[ipv6hackers] Help with business case for RDNSS
owend at he.net
Fri Aug 24 05:54:00 CEST 2012
On Aug 23, 2012, at 20:49 , Jim Small <jim.small at cdw.com> wrote:
>>> Just to follow up on something Marc mentioned in a new thread:
>>>> OS implementations at various stages what they
>>>> support and what not (any OS beside Ubuntu that can get the DNS server
>>>> from something else than DHCP6?) - and the IPv6 stacks are not well
>>>> tested enough (see the number of issues found of IPv6 security issues
>>>> for example, compared to IPv4 security issues in the top-5 OS used).
>>> I would like to advocate for RDNSS. However, when I have asked for it the
>> response was show us a compelling business case. The question was
>> genuine - if I can show a business case there are proponents of RDNSS. The
>> challenge is that most things support stateless DHCPv6 just fine. Configuring
>> stateless DHCPv6 is pretty easy so why do we need RDNSS?
>>> Everything I've thought of - embedded, SOHO, Labs - stateless DHCPv6
>> works fine. So I'm somewhat stumped - I like the idea of RDNSS because it
>> seems easier to just add an line/option in a config for DNS via RA. However,
>> justifying additional coding for developers requires a better argument.
>>> Can anyone think of some good business/use cases?
>> Some people don't want the overhead of running a DHCP server. Not all
>> routers support DHCPv6 servers and even the ones that do, there are
>> reasons not to want to tie up your router doing DHCP just for DNS servers to
>> be issued.
> My understanding is that with things like this:
> And the fact that DHCPv6 is ported to Linux, that DHCPv6 support is pretty much cheap and trivial. While I agree with you in spirit - I would very much like RDNSS for SOHO and Lab like environments, I don't see how to make a compelling business case given the above. What am I missing?
Yes, the RPI can be a great DHCPv6 client (or server for that matter).
I don't want to have to run a DHCPv6 server on my network. Not on my router. Not on my Raspberry, Not on my apple, Not on my Linux box, nowhere.
I don't want to deal with DHCPv6 on this particular network.
It's not intimidation.
It's not fear.
It's not that I don't know how to configure DHCPv6, I've done it a few times.
However, I don't need it and I don't see why I should have to deploy all that extra overhead just to get DNS servers handed out to some clients. The router can do that in RA perfectly well.
What I haven't experimented with is whether RDNSS will work if I put it out from a lower-priority router. If that works, I can work around lack of support in the router by having the linux box to the RDNSS RAs at priority LOW. The real routers are all priority HIGH and if they all croak, blackholing traffic to the linux box isn't the worst outcome.
> Ipv6hackers mailing list
> Ipv6hackers at lists.si6networks.com
More information about the Ipv6hackers