Hi,
On one of the Wiki pages for KAREN (essentially, KAREN is the New
Zealand version of Internet2), the above quotation appears along with a
quote from a discussion I had with Shumon Huque of the University of
Pennsylvania. The quotation (Shumon's words) that appears is as follows:
"during the Q&A session at the [IETF-71] plenary (after the IPv6 only
event), Stuart Cheshire of Apple was venting at the mike about why they
should have to support yet another protocol for address assignment and
other configuration info (I thought that was what stateless autoconfig
was for, or something along those lines). Someone mentioned RFC 5006 to
him, and he said yes, that's most likely what they would support .. "
In the above quote, Cheshire appears to be justifying Apple's complete
lack of support for DHCPv6 in MacOS. In fact, MacOS may be one of the
only currently-maintained OSes that does *not* support DHCPv6. Both
Windows Vista and later versions of Solaris 10 have excellent support;
RedHat (and Fedora and CentOS) also have very good support; and the
*BSDs and other Linux distros can be supported via add-on packages
supported in the main package/ports repositories.
There are a lot of reasons why enterprises would want to use DHCPv6
instead of stateless autoconfiguration for IPv6, as I mentioned in my
Micronet talk last year. First, many enterprises and service providers
already support DHCP for IPv4 (DHCPv4) and they can transition to
DHCPv6. Second, DHCPv6 provides methods of tracking individual hosts
that are on the network, which is necessary for DMCA compliance and
security incident response. Third, DHCP provides a mechanism to
streamline the difficult issues surrounding DNS registration of
hostnames in IPv6. Finally, it is currently the only implemented
method, other than static configuration, to provide hosts with IPv6 DNS
server information.
RFC 5006, referenced in the above quote, is an experimental
(non-standards-track) RFC that stipulates that DNS server information
would be placed in routers and advertised by them to clients.
Currently, it is implemented by exactly zero mainstream router vendors
and zero mainstream operating systems, as far as I can tell. In
addition, it's not clear that this RFC had much input from the
operations community. Aside from the very obvious issue of layering
additional functionality and complexity onto internet routers--which
should be most concerned with the critical function of forwarding
packets, not configuring end systems--there is the very practical issue
of maintenance. If I want to change or add IPv6 capable DNS servers,
and have the campus use them, I would much rather reconfigure two or
three redundant central servers rather than 100 or so routers.
(Depending on how it is implemented--if it is implemented--RFC 5006 may
require reconfiguring each user-facing router *interface*, which would
be far worse.)
Moreover, RFC 5006 does not focus on the other enterprise and service
provider needs for DHCP. Cheshire has pooh-poohed these needs in the
past by stating that these needs are better met by using 802.1x. But
802.1x (as pointed out in this response:
<http://www.networkworld.com/community/node/19496#comment-125845>) is
expensive, not only in that it requires managed switches (and makes it
difficult to use small user-installed switches in campus offices and
labs), but because it also requires a scalable service to support all
clients. IST has researched 802.1x deployments in the past and issues
with multiple client standards have become obstacles. In other words,
DHCP continues to be a lighter-weight, "pretty good" solution to the
needs of enterprises and service providers.
It seems that Cheshire's opinion is carrying weight at Apple, as there
has been no DHCPv6 development that I can see in MacOS, despite the
competition moving ahead. It makes me really question the utility of
MacOS machines in the future enterprise (and that includes campus).
In the meantime, I think it's important to communicate our needs to
Apple and other vendors. However, as we roll out IPv6 on campus, please
be aware that MacOS will require stateless autoconfiguration in order to
use IPv6.
michael
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:
To learn more about MAGNet, including how to subscribe to or unsubscribe from its mailing list, please visit the MAGNet Web site:
Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Received on Tue Jan 06 2009 - 15:44:15 PST
This archive was generated by hypermail 2.2.0 : Tue Jan 06 2009 - 15:44:17 PST