ISC DHCP and IPv6 - the DHCPv6 story
Numbering Computers in IPv6
Computers and other IPv6-enabled devices need a way to select which IP address they are using, just like in IPv4. IPv6 provides several ways to do this:
- Manual configuration
- Autoconfiguration (Stateless Address Autoconfiguration, or SLAAC)
- Cryptographically Generated Addresses (CGA)
- DHCPv6 (sometimes called stateful autoconfiguration)
Manual configuration works the same in IPv6 as in IPv4 - the user or the user's administrator configures the address by hand. While practical for very small networks, this is almost never done today due to the ease of use of the other methods and the more difficult notation in IPv6.
SLAAC allows a node (a computer or other device that is not a router) to automatically generate an address. This is done using information sent from nearby IPv6 routers, as well as some other information such as a unique hardware identifier or a random number.
CGA is a method designed to make it difficult for someone to spoof an address of another computer on a network. This is an improvement over ARP, which is used for neighbor discovery in IPv4, or ND which does the same in IPv6, and relies on the long number space in IPv6 to encode a public key. It is optional and not yet widely deployed.
Finally, there is DHCPv6. DHCPv6 performs the same role in IPv6 as DHCP does in IPv4. It allows a central server to distribute addresses and
other configuration information to a number of hosts.
The most common way to number in IPv6 today is using SLAAC. DHCPv6 offers a number of advantages over SLAAC:
- It allows central management, so administrators can know which addresses were in use at which time. This may be important for auditing, billing, and other purposes.
- Administrators can use similar tools for IPv4 and IPv6 network management, and they are comfortable with DHCP.
- It is easy for the DHCPv6 server to set up DNS and many other services, like SIP parameters, required for VoIP, on behalf of hosts.
- With DNS updates in DHCPv6, clients can enjoy having their human readable names, like
desktop-joe.example.orgrather than just an address like 2001:db8:1:21e:8cff:fe9b:7349.
- Entire prefixes, for example a /48 or a /64, can be delegated, instead of single addresses.
- Other kinds of configuration other than addresses are easy to transmit. (For example, until recently there was no way to transfer information about local DNS recursive resolvers except through DHCPv6.)
- Granting different parameters. Administrators may configure DHCPv6 to grant specific parameters to different groups or even single users.
- Access control. Administrators can configure DHCPv6 server to refuse to assign parameters to untrusted or unwanted users.
How is DHCPv6 Different from DHCP in IPv4?
The basic protocol flow is basically the same for both DHCP in IPv4 and for DHCPv6. However, the details are very different.
- No baggage
- DHCP is based on an earlier protocol called BOOTP. This packet layout is wasteful in a lot of cases. It is also cumbersome to parse and examine with network tools. Due to backward compatibility, there are a number of restrictions that further complicate DHCP for IPv4
- A lot of the options turn out to be not useful, or not as useful as they can be, but it is hard to change a protocol with such a large installed base.
- There are a lot of "tweaks" that implementations need in order to be compatible with the buggy clients.
- IPv6 is better. Four features of IPv6 greatly improve DHCPv6:
- IPv6 hosts have "link-local addresses". Every network interface has a unique address, that can be used to send and receive on the link only. IPv6 hosts can use this to send requests for "real" addresses. IPv4 hosts have to use system-specific hacks to work before they have an address.
- All IPv6 systems support multicasting. All DHCPv6 servers register that they want to receive DHCPv6 multicast packets. This means the network knows where to send them. In IPv4, clients broadcast their requests, and networks do not know how far to send them.
- DHCPv6 supports robust relaying, with up to 32 relays in each network. This greatly improves scalability and network manageability.
- Thanks to number of features like deprecated addresses and information refresh time option, network administrators can easily perform configuration changes and even network renumbering with users barely noticing.
ISC was approached by Comcast in 2006 to implement DHCPv6, as they were looking for an open source DHCPv6 server to test IPv6 functionality on DOCSIS 3.0 modems. ISC released ISC DHCP 4.0 in December 2007, which included a DHCPv6 server, client, and relay. ISC continues to release new versions of ISC DHCP, which include additional functionality and other improvements to DHCPv6.
ISC is actively participating in DHCP and DHCPv6 standardization efforts within the IETF. ISC DHCP is often the first protocol implementation that offers new capabilities and is often used as a reference implementation by other vendors.
- BIND 10
- Other Software Projects
- security advisories
- software forums
- ABOUT ISC