On Fri, Nov 20, 2015 at 01:35:55PM -0800, Jim Burwell wrote:
My questions are:
1) Does the DHCPv6 protocol include any standards/mechanisms/methods for managing routes to prefixes it delegates, or does it consider this outside of its function? (I suspect the latter)
It's considered outside of function. It makes a lot of sense, from the *protocol's* viewpoint, not to go constraining itself in any way. *Implementations*, on the other hand, appear to have kinda dropped the ball, insofar as none of the OSS DHCPv6 servers that can do PD appear to have put any thought into what to do with the prefixes delegated.
2) What are the most common ways of managing the routing of delegated prefixes in the ISPs routing domain? Has a standard method/best practice emerged yet? Routing protocols? IPv6 RAs?
I hacked some code into ISCP DHCPD to give called scripts sufficient knowledge to add routes to the local machine's routing table: http://www.hezmatt.org/~mpalmer/blog/2014/11/20/multi-level-prefix-delegatio... (Holy crap, I published that post almost exactly a year ago today...) More recently, I'm doing some work with a production containerised environment, and I decided to use RAs to propagate /64 routes amongst the container hosts and immediate upstream router (the upstream router has the whole /48 routed to it, and the router then gets the RAs to know which machine to send the /64 to). It seems to work rather well. If I had any more complicated a setup, I'd definitely have broken out the OSPF or something.
One obvious answer would be routing protocols. In my brief googling, I've seen a forum post that seems to indicate that Comcast makes use of RIPng on their CPE to propagate routing information for prefixes delegated to it. Can someone confirm this? This would seem as good a method as any to do this, albeit with obvious security concerns.
I can't confirm Comcast's use of anything in particular, but I'd certainly consider it a possibility. In an ISP environment, I think I'd prefer for my routing to *not* be under the control of anything that the customer can get their fingers into, but I'm sure there's suitable filters in place to stop a customer trying to announce all of 2000::/3...
What's the best way to implement a DHCPV6 PD client on a Linux router? Dibbler seems to do everything except route propagation (asks for PD, puts PD address on local NIC if asked). Anything better out there?
Well, I'm quite partial to the solution I hacked up for ISC DHCPD, but it's hard to argue that I'm an unbiased observer. <grin> - Matt