Re: Android (lack of) support for DHCPv6

[Ted Hardie <ted.ietf () gmail com>]

On Wed, Jun 10, 2015 at 11:51 AM, Matthew Huff <mhuff () ox com> wrote:

> +1
>
> One IP per device will almost most likely be the preference and
> implementation in corporate/enterprise deployments. Too much procedure,
> regulation and other roadblocks prevent any other solution.
>
> Authentication, Authorization, Accounting, ACLS, NMS, IDS, IP management,
> custom software, and other roadblocks will certainly stall if not stop IPv6
> deployments in enterprises if there isn’t at least the choice of static,
> single IPv6 addresses per device. SLAAC will probably be a complete
> non-starter in many corporate environments. It is in ours. The more
> ideologues preach about restoring peer-to-peer connectivity, dynamic IPs,
> privacy addresses, etc… the less penetration IPv6 will happen in corporate
> networks.
>
>
> So, the critical piece of what you assert above appears to be "static",
not "single".  If a local address management system is always configured to
hand out the same /N to the same device, there doesn't seem to be a
requirement in the above that N=1.

Lorenzo has detailed why N=1 doesn't work for devices that need to use xlat
or which might want to tether other devices; he's volunteered to work with
folks on a document and to write code for the case where a device
successfully gets a useful value of N>1.

Can you help me understand why that doesn't work for you?

On the related topic of privacy addresses, I believe we should all be ready
for increasing variability in MAC address emitted by devices, and that if
you are intending to use MAC auth to assign that /N, you may now  be or
will soon be surprised.  In addition to the work Apple has done and which
can be done with Android, see the IEEE work here:

http://www.ieee802.org/PrivRecsg/

regards,

Ted