On 12/30/13 2:20 PM, "Ryan Harden" <hardenrm@uchicago.edu> wrote:
On Dec 30, 2013, at 12:58 PM, Lee Howard <Lee@asgard.org> wrote:
'Rewrite all of your tools and change your long standing business practices¹ is a very large barrier to entry to IPv6. If adding gateway as an optional field will help people get over that barrier, why not add it? Sure it doesn¹t fit into the ³IPv6 way,² but bean counters don¹t care much for that when you have to ask for developer time to rewrite everything.
Well, the tools have to be rewritten to support IPv6 fields, sockets, and structures anyway. However, there's a difference between, "Make sure you call IP family agnostic libraries and increase field sizes, then let it run" and "Rebuild your network security." DHCP+RA just works in most networks; this is a use case where it could be made to work, but only by changing the network.
Updating tools to add a box for IPv6 fields and tweaking the backend to generate a config file for DHCPv6 which is very similar to DHCP(for v4) is a lot different/easier than having to rewrite and/or split your backend to generate output in a completely different format. However, I'm not as familiar with RADVD as I am with isc-dhcpd so that might be a bad argument.
And you don't have to support IPv6 from top to bottom to roll out IPv6 to users. So rewriting for socket support isn't necessary day one. You can route IPv6 for users so they can reach the IPv6 world quickly, then add local services as time/money allows. The biggest driver for IPv6 will be external resources available only via IPv6, not local. (Of course this is from the point of view where your business' primary service isn't outward facing resources.)
I agree with you on the above, I just didn't say so very well.
I'm sure DHCP+RA works for most, but there are IPv4 shops who swear by fully dynamic DHCP, some who do DHCP-Reservations, and some who go static only. Just like some shops are EIGRP, some OSPF, and some ISIS. IMO IPv6 needs to be flexible enough to handle the fact that not everyone builds identical architectures nor do they have the exact same needs. Being able to use DHCPv6+RA, RA only, or DHCPv6 only should all be viable options. Forcing everyone down the same path will just lead to stupid proprietary solutions to a problem that shouldn't exist in the first place.
All of those cases work just as well with DHCP+RA. Only in cases where a router on a subnet is not the correct gateway is RA a problem, AFAIK. You gave one example where that's the case. Another would be where there are two gateways for the same network segment, which don't share an IP address, and you want DHCP to tell hosts which one they should use (rather than, say, manual configuration or GPO). DHCP and RAs do different things. DHCP does host configuration. Router Advertisements advertise routers. When you have both, you can leave off a field in DHCP, and rely on the network to route the packets. Turning off RAs and putting that information into DHCP for each subnet you manage means additional work. It's not a lot of work, admittedly. Lee
/Ryan