[lacnog] Problemas en torno a SLAAC/DHCPv6-PD (nuevo IETF I-D)

Fernando Frediani fhfrediani en gmail.com
Vie Feb 1 01:07:20 -02 2019 

Hello

On 31/01/2019 18:17, Fernando Gont wrote:
>
> That's one side of it. The other side of allocating stable prefixes is
> that such practice renders things like temporary addresses rather
> irrelevant: no matter how much the Interface-ID changes, you can still
> correlate network activity via the Prefix (because it's stable).
>
> It would seem that in some countries (e.g., Germany) it's actually
> *required* that CPEs default to dynamic prefixes.

Humm, interesting to force to dynamic prefixes. I just hope their law 
forces ISPs also to record each and every prefix that is given to a 
client and make possible to identify which connection was used to commit 
a crime for example.
Where that is not a obligation other than solving this issue related in 
the previous message having a stable prefix makes easier for the ISP to 
identify someone when necessary and means less logging. But in the other 
hand I see your point some people may not like to be identified by 
websites and applications always behind the same prefix I guess, 
although that happens a lot in other type of connections like Corporate 
connections with that static prefixes allocated.

>
> It would seem this mechanism wouldn't help, since it kicks in when a
> router ceases to advertise a prefix it used to advertise, and advertise
> a different prefix in return. In the scenario you describe, I guess the
> lower-priority router would refrain/stop advertising its prefix but
> wouldn't "replace" the new prefix with a different one.
Actually the scheme should be something like: 1) Both CPEs advertises 
their Prefixes to the LAN but with different priorities, so devices in 
the LAN will go out via the highest CPE gateway 2) When the WAN 
connection of the higher priority CPE is lost RA should set Lifetime to 
0, stop advertising the prefix and set the deprecate flag to true 3) 
Devices in the LAN should pick up that and start using the prefix and 
default gateway announced from the lower priority CPE.

Not sure if I missed or confused something.

Fernando

Más información sobre la lista de distribución LACNOG