Re: IPv6 Deployment for the LAN

[Nathan Ward <nanog () daork net>]

On 18/10/2009, at 2:28 PM, William Herrin wrote:

> On Sat, Oct 17, 2009 at 8:55 PM, Ray Soucy <rps () maine edu> wrote:
> > As it turns out delivering IPv6 to the edge in an academic setting  
> > has
> > been a challenge.  Common wisdom says to rely on SLAAC for IPv6
> > addressing, and in a perfect world it would make sense.
>
> Ray,
>
> Common wisdom says that?
>
> > Our current IPv6 allocation schema provides for a 64-bit prefix for
> > each network.  Unfortunately, this enables SLAAC; yes, you can
> > suppress the prefix advertisement, and set the M and O flags, but  
> > that
> > only prevents hosts that have proper implementations of IPv6 from
> > making use of SLAAC.  The concern here is that older hosts with less
> > than OK implementations will still enable IPv6 without regard for the
> > stability and security concerns associated with IPv6.
>
> I thought someone had to respond to router solicitations for stateless
> autoconfig of global scope addresses to happen. On Linux you just
> don't run the radvd. On Cisco I think it's something like "ipv6 nd
> suppress-ra" in the interface config. Does that fail to prevent
> stateless autoconfig? Or is there a problem with the operation of
> DHCPv6 if router advertisements aren't happening from the router?

RA is generally required whether you use stateless or stateful  
autoconfiguration. You have to tell the hosts to send a DHCPv6  
DISCOVER message by turning on the managed flag in the RA.

RA does not mean that SLAAC happens.


Ray, do you have examples of hosts or stacks that ignore  
AdvAutonomousFlag?

--
Nathan Ward