nanog mailing list archives
Re: The stupidity of trying to "fix" DHCPv6
From: Kevin Loch <kloch () kl net>
Date: Sat, 11 Jun 2011 12:41:17 -0400
Leo Bicknell wrote:
In a message written on Fri, Jun 10, 2011 at 05:13:09PM +0200, Iljitsch van Beijnum wrote:Now you could argue that the DHCPv6-supplied gateway addresses should have higher priority than the ones learned from RAs. At least that solves the problem. However, that solution still has two issues: 1. No longer the fait sharing that comes from RA-learned gateway addressesI proport that VRRPv6 is a superior solution to have redundant gateways than using RA's to broadcast both and let the host choose.
VRRP is definitely superior to RA's in that you can have many different redundant gateway groups for different purposes. Things like alternate default gateways, gateways to other back-end networks and VPN routers. In all but the most trivial hosting environments RA's will have to be disabled, filtered, and protected against at all cost. VRRPv3 (http://tools.ietf.org/html/rfc5798) is still a bit brokenin that it makes mention of "MUST advertise RA's" and inexplicably limits VRRP addresses to link local only (?!)*. But at least we have
something, it took years for the RA police at the IETF to allow even this limited solution. * In many cases it may be desirable to have VRRP addresses routed via IGP, especially static routes to VRRP next-hops. - Kevin
Current thread:
- Re: The stupidity of trying to "fix" DHCPv6, (continued)
- Re: The stupidity of trying to "fix" DHCPv6 Chris Adams (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Jason Bertoch (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 William Herrin (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Ray Soucy (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Ray Soucy (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Matthew Palmer (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Iljitsch van Beijnum (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Leo Bicknell (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Iljitsch van Beijnum (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Leo Bicknell (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Kevin Loch (Jun 11)
- Re: The stupidity of trying to "fix" DHCPv6 Daniel Roesen (Jun 12)
- Re: The stupidity of trying to "fix" DHCPv6 Seth Mos (Jun 12)
- Re: The stupidity of trying to "fix" DHCPv6 Owen DeLong (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Jima (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Valdis . Kletnieks (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Joel Jaeggli (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Iljitsch van Beijnum (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Leo Bicknell (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Valdis . Kletnieks (Jun 10)
- Re: The stupidity of trying to "fix" DHCPv6 Rhys Rhaven (Jun 10)