Re: IPv6 Deployment for the LAN

[William Herrin <herrin-nanog () dirtside com>]

On Sat, Oct 17, 2009 at 8:55 PM, Ray Soucy <rps () maine edu> wrote:
> As it turns out delivering IPv6 to the edge in an academic setting has
> been a challenge.  Common wisdom says to rely on SLAAC for IPv6
> addressing, and in a perfect world it would make sense.

Ray,

Common wisdom says that?

> Our current IPv6 allocation schema provides for a 64-bit prefix for
> each network.  Unfortunately, this enables SLAAC; yes, you can
> suppress the prefix advertisement, and set the M and O flags, but that
> only prevents hosts that have proper implementations of IPv6 from
> making use of SLAAC.  The concern here is that older hosts with less
> than OK implementations will still enable IPv6 without regard for the
> stability and security concerns associated with IPv6.

I thought someone had to respond to router solicitations for stateless
autoconfig of global scope addresses to happen. On Linux you just
don't run the radvd. On Cisco I think it's something like "ipv6 nd
suppress-ra" in the interface config. Does that fail to prevent
stateless autoconfig? Or is there a problem with the operation of
DHCPv6 if router advertisements aren't happening from the router?

Regards,
Bill Herrin


-- 
William D. Herrin ................ herrin () dirtside com  bill () herrin us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004