Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2015 Infoblox Inc. All Rights Reserved. Tom Coffeen, IPv6 Evangelist UKNOF January 2015 Tom Coffeen, IPv6 Evangelist UKNOF January 2015 DHCPv6 Operational.

Published byDaniel Lynch Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2015 Infoblox Inc. All Rights Reserved. Tom Coffeen, IPv6 Evangelist UKNOF January 2015 Tom Coffeen, IPv6 Evangelist UKNOF January 2015 DHCPv6 Operational."— Presentation transcript:

1 © 2015 Infoblox Inc. All Rights Reserved. Tom Coffeen, IPv6 Evangelist UKNOF January 2015 Tom Coffeen, IPv6 Evangelist UKNOF January 2015 DHCPv6 Operational Challenges 1

2 © 2015 Infoblox Inc. All Rights Reserved.2 Agenda  IPv6 is here! (Really, we mean it this time…)  DHCPv6 (i.e., Oh, look what IPv6’s dragged in!)  Stuff that’s (more or less) working  Prefix delegation  DHCPv6 fingerprinting  Stuff that’s (more or less) borked  Failover  Sanity in mixed autoconfig environments  Conclusion

3 © 2015 Infoblox Inc. All Rights Reserved.3 IPv4 is depleted…

4 © 2015 Infoblox Inc. All Rights Reserved.4 IPv6 is Here…

5 © 2015 Infoblox Inc. All Rights Reserved.5 IPv6 is…Over There… UK Percentage of IPv6 Users 0.33%

6 © 2015 Infoblox Inc. All Rights Reserved.6 Source: http://www.worldipv6launch.org/measurements/ Some IPv6 Network Operator Measurements 63% 46% 51% 31%

7 © 2015 Infoblox Inc. All Rights Reserved.7 Source: http://www.worldipv6launch.org/measurements/ UK IPv6 Network Operator Measurements

8 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 – What’s (More or Less) Working 8 DHCPv6 Prefix Delegation

9 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Relay – ISC 4.3 9 Custom provisioning of DHCPv6 info for a particular client or client type or circuit ID Classes can now be created based on DHCPv6 relay-provided options (rather than just client-provided options)

10 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Relay – ISC 4.3 10

11 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Relay – ISC 4.3 11

12 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 12 DHCPv6 Fingerprinting

13 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprinting 13

14 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprinting 14

15 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprinting 15

16 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprinting 16

17 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprinting 17 IPv4 DHCP Option Request (Option 55) DHCPv6 Option Request (Option 6) ≈  Typically, fewer options appear under Option 6 in a DHCPv6 SOLICIT  Other elements may be required to validate the device type or system –Vendor Class field (where present) –Timing how often the client sends a SOLICIT message –In dual-stack environments, correlation with the IPv4 fingerprint –The Client Identifier field in a DHCPv6 SOLICIT

18 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprinting 18

19 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprinting 19 SOLICIT, 1, 6, 23, 24, 8, and 3 == Fedora 17

20 © 2015 Infoblox Inc. All Rights Reserved.20 DHCPv6 Fingerprinting and BYOD

21 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprinting and BYOD 21  Actionable data  (Very basic) Security  Is this type of device allowed on the network? (i.e., will it be allowed an IP address assignment via DHCP)  Reporting  What devices are connecting (or attempting to connect)?  Passive -- no additional transactional overhead  compare with nmap host OS detection

22 © 2015 Infoblox Inc. All Rights Reserved. DHCPv6 Fingerprints 22  Currently, 198 unique fingerprints for DHCP  None for DHCPv6 –Likely due to a lack of general IPv6 deployment in environments where fingerprinting is potentially most useful (i.e., enterprise/corporate networks) –Thus, BYOD not generally a challenge for IPv6 (yet…)

23 © 2015 Infoblox Inc. All Rights Reserved.23 DHCPv6 Failover DHCPv6 – What’s Borked

24 © 2015 Infoblox Inc. All Rights Reserved.24 DHCPv6 Failover  Often repeated that it’s not needed (unless you’re doing PD)  Many enterprises are insisting on it  “We do it this way in IPv4 and we want to be able to do it the same way in IPv6…”  Still no standards –DHCPv6 Failover Requirements draft-ietf-dhc-dhcpv6-failover-requirements-07 –DHCPv6 Failover Design draft-ietf-dhc-dhcpv6-failover-design-04  Still no proprietary implementation:

25 © 2015 Infoblox Inc. All Rights Reserved.25 DHCPv6 Failover  Workarounds:  Split prefixes Take a /64 and split it into two /65s, one per DHCPv6 server; e.g.: 2001:db8:1:1:0000::/65 2001:db8:1:1:8000::/65 2001:db8:1:1::/64  Use DHCPv6 Preference option (primary server at 255, secondary at 0)  Drawback: Over time, uneven distribution of leases between servers  Additional workarounds in RFC 6853 - DHCPv6 Redundancy Considerations

26 © 2015 Infoblox Inc. All Rights Reserved.26 SLAAC/DHCPv6 Interaction DHCPv6 – What’s Borked

27 © 2015 Infoblox Inc. All Rights Reserved.27 DHCPv6 – Autoaddressing Review  SLAAC –Routers advertise prefixes that identify the subnet(s) associated with a link, while hosts generate an "interface identifier" that uniquely identifies an interface on a subnet. An address is formed by combining the two.

28 © 2015 Infoblox Inc. All Rights Reserved.28 DHCPv6 – Autoaddressing Review  DHCPv6 (stateful)  The Dynamic Host Configuration Protocol for IPv6 (DHCP) enables DHCP servers to pass configuration parameters such as IPv6 network addresses to IPv6 nodes. It offers the capability of automatic allocation of reusable network addresses and additional configuration flexibility.

29 © 2015 Infoblox Inc. All Rights Reserved.29 DHCPv6 – Autoaddressing Review  DHCPv6 (stateless) –Used by nodes to obtain configuration information, such as the addresses of DNS recursive name servers, that does not require the maintenance of any dynamic state for individual clients. A node that uses stateless DHCP must have obtained its IPv6 addresses through some other mechanism, typically stateless address autoconfiguration.

30 © 2015 Infoblox Inc. All Rights Reserved.30 DHCPv6 – Autoaddressing Review

31 © 2015 Infoblox Inc. All Rights Reserved.31 Autoaddressing – Renumbering scenarios Address from Autoaddressing Method 1 Release/replace Address’ from Autoaddressing Method 1 Address from Autoaddressing Method 1 Address from Autoaddressing Method 2 Address from Autoaddressing Method 1 Address from Autoaddressing Method 2 Release/replace Retain/add

32 © 2015 Infoblox Inc. All Rights Reserved.32 DHCPv6/SLAAC Interaction Host StateInputBehavior Host has not acquired any addresses No RASome popular OSes acquire DHCPv6 addresses. Host has not acquired any addresses RA with M=0, O=1Some popular OSes acquire other info from DHCPv6 addresses. Others do so only if A=1. Host has acquired address from DHCPv6 only RA with M=0Some OSes release DHCPv6 immediately. Some release upon expiry. Host has acquired address from SLAAC only RA with M=1Some OSes release DHCPv6 immediately. Some release only if SLAAC address expires and can’t be refreshed.

33 © 2015 Infoblox Inc. All Rights Reserved.33 Test, test, then test some more… DHCPv6/SLAAC Interaction

34 © 2015 Infoblox Inc. All Rights Reserved. tcoffeen@infoblox.com twitter: @ipv6tom tcoffeen@infoblox.com twitter: @ipv6tom Questions? 34

35 © 2015 Infoblox Inc. All Rights Reserved. References 35  ISC DHCP 4.3.0 is now online! –https://www.isc.org/blogs/isc-dhcp-4-3-0-is-live/https://www.isc.org/blogs/isc-dhcp-4-3-0-is-live/  Dynamic Host Configuration Protocol for IPv6 (DHCPv6), RFC 3315, IETF, Jul. 2003  Chatter on the Wire: A look at DHCPv6 traffic, by Eric Kollmann, Nov. 2010 –http://chatteronthewire.org/download/chatter-dhcpv6.pdfhttp://chatteronthewire.org/download/chatter-dhcpv6.pdf

Download ppt "© 2015 Infoblox Inc. All Rights Reserved. Tom Coffeen, IPv6 Evangelist UKNOF January 2015 Tom Coffeen, IPv6 Evangelist UKNOF January 2015 DHCPv6 Operational."

Similar presentations

DHCPv6.

DHCPv6.
Neighbor Discovery for IPv6 Mangesh Kaushikkar. Overview Introduction Terminology Protocol Overview Message Formats Conceptual Model of a Host.

Neighbor Discovery for IPv6 Mangesh Kaushikkar. Overview Introduction Terminology Protocol Overview Message Formats Conceptual Model of a Host.
Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.
© 2006 Cisco Systems, Inc. All rights reserved.IP6FD v2.0—2-1 IPv6 Operations Defining and Configuring Neighbor Discovery.

© 2006 Cisco Systems, Inc. All rights reserved.IP6FD v2.0—2-1 IPv6 Operations Defining and Configuring Neighbor Discovery.
1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Regional Cisco Networking Academy Conference.

1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential.Cisco Networking Academy, U.S./Canada Regional Cisco Networking Academy Conference.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
IPv6 Network Security.

IPv6 Network Security.
1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada Regional Cisco Networking Academy Conference.

1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada Regional Cisco Networking Academy Conference.
Host Autoconfiguration ALTTC, Ghaziabad. IPv4 Address and IPv6 equivalents ALTTC, Ghaziabad.

Host Autoconfiguration ALTTC, Ghaziabad. IPv4 Address and IPv6 equivalents ALTTC, Ghaziabad.
Dynamic Host Configuration Protocol DHCP. Dynamic Host Configuration Protocol -- DHCP -- Networking protocol Obtains configuration information for operation.

Dynamic Host Configuration Protocol DHCP. Dynamic Host Configuration Protocol -- DHCP -- Networking protocol Obtains configuration information for operation.
DHCP Dynamic Host Configuration Part 7 NVCC Professional Development TCP/IP.

DHCP Dynamic Host Configuration Part 7 NVCC Professional Development TCP/IP.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture14: DHCP Switched Networks Assistant Professor Pongpisit Wuttidittachotti,

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture14: DHCP Switched Networks Assistant Professor Pongpisit Wuttidittachotti,
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.
1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada DHCPv6 and IPv6 Automatic Address Allocation.

1 © 2013 Cisco Systems, Inc. All rights reserved. Cisco confidential. Cisco Networking Academy, US/Canada DHCPv6 and IPv6 Automatic Address Allocation.
IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.

IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.
Chapter 11 Configuring Dynamic Host Configuration Protocol

Chapter 11 Configuring Dynamic Host Configuration Protocol
System Configuration: DHCP and Autoconfiguration Chapter 6.

System Configuration: DHCP and Autoconfiguration Chapter 6.

Similar presentations

Ads by Google