host-identifier with IPv6
Simon Hobson
dhcp1 at thehobsons.co.uk
Mon Mar 2 19:44:52 UTC 2009
Ted Lemon wrote:
>I agree that this is a problem in theory, but I would be willing to
>bet that in practice, it's not a problem at all - the behavior of
>the client is almost certainly deterministic.
I've been following this thread, though I don't have any IPv6 at the
moment, my providers at home and work don't support it, and I'm not
getting any hint of interest at work :-( If I might throw in my 2d
worth* ...
There seems to be a lot of non-deterministic language being used !
Here you say "alomost certainly", in an earlier message you use
"chances are" and "it's likely" :
>If your DHCPv6 clients follow the spec, chances are that they are
>already sending you the MAC address in the DUID option. The server
>is encouraged to treat the DUID as an opaque field, and the DUID
>extra information in the DUID is intended to allow it to work
>correctly even if you use the same network card at different times
>in different machines. But on a practical level it's likely that
>every single DHCPv6 client you have is in fact sending their current
>Mac address in the DUID.
Earlier still, you say :
>First of all, implementors are encouraged to provide ways for things
>like DUIDs to be known by all the protocol agents that might use
>them. But of course we have no control over what implementors
>actually do.
So we add "encouraged to"
All this adds up to a hell of a lot of "should mostly work" which is
not what most administrators want. Sitting on the sidelines, it does
seem to me like the key element missing here is for all IPv6 devices
to have a fixed, immutable (or at least as close to that as a MAC
address is now), globally unique identity that is easily obtainable
by administrators. In the absence of anything better, up until now
we've been using the ethernet MAC address of the interface - though
as has been pointed out, this isn't always ideal.
Without such a unique identifier, it seems to me like quite a few
administration schemes are likely to be tricky to implement, if they
are implementable at all. It's one thing saying that the MAC address
(nearest thing we have to a globally unique and unchanging
identifier) is embedded in the DUID - but I'd be wary of relying on
something that is a) something the spec says not to do (look inside
the value and attribute meaning to it), and b) is only guaranteed to
the confidence level of "it's likely".
I fear it's too late to fix that now as it would require changes to
existing clients - and there's no guarantee of that happening.
* Rather old English expression - throw in ones tuppence worth (2d =
2 old pence = tuppence). Ie, give ones opinion.
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
More information about the dhcp-users
mailing list