On 10 June 2015 at 14:03, Mikael Abrahamsson <swm...@swm.pp.se> wrote:
> On Wed, 10 Jun 2015, Baldur Norddahl wrote: > > We use DHCPv6 to assign just one IP address to the CPE. This is because >> otherwise our routers do not know where to route the /48 that is also >> passed along with DHCPv6-PD. >> > > If you use DHCPv6-PD you only need a LL address, you do not need a GUA > address. Yes, a GUA WAN address is nice for fault finding, shows up in > traceroute etc, but it's not needed. If your routers require a GUA WAN > address in order for DHCPv6-PD to work, then they're not standards > compliant. > I need the GUA to have a stable and predictable next hop for my static route of the /48 prefix delegation. What standard exactly requires my router to be able to snoop a DHCP-PD to create routes dynamically? That was left out and one solution is the one we use. Note that the /48 static routes are configured on the routers well in advantage of the customer even signing up for the service. It is just there waiting for a customer to be assigned the corresponding /128. > > Apart from operational simplicity, we also do not want our routers to >> keep track of a million ND cache entries. Our system pushes that down to >> the CPE. In the network we only have one ND cache entry per customer. >> > > Well, if you have a GUA /128, then you have two per customer (because > you'll have the LL one as well). If you didn't use the GUA address, you'd > only have one. Yes my bad, we will have exactly two cache entries per customer. That is still better than SLAAC with unbounded caches and all the possibility of getting DoS attacks on NDP, extra CPU use etc on my network. Why would I want that, when I can deliver perfect service to the customer with a fixed cache of 2 entries? I have nothing against SLAAC it just does not belong in the carrier network. Regards, Baldur
