In message <20110228013421.GA32758@ussenterprise.ufp.org>, Leo Bicknell writes:
In a message written on Mon, Feb 28, 2011 at 09:39:24AM +1100, Mark Andrews= wrote:
Have you *asked* your vendors for a alternate solution? =20 DHCP kills privacy addresses. DHCP kills CGAs.
Not true.
Some would like to use DHCPv6 to hand a host things like DNS servers, NTP servers, PXE boot information, domain name search paths, and the like.
And you can do most of that without requiring DHCP for addresses. PXE boot may be the exception.
There's no reason once the host gets a DHCP address and that information it can't also generate and use a privacy address or CGA.
Except in the senarios being described they are also blocking the other addresses. I would also think setting the "M" bit would prelude the host from generating such addresses as they are unmanaged.
While this thread has focused on folks who want to use DHCPv6 to preclude these items by for instance having switches and routers filtered to only the "allowed" address (assigned via DHCP) there's no requirement a network operator do that.
DHCP has a couple of hundred defined options. Vendors have tried adding ONE to the RA protocol (DNS servers) as replacement functionality. That leaves them a few hundred options short, in my book.
Which is what the O bit was for. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org