[Kea-users] [EXTERNAL] Re: Dhcp6 Prefix Exclude use case question

Geist, Dan (CCI-Atlanta) Dan.Geist at cox.com
Fri Jun 23 12:38:07 UTC 2023 

Thanks, Darren. This mostly has to do with how the clients in the space USE the v6 PDs. It’s a MAP-T environment where use of that block correlates to that client devices sending all traffic using source-ports of 1-1023 (which is obviously problematic). Unlikely corner case, just trying to ensure this will work the way we are hoping IF it’s used.

Thanks.
Dan

From: Kea-users <kea-users-bounces at lists.isc.org> on behalf of Darren Ankney <darren.ankney at gmail.com>
Date: Friday, June 23, 2023 at 6:31 AM
To: kea-users at lists.isc.org <kea-users at lists.isc.org>
Subject: [EXTERNAL] Re: [Kea-users] Dhcp6 Prefix Exclude use case question
Hi Dan,

I don't think that is the purpose of the option, but I suppose if no
device asks for an excluded prefix then the prefix will not be
allocated to any device.  How would you be able to guarantee this?  I
would think a better solution would be to engineer your network
differently such that you don't need to leave off part of the prefix
delegation.  Surely there are plenty of IPv6 subnets to go around to
accomplish this?

Thank you,

Darren Ankney

On Wed, Jun 21, 2023 at 5:09 PM Dan Geist <dan at polter.net> wrote:
>
> Greetings, all. I'm exploring using the "prefix exclude" feature to do something a little different than what it's RFC describes and would like to know if my scenario would work. In the kea ARM, the example config is as follows:
>
> "Dhcp6": {
>     "subnet6": [
>         {
>             "subnet": "2001:db8:1::/48",
>             "pd-pools": [
>                 {
>                     "prefix": "2001:db8:1:8000::",
>                     "prefix-len": 56,
>                     "delegated-len": 64,
>                     "excluded-prefix": "2001:db8:1:8000:cafe:80::",
>                     "excluded-prefix-len": 72
>                 }
>             ]
>         }
>     ]
> }
>
> This allows a device that sends a Prefix Exclude option to be allocated the indicated /72.
>
> In my environment, we'd like to be able to allocate PDs from a block that is discrete from the subnet and in which the very first PD is NEVER assigned, ala:
>
> "Dhcp6": {
>     "subnet6": [
>         {
>             "subnet": "2001:db8:1::/48",
>             "pd-pools": [
>                 {
>                     "prefix": "2001:db8:2::",
>                     "prefix-len": 48,
>                     "delegated-len": 60,
>                     "excluded-prefix": "2001:db8:2::",
>                     "excluded-prefix-len": 60
>                 }
>             ]
>         }
>     ]
> }
>
> Assuming I don't have any dhcpv6 endpoint devices sending the excluded prefix option, does this accomplish what I'm attempting, which is: never use the first /60 from the PD /48 prefix?
>
> Thanks
> Dan
>
> --
> Dan Geist dan(@)polter.net
>
> --
> ISC funds the development of this software with paid support subscriptions. Contact us at https://urldefense.com/v3/__https://www.isc.org/contact/__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVpxEDd1KQ$<https://urldefense.com/v3/__https:/www.isc.org/contact/__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVpxEDd1KQ$>  for more information.
>
> To unsubscribe visit https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$> .
>
> Kea-users mailing list
> Kea-users at lists.isc.org
> https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$>
--
ISC funds the development of this software with paid support subscriptions. Contact us at https://urldefense.com/v3/__https://www.isc.org/contact/__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVpxEDd1KQ$<https://urldefense.com/v3/__https:/www.isc.org/contact/__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVpxEDd1KQ$>  for more information.

To unsubscribe visit https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$> .

Kea-users mailing list
Kea-users at lists.isc.org
https://urldefense.com/v3/__https://lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$<https://urldefense.com/v3/__https:/lists.isc.org/mailman/listinfo/kea-users__;!!Hit2Ag!ztViBv-QgmZ06HbBl5Y9ZrN-Xr4nESzE_PPkzf-YD9ap-HY5JI-eQbQj327_Nf3TbzbiCDtd_plvYVqNnhhgkw$>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/kea-users/attachments/20230623/d5425026/attachment-0001.htm>

More information about the Kea-users mailing list