DHCPv6 and MAC Address inclusion

Simon Hobson dhcp1 at thehobsons.co.uk
Wed Jan 25 18:21:28 UTC 2012 

José Queiroz wrote:

>>it will work for some, but it's not a good idea 
>>for public services. Simple example, what if 
>>you want to move a service to a different 
>>machine ? Using EUID-64 addresses means you 
>>either have to change the MAC on the new host 
>>to match, or change the DNS and wait while it 
>>propagates - with a day or 2 of parallel 
>>running while caches expire.
>
>Well, you can work out DNS to reduce this time. 
>And if you have the intention of moving the 
>services, maybe using anycast addresses can 
>solve the problem.

I was specifically responding to the idea of 
using EUID-64 addresses to get round the problem 
of DHCP and unknown client hardware. While I know 
you can reduce the TLL (if you plan in advance), 
that's no guarantee for two reasons :
1) Some services either ignore TTL or force it to 
a minimum value - so the fact that you are 
handing out (say) 5 minutes doesn't guarantee 
that someone won't cache it for 24 hours.
2) Some services have a long update cycle. We use 
one at work for additional dispersed DNS servers 
(I'm responsible for authoritative DNS for about 
600 domains at work). Rather that responding to 
notifications and updating immediately as BIND 
does, their system checks the master serial 
number once an hour when they do a mass rebuild - 
any updates are pulled then and will appear when 
the rebuild is complete and rolls out. Changes 
can take up to 2 hours to appear if you just miss 
their poll.

As you say, there are many ways to deal with it - 
EUID-64 addresses are one technique that could 
suit some, as long as they know it's limitations.

Personally I dislike EUID-64 addresses because of 
what they reveal. For that reason alone, I'd like 
to be running DHCP internally so I can easily 
switch addresses round periodically. I can't use 
the privacy options at the moment on my laptop as 
that will break my IPv6 setup at work.

>Well, you shall never doubt people's ability to 
>create new ways of doing silly things.

Yes, just when you think you've got it foolproof, they invent a better fool :D

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

More information about the dhcp-users mailing list