In message <E82EA149-2530-41FF-9CE0-670E6CD7D097@delong.com>, Owen DeLong writes:
On Nov 25, 2015, at 15:59 , Mark Andrews <marka@isc.org> wrote:
In message <CAMWxDfrh+O=SPZwPmAZhYnvAEeK2eMFw3CD0qf34Fkbb=-SaPw@mail.gmail.com>, Brian Knight writes:
On Tue, Nov 24, 2015 at 6:34 PM, Baldur Norddahl <baldur.norddahl@gmail.com> wrote:
DHCPv6-PD allows multiple PD requests. But did anyone actually
implement
that? I am not aware of any device that will hand out sub delegations on one interface, notice that it is out of address space and then go request more space from the upstream router (*).
DHCPv6-PD allows size hints, but it is often ignored. Also there is no guidance for what prefix sizes you should ask for. Many CPEs will ask for /48. If you got a /48 you will give out that /48 and then not honor any further requests, because only one /48 per site is allowed. If you are an ISP that gives out /48 and your customers CPE asks for a /56 you will still ignore his size hint and give him /48.
Or, worse, the ISP's DHCPv6 server honors the new request and issues the larger prefix, but refuses to route it. Ran into that myself when I replaced my home CPE router, and changed the prefix hint to ask for a /60 block (expanded from /64) at the same time. That made for a frustrating few days without IPv6 service, waiting for my original delegation to expire. (Tech support, of course, had no clue and blamed my router.)
In retrospect I should have perhaps had my original CPE generate a DHCP release message for that prefix before disconnecting it. But I won't be the last person to fail to generate that.
-Brian
Well the requesting router could announce the route. ISC's client has hooks that allow this to be done. That is, after all, how routing is designed to work. The DHCP server usually is sitting in a data center on the other side of the country with zero ability to inject approptiate routes.
Are you really suggesting that a residential ISP accept routes advertised from their customer’s CPE? Really?
PD is used internally as well as externally, and with a little bit of crypto to prove the assigned address belongs to them there really isn't a reason a CPE device couldn't announce a address to a ISP. It would also allow BCP38 filters to be built rather than using RFP which is only a approximate solution.
That’s about the most ridiculous thing I’ve heard on NANOG in a long time and that’s saying something.
The DHCP relay could also have injected routes but that is a second class solution.
Maybe, but in an ISP/Customer PD environment, it’s certainly preferable to what you consider a “first class” solution.
Actually it is still a second class solution. Have the CPE generate the routes and use information from the relay as a acceptance filter. That way the device that was delegated the prefix decides what it announced.
Owen -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org