Professional Documents
Culture Documents
ShaneKerr(ISC),October2006 Abstract
ThispresentationdiscussesDHCPv6andhowitdiffersfromDHCPinIPv4.An explanationofwhyyoumightuseDHCPv6insteadofIPv6statelessauto configurationisgiven.Finally,therearesomeobservationsfromtherecentISC DHCPv6implementationwork.
Contents
WhatisDHCP?
Whenacomputerstarts,itsendsarequesttothenetwork. AnyDHCPserversthatreceivethisrequestdecidewhataddressandother informationtoassigntotheclient.Thisistypicallybasedonthingslike: whichnetworktherequestarrivedon,ortheMACaddressoftheEthernet cardthatsenttherequest. Eachserversendsapacketwhichofferstoassigntheaddresstothe client. Theclientdecideswhichoffertoaccept,andsendsamessagetothe serverconfirmingthechoice. Theserveracknowledgesthatithasrecordedthisaddress.
addresses.Thisisprimarilyforredundancy,butalsoallowsloadbalancing.
HowisDHCPv6differentfromDHCPinIPv4?
Nobaggage. DHCPisbasedonanearlierprotocolcalledBOOTP.Thispacket layoutiswastefulinalotofcases. Alotoftheoptionsturnouttobenotuseful,ornotasusefulasthey canbe,butitishardtochangeaprotocolwithsuchalarge installedbase. Therearealotof"tweaks"thatimplementationsneedinordertobe compatiblewiththebuggyclients. DHCPv6leavesallthisbehind. IPv6isbetter. TwofeaturesofIPv6greatlyimproveDHCPv6: IPv6hostshave"linklocaladdresses".Everynetworkinterfacehasa uniqueaddress,thatcanbeusedtosendandreceiveonthelink only.IPv6hostscanusethistosendrequestsfor"real"addresses.IPv4 hostshavetousesystemspecifichackstoworkbeforetheyhavean address. AllIPv6systemssupportmulticasting.AllDHCPv6serversregisterthat theywanttorecieveDHCPv6multicastpackets.Thismeansthe networkknowswheretosendthem.InIPv4,clientsbroadcasttheir requests,andnetworksdonotknowhowfartosendthem. Oneexchangeconfiguresallinterfaces. AsingleDHCPv6requestmayincludesallinterfacesonaclient.Thisallows theservertoofferaddressestoallinterfacesinasingleexchange.Each interfacemayalsohavedifferentoptions. Definesaddressallocationtypes. DHCPv6allowsnormaladdressallocation,aswellastemporaryaddress allocation.Inasense,alladdressesare"temporary",buttheinthiscaseit meanstheIPv6privacyaddresses.
DHCPv6doesnothaveasmanyoptionsdefinedasDHCPforIPv4,butthereare quiteafew.YoucanfindthesebysearchingtheIETFRFCs,andtheyinclude: IPv6address,IPv6prefix Rapidcommit Vendorspecificoptionsextension SIPservers DNSservers&searchoptions NISconfiguration SNTPservers Page2of4
BCMSservers
WhywouldIuseDHCPv6,ratherthanautoconfiguration?
Oneofthe"gee,cool"featuresofIPv6isthathostscangetanaddress automatically.Thewaythisworksisthattherouteronthenetworkperiodically broadcaststheaddressthatthenetworkuses.Thehoststhenaddunique informationontopartofthat,andthecombinationisanewIPv6address. Therearetwoproblemswiththisscenerio: 1. IPv6addressautoconfigurationprovidesaverylimitedamountof informationaboutthenetwork. Forinstance,untilveryrecently,therewasnowaytofindoutwhich addressesprovidedDNS(asofAugust2006thereisanexperimentalrouter advertisementthatprovidesDNSinformation)1. DHCPv6iseasilyextendedtoincludenewinformationastheneedarises. 2. Inamanagednetwork,youmayprefertohavecontroloverwhich addressesareallocated.Evenifyoudon'tcarewhichaddressesare allocated,knowingwhenagivenhostusedagivenaddressisusefulfor auditpurposes. Also,aDHCPv6servercanperformcertaintasksthatyoudon'twantany machineonthenetworkdoing.AnexampleofthisisusingDDNSto updatethereverseDNSinformationfortheIPv6address. Intheend,thequestionof"statelessautoconfigurationvs.DHCPv6"isprobablya badquestion.Itispossibletouseautoconfigurationtosethostaddresses,and thenuseDHCPv6toprovidefurtherinformationtothehosts.
Implementationobservations
ISChasbeenbusyimplementingDHCPv6foracoupleofmonthsnow.So,I'dlike toshareafewobservationsfromtheimplementorside.
DHCPv6ismuch,muchcleanerthanDHCPforIPv4. Allofthedifferencesoutlinedinthecomparisonsectionmakefora cleanerprotocol. NothavingtohackbelowthesocketlayerintheOSisabeautiful thing. TheRFCsandotherdocumentationareeveneasytoread! DHCPv6isadifferentworldfromDHCPforIPv4. ADHCPv6packetmayhaveoptionsencapsulatedatmany differentlevels.Intheoutermostpacket,ineachinterface,within eachaddress,andsoon. Partofarequestcanfailwhileotherpartssucceed. Thesameoptioncanappearmultipletimes,withdifferentvalues, withinasingleencapsulationlevel.
1 http://www.ietf.org/internetdrafts/draftjeongdnsopIPv6dnsdiscovery09.txt
Page3of4
Beingcleanerdoesn'tnecessarilymeansimpler.:)
Existingimplementations
ThereareanumberofDHCPv6implementationsthatyoucanuse.Notethatthis listismostlyjusttheresultsofabitofresearchwithGoogle.
ISCDHCP Thisisactuallyalie,becausewedon'thaveareleaseyet.Weare currentlyworkingonbothaDHCPv6clientandserver,butthesearenot expectedtobereleaseduntilearly2007.Weaimtobeareference implementionforDHCPv6,thesameasforDHCPandDNS,targettinga widerangeofUnixplatforms.BSDlicense. DHCPv6:Dibbler Appearstobeanactiveproject,portedtoanumberofsystems.Supports LinuxandWindows.GPLlicense. WIDEDHCPv6 DHCPv6fromtheKAMEproject.Appearstobeactive.BSDlicense. DHCPv6@SourceForge Appearstobeaninactiveproject,lastrelease20040315.BSDlicense. CiscoIOS CiscoseemstohaveaDHCPv6server.
Therearesurelyotherclientsandservers.IfyouwanttorunDHCPv6,thetools arethere.
Conclusion
Page4of4