host-identifier with IPv6
Ted Lemon
Ted.Lemon at nominum.com
Tue Mar 3 19:08:39 UTC 2009
On Mar 3, 2009, at 10:38 AM, Marc Perea wrote:
> I work for an ISP where we do exactly that; we assign IP addresses
> based on a client request matching a class that is defined by their
> agent.circuit-id, with a pool of a single IP address designated for
> that customer. Why should I not use the circuit ID to assign the IP?
Er, to be clear, it's fine if you use the circuit ID in your address
assignment *decision*. But the identifier that is linked to the
address is required by the protocol to be the client identifier, if
present, or the Mac address, if no client identifier is present. In
practice it may not cause you any trouble that you care about to
violate the spec by using the circuit ID as the actual identifier, but
it sounds like you're not doing that anyway.
> On the corporate side, chalk us up as another ISC dhcpd user who
> both would like to use some flag to set MAC (hardware address) as
> the primary key in the leases database for v4 and another proponent
> of having some way to reliably use the MAC of a new device in dhcp
> administration of v6 in the future. We haven't yet begun v6 rollout
> and likely won't until forced to by govt. mandate. By the sounds of
> it, this won't at all be a "fun" upgrade when the time comes.
Forgive me, but this sounds like a case of deciding how to solve the
problem before you've examined the tools available to you. IPv4 and
IPv6 are similar in some ways, but very different in others. For
example, I would expect you to be using prefix delegation with IPv6 in
an ISP context - this is the equivalent of giving out a single global
IP address that's then NATted internally to multiple devices. In
that situation, the idea of using the Mac address as an identifier
doesn't seem like it would be useful in the way that you're suggesting.
I suspect you will switch to IPv6 on the basis of market pressure, not
government mandate. This probably won't happen in the near future,
but maybe within a decade. The reason is that while in the U.S. we
are not too tightly constrained on IP addresses, the situation in the
rest of the world is different. At some point if you don't have an
IPv6 solution, your customers won't be able to reach sites they need
to be able to reach, because those sites will be IPv6-only.
Personally, if I had a choice of a vendor that supported native IPv6
where I live now, I would drop my existing vendor like a hot potato.
Right now I'm an outlier; in ten years Joe Average will be doing the
same thing.
More information about the dhcp-users
mailing list