Why use DHCPv6 over Stateless Address Autoconfiguration?

dhcp ipv6 radvd ndp
17,710

Solution 1

DHCPv6 provides more control to the administrator in assigning addresses. If you really want that sort of control over your IPv6 addresses, you don't understand IPv6 yet.

It also can be used to provide additional configuration parameters beyond the basic address/gateway supported through autoconfiguration. An example might be WINS servers, NTP servers, TFTP boot servers, and other less common options. None of which are worth the pain of deploying a DHCPv6 architecture in my opinion.

Stick with autoconfig.

Solution 2

One thing that DHCPv6 supplies that autoconfig doesn't is DNS servers.

Solution 3

You want DHCPv6 if

  • the network administrator should have control over who gets (which) IPv6 addresses, e.g. because they need to be in sync with AAAA DNS records, or
  • if you don't want to tell the outside your MAC addresses (i.e. what hardware vendors you use), but don't want to use privacy extensions either, e.g. to still use permanent IPv6 addresses, or
  • if you want the same dynamic DNS updates for IPv6 which you're used from your DHCP(v4) server for IPv4.

Solution 4

DHCPv6 has many features not present in SLAAC. Most of those features are rarely needed.

There is however one DHCPv6 feature, which would be useful in many cases. That is prefix delegation. If you are a network administrator at an ISP, that one feature may be enough for you to make it worthwhile to deploy a DHCPv6 server. If you are not working for an ISP, you probably don't need prefix delegation.

What prefix delegation can do is that the DHCPv6 server at the ISP can tell the CPE router which range of addresses it can use for its internal LAN(s). Without prefix delegation only the WAN interface of the router could be autoconfigured. The LAN would need to be manually configured.

The CPE router would act as DHCPv6 client. It would not need to act as DHPv6 server, since the LAN(s) can just use SLAAC.

Solution 5

SLAAC was a good attempt to autoconfig addresses and remove the centralization that a DHCP server obliges. In a IPv4 network with all devices' addresses handled by DHCP server, if it fails, soon enough (when leases start expiring), nobody will be able to talk anymore.

But SLAAC lacks features. In example, if you wanna attribute a local domain name for every device, you're gonna need a local DNS server anyway. If all connections are done by these names instead of (very) long IPv6 addresses, then you have back your centralized server giving you neat features and that irritating risk. Then, if you have a DNS server, then a DHCP one isn't big issue.

Another example, if you have multiple VLANs. Say you wanna restrict only known devices to your VLAN, and configure another one for new yet-unknown devices. This VLAN can't access Internet and neither see your devices. Then a DHCP server comes at hand.

A big issue with SLAAC is that a device's address has its MAC. It was ingenuous to do that, as it increased address size and reduced privacy, some say security too. DHCP server allows you to use other rules to set addresses.

Share:
17,710
Jeff
Author by

Jeff

Updated on September 17, 2022

Comments

  • Jeff
    Jeff almost 2 years

    IPv6 and RFC 2462 provide a means for hosts to configure their own IP addresses via stateless address autoconfiguration. To me this seems like the bee's knees, and it leaves me wondering why someone would want to go through the trouble of configuring a DHCPv6 server instead. I don't manage networks as a profession, so I'm guessing that there are some obvious simple reasons why one would want to support DHCPv6 that don't occur to me. Could someone please elaborate on what these reasons might be?

  • Jason Berg
    Jason Berg over 13 years
    Specifying TFTP isn't worth deploying a DHCP server? I'm guessing you've never deployed IP phones...
  • Axel Beckert
    Axel Beckert over 9 years
    I think it's arrogant to claim that if you want DHCPv6 you haven't understood yet. There are definitely scenarios where DHCPv6 is the best solution.
  • Ale
    Ale over 9 years
    Why would you need DHCPv6 over SLAAC if you want dynamic DNS updates?
  • Axel Beckert
    Axel Beckert over 9 years
    Good point, I updated that statement to be less ambiguous.
  • Michael Hampton
    Michael Hampton over 9 years
    @Ale Some operating systems handle SLAAC entirely in-kernel and have no provision for calling a userland program after SLAAC completes, which would be required to do dynamic DNS updates. Since DHCPv6 is done in userland, it is possible to have dynamic DNS updates.
  • kasperd
    kasperd over 9 years
    @MichaelHampton Even if there is no direct hooks for calling user space code immediately upon completing SLAAC, there are so many other ways the result of SLAAC would be visible to user space, that it certainly would be possible to create a user space utility that could detect the assigned addresses and update DNS.
  • Michael Hampton
    Michael Hampton over 9 years
    @kasperd That's probably true...now I wish someone would do it! This is one of the annoying issues in my FreeIPA domains.
  • kasperd
    kasperd over 7 years
    I thought all up to date OS understood DNS advertised through router advertisements by now. And I don't know of any good reason for using link prefixes longer than /64.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Setting up stateful DHCPv6 on Linux
IPv6 hosts configure default route with router's link-local address
How to configure radvd, dhcpd6, routing and /64 subnet based on delegated prefix by DHCPv6-PD server?
What's better RADVD or DHCPv6 for local network with IPv6?
Can't get ipv6 address using dhcp
How to configure /etc/network/interface to use static IPv6, but dynamic IPv4?
Have to run sudo dhclient eth0 automatically every boot
How to get both IPv4 and IPv6 dynamic address
Pinging own machine returns an IPv6 address instead of IPv4
Using Raspberry Pi as IPv6 router for network