to my eye that it takes:
0) A long standing and well informed internet technologist;
1) specific, and potentially high end, CPE for the res;
2) specific and custom firmware, unsupported
In the case of Comcast (and anecdotally ISC DHCP) - You'll either need
to wait out the the lease time (4 days) or ask Comcast to nicely clear
out your /64 lease manually. Release/renew doesn't release your current
DHCP lease. I was getting A /64 and /60 (/64 had a preference of 255)
before
FYI - DHCP-PD is now working better in RouterOS 6.5
Prefix length hints are now available (CLI) only.
/ipv6 dhcp-client add add-default-route=yes interface=wan interface
pool-name=dhcp-pd \
prefix-hint=::/60
I'd like to encourage people to use prefix-hint=::/48.
The router should
On Fri, Dec 20, 2013 at 12:30 AM, Owen DeLong o...@delong.com wrote:
FYI - DHCP-PD is now working better in RouterOS 6.5
Prefix length hints are now available (CLI) only.
/ipv6 dhcp-client add add-default-route=yes interface=wan interface
pool-name=dhcp-pd \
prefix-hint=::/60
I'd like
On Fri, Dec 20, 2013 at 5:42 AM, Christopher Morrow
morrowc.li...@gmail.com wrote:
On Fri, Dec 20, 2013 at 12:30 AM, Owen DeLong o...@delong.com wrote:
I'd like to encourage people to use prefix-hint=::/48.
...
I think if I ask (via wide-dhcpv6-server) for more than is going to be
sent I
Kinkaid, Kyle(kkink...@usgs.gov)@Wed, Dec 11, 2013 at 11:46:56AM -0800:
On Wed, Dec 11, 2013 at 11:18 AM, Owen DeLong o...@delong.com wrote:
It doesn’t. You can get IPv6 working with off-the-shelf equipment if you
choose to.
Randy chose to use that particular hardware and software
On Dec 11, 2013, at 10:23 PM, Rob Seastrom r...@seastrom.com wrote:
Pretty much works out of the box on Mikrotik RouterOS if you are
secure enough in your geek cred to admit to running such stuff here in
this august forum.
-r
I run a few at home and even in an access role at an ISP I
On Thu, Dec 12, 2013 at 7:55 AM, Ryan Wilkins r...@deadfrog.net wrote:
They are a bit quirky but generally they work fairly well when configured
and left alone.
That describes most every router ever made :)
-Steve
They are a bit quirky but generally they work fairly well when configured
and left alone.
That describes most every router ever made :)
except those which burst into flame
except those which ...
Randy Bush wrote:
http://comcast6.net/ tells me that the local cmts is v6 enabled. my
modem, a cisco dpc3008, is in the supported products list. so how do
i turn the sucker on?
randy
after a lot of messing about with the massive help of Chris Adams and
John Brzozowski, problem solved.
On Wed, Dec 11, 2013 at 8:17 AM, Randy Bush ra...@psg.com wrote:
Randy Bush wrote:
http://comcast6.net/ tells me that the local cmts is v6 enabled. my
modem, a cisco dpc3008, is in the supported products list. so how do
i turn the sucker on?
randy
after a lot of messing about with
On 11/12/2013 15:11, Eric Oosting wrote:
just to get IPv6 to work correctly.
Yea, that's TOTALLY reasonable.
Sounds a bit like configuring access layer ipv4 in the early 1990s. It
took years of early production pain to turn it into a commodity product.
Nick
On 12/11/2013 10:11 AM, Eric Oosting wrote:
It brings a tear to my eye that it takes:
0) A long standing and well informed internet technologist;
1) specific, and potentially high end, CPE for the res;
2) specific and custom firmware, unsupported by CPE manufacturer ... or
anyone;
3) hand
1 - 100 of 144 matches
Mail list logo