On Thu, 11 Jun 2015 19:42:07 -0400, Laszlo Hanyecz <las...@heliacal.net>
wrote:
It looks to me like Lorenzo wants the same thing as most everyone here,
It doesn't look like that from my chair. He doesn't want to implement
DHCPv6 (and has REFUSED to do so for YEARS now) because he cannot find
solutions for every possible permutation. In fact, he's hung up on **ONE**
configuration: a network where DHCPv6 allows exactly one address to an
endpoint.
Things like privacy extensions, multiple addresses and PD are great
because they make it harder for people to do address based tracking,
which is generally regarded as a desirable feature except by the people
who want to do the tracking.
Addresses are *always* trackable. It's just a matter of who is in the best
position to do it. My ISPs know what prefixes are assigned to me (both
static and dynamic.) If I keep track of it, I know everything that's using
an address in my networks -- by DHCP logs, and in theory, MAC table logs.
(btw, I don't know of any solutions for MAC level logging.)
DHCPv6 is a crutch that allows operators to simply implement IPv6 with
all the same hacks as IPv4 and continue to do address based access
control, tracking, etc.
It allows them to have the level of accountability and control they desire
and/or REQUIRE.
With DHCPv6, one doesn't have to pin a device to a single, solitary
address. ISPs already handle that with PD (a single /64, a /60, or
larger.) And there's nothing in the specs blocking a node from asking for
multiple addresses. Again, because of the specter of one-address, Lorenzo
REFUSED to support DHCPv6, IN. ANY. WAY.
