In message <20110228013421.ga32...@ussenterprise.ufp.org>, Leo Bicknell writes: > In a message written on Mon, Feb 28, 2011 at 09:39:24AM +1100, Mark Andrews= > wrote: > > Have you *asked* your vendors for a alternate solution? > >=20 > > DHCP kills privacy addresses. > > DHCP kills CGAs. > > Not true. > > Some would like to use DHCPv6 to hand a host things like DNS servers, > NTP servers, PXE boot information, domain name search paths, and > the like.
And you can do most of that without requiring DHCP for addresses. PXE boot may be the exception. > There's no reason once the host gets a DHCP address and > that information it can't also generate and use a privacy address > or CGA. Except in the senarios being described they are also blocking the other addresses. I would also think setting the "M" bit would prelude the host from generating such addresses as they are unmanaged. > While this thread has focused on folks who want to use DHCPv6 to > preclude these items by for instance having switches and routers > filtered to only the "allowed" address (assigned via DHCP) there's > no requirement a network operator do that. > > DHCP has a couple of hundred defined options. Vendors have tried > adding ONE to the RA protocol (DNS servers) as replacement > functionality. That leaves them a few hundred options short, in > my book. Which is what the O bit was for. -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org