Re: [v6ops] A broken promise - "You said PD Prefix Valid Lifetime is going to be X" (Re: SLAAC renum: Problem Statement & Operational workarounds)

Richard Patterson <> Mon, 11 November 2019 16:21 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 6621212010F for <>; Mon, 11 Nov 2019 08:21:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id sHcqn7fgCwcd for <>; Mon, 11 Nov 2019 08:21:47 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4864:20::d29]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A25651200B6 for <>; Mon, 11 Nov 2019 08:21:46 -0800 (PST)
Received: by with SMTP id x21so15220109iol.2 for <>; Mon, 11 Nov 2019 08:21:46 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=MyyEGuiidn9TfbRedbc7ThjJy+o8kozAe3KTE//Fb7Y=; b=H6Eis1LVid7bJbX7rYtO21b29MyaWW2JpF1z6KuLoqqoVYWAFVHyAVhvHHE7tyVkYg Z39jtdmFfPZY67pqlzuYkojOZLXTP7bVbnOrXHuFfw9fpOEL7nzCXBD9bWvl/XBVIfN1 loKDgpAbE09h7sS87MZky+RQJkjV7313CyePs/ybbICia+HslIwG5jC5KfMrRdlh2FLd kEEAvNbXi2W7wO/+nprYEEKjoUZddPmhkjkry7m9ys5fWZvIyL7ia4dtE8Owu1hDHZbP EVnqqu1g5X86gsOlmB1OIYVNJQFP6Rm91VD0Yj2OokG/x0GsVvI/09dMOsZAXLVgObfV 4+0A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=MyyEGuiidn9TfbRedbc7ThjJy+o8kozAe3KTE//Fb7Y=; b=LBge6K9yTj96Oh9MJW0XgAtr5JmfXuCGrZOxY784/VEDQ8jM9THBkwFueo3dTpZNB3 UK1zFEI3yIrdREvT1dGScRfrMiWi2nTgUD+cjA6eBUcJ5fx5CSLiEwwo4n0hcxAhe1AG OovQRtIJMr6U4nqe49HaOSNwEryUhT/Q3qnC6rfHOzxn6E/DTG18zmzExLjLsdh481KJ PQR+uFqzMBUWkRdZoGTUlpLLevyEm0KLRqfaF6BQhO3eyirUki9ERvj051Hmc2SS5Qxp jSLGNQL7Yg7UGqRRTxM8loEx7DO30G0ouGF74qoEuCsUpmiyBy/peZolbpuX4U/f56zN jvKA==
X-Gm-Message-State: APjAAAVmjuqOCjKXEE+Rd3ggYLsETauQ3BhFYJmo2AhfRFOJmIMcSXpH uqB39K2RWWRJt7hh/JR4ccLRO8Lv1yE=
X-Google-Smtp-Source: APXvYqyT0ex11rO7mZ83tD6hvypN5nrEH/oRhfiJ0Zb5NNq0uaJEHE291kSkmnOMshBrTyDqYFSqgA==
X-Received: by 2002:a6b:a0c:: with SMTP id z12mr24826080ioi.142.1573489305874; Mon, 11 Nov 2019 08:21:45 -0800 (PST)
Received: from ( []) by with ESMTPSA id g28sm1258260iob.33.2019. for <> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 11 Nov 2019 08:21:45 -0800 (PST)
Received: by with SMTP id v17so14116722iol.12 for <>; Mon, 11 Nov 2019 08:21:45 -0800 (PST)
X-Received: by 2002:a5e:a916:: with SMTP id c22mr21266167iod.177.1573489304851; Mon, 11 Nov 2019 08:21:44 -0800 (PST)
MIME-Version: 1.0
References: <> <>
In-Reply-To: <>
From: Richard Patterson <>
Date: Mon, 11 Nov 2019 16:21:33 +0000
X-Gmail-Original-Message-ID: <>
Message-ID: <>
To: " list" <>
Content-Type: multipart/alternative; boundary="00000000000012dbd1059714875a"
Archived-At: <>
Subject: Re: [v6ops] A broken promise - "You said PD Prefix Valid Lifetime is going to be X" (Re: SLAAC renum: Problem Statement & Operational workarounds)
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: v6ops discussion list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 11 Nov 2019 16:21:51 -0000

On Mon, 11 Nov 2019 at 11:02, Ted Lemon <> wrote:

> The ISP has to install a DHCPv6 server in order to do an IPv6 deployment.
> We’ve already heard from one of the main vendors of DHCPv6 servers that
> their server behaves correctly and does not do flash renumbering.   The two
> DHCPv6 servers that I have worked on don’t either.  So why is the ISP going
> to have to delay?  The one time I was asked to help an ISP to set up DHCPv6
> in a way that would allow frequent renumbering, it was a major engineering
> effort (which we wound up not doing).   The ISP would have to go *out of
> their way* to not support stable prefixes.

This is an oversimplification, ignoring the complexities introduced by
various topology, architectural and indeed vendor decisions.
- Centralised vs distributed DHCP server.
Distributed helps scale but centralised is easier to manage.
Centralised would require some topology-awareness to know where a
subscriber is to be numbered from, unless you're OK with deaggregation and
the scaling impact it has.

- Via a relay or direct?
Direct could mean large broadcast domains and may not scale, but helps
minimise the need for the server to be topology-aware.
Relays would help scale but will need to keep state, and to completely
avoid flash renumbering during planned or unplanned outages, they would
need to write leases to persistent storage also.    (see

- DHCPv6 server colocated on the BNG/CMTS, or an off-box solution?
Off-box solution is yet-another-thing to manage and scale.  Presumably
there'll also need to be an IPAM, if we're to do 100% fixed statics, just
for subscriber assignments.
BNG/CMTS Vendor server may have it's on constraints and limitations.

As a network operator, we can make sure we do as much as we can to keep PDs
stable and honour leases up to the lease-time advertised, but there will
always be the risk that sometimes we have to revoke the validity of a
lease, either intentionally or unintentionally.  And sadly in the worse
case scenarios, we may not be able to offer the same PD or NA as previously
If we can offer some recommendations to CPE & DHCP client/relay/server
developers, as well as Operators, to help minimise this impact, I think
it's worthwhile to do.
If we can slightly tweak protocols to help minimise this impact, I
understand that it may be a contentious idea, but would like to think it's
also worthwhile looking in to?