Re: [v6ops] Stateful SLAAC (draft-ietf-v6ops-unique-ipv6-prefix-per-host)

Fernando Gont <> Mon, 13 November 2017 13:56 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E4C7E1294D2; Mon, 13 Nov 2017 05:56:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 02SstgmTq8iA; Mon, 13 Nov 2017 05:56:22 -0800 (PST)
Received: from ( [IPv6:2001:67c:27e4::14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4CD34129584; Mon, 13 Nov 2017 05:56:22 -0800 (PST)
Received: from [IPv6:2001:67c:1232:144:ed68:7911:ebe1:178e] (unknown [IPv6:2001:67c:1232:144:ed68:7911:ebe1:178e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 7BE228257B; Mon, 13 Nov 2017 14:56:19 +0100 (CET)
Subject: Re: [v6ops] Stateful SLAAC (draft-ietf-v6ops-unique-ipv6-prefix-per-host)
To: Victor Kuarsingh <>
Cc: Lorenzo Colitti <>, "" <>, " WG" <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
From: Fernando Gont <>
Message-ID: <>
Date: Mon, 13 Nov 2017 21:51:24 +0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <>
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 13 Nov 2017 13:56:24 -0000

On 11/13/2017 09:35 PM, Victor Kuarsingh wrote:
> On Mon, Nov 13, 2017 at 8:20 AM, Fernando Gont <> wrote:
>> On 11/13/2017 07:14 PM, Lorenzo Colitti wrote:
>>> On Mon, Nov 13, 2017 at 6:21 PM, Fernando Gont <
>>> <>> wrote:
>>>     >From a operational point of view, one would wonder why pursue this path
>>>     as opposed to e.g. do DHCPv6
>>> As for DHCPv6 specifically, one reason is that DHCPv6-only networks are
>>> not recommended by the IETF. RFC 7934.
>> Yes, sorry: I meant DHCPv6-PD.
>> RFC7934:
>>     Due to the drawbacks imposed by requiring explicit requests for
>>     address space (see Section 4), it is RECOMMENDED that the network
>>     give the host the ability to use new addresses without requiring
>>     explicit requests.  This can be achieved either by allowing the host
>>     to form new addresses autonomously (e.g., via SLAAC) or by providing
>>     the host with a dedicated /64 prefix.  The prefix MAY be provided
>>     using DHCPv6 PD, SLAAC with per-device VLANs, or any other means.
>> Therefore, why re-invent PD in SLAAC?
> PD is quite vast, and this draft describes a specific set of use
> cases.  It does not seem like a re-invention of PD in SLACC to me.

Again: Why not use DHCPv6-PD?

>> That aside, same RFC says:
>>     Using stateful address assignment (DHCPv6 IA_NA or IA_TA) to provide
>>     multiple addresses when the host connects (e.g., the approximately 30
>>     addresses that can fit into a single packet) would accommodate
>>     current clients, but it sets a limit on the number of addresses
>>     available to hosts when they attach and therefore limits the
>>     development of future applications.
>> I seem to recall many systems limit the number of addresses per
>> interface to 16.
> Current limitations are likely ephemeral and can change over time.

Same could possibly be said about packet sizes.

In any case, I don't see any limits on the number of DHCPv6-requests. If
one is not enough, do more than one.

>> So the limit of "30 per request" aleady gives you more
>> than what you typically get, in practice, with SLAAC. Also... is issuing
>> multiple requests forbidden?
> I think we also have enough history in computing and the Internet to
> know that today's concept of "that is way more then we need, so why do
> we need more" is not a good argument to limit capabilities.

Apply this reasoning to your response above:

  PD is quite vast, and this draft describes a specific set of use
  cases.  It does not seem like a re-invention of PD in SLACC to me.

Rather than limit a node to request a /64, emply DHCPv6-PD, and allow
the node to get more than that. Otherwise, *this* mechanism is enforcing
an artificial limit.

Fernando Gont
SI6 Networks
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492