ULA prefix lifetime

Bjørn Mork bjorn at mork.no
Fri Nov 22 01:08:08 PST 2024 

Michael Richardson <mcr at sandelman.ca> writes:
> Michael Richardson <mcr at sandelman.ca> wrote:
>     > chriss <chriss-lists at posteo.mx> wrote:
>     >> I happens that I have to reconnect my VDSL (update of router, tripped over
>     >> cable, whatever) - with that I get a new IPv6 prefix delegated. Now my
>     >> clients have 2 prefixes/addresses. The old one (before the router
>
>     > :-(
>     > {Your ISP should avoid that kind of thing; IPv6 being plentiful there is no
>     > reason not to just statically allocate them all into the (radius) database,
>     > and just renumber people when there are major re-balancing.}
>
> DHCPv6-PD lets the client say if they want new things, or they want to renew
> what's there.   So ISPs and regulators can comply to the end-user's wish.

This is much harder to implement in a robust design than pure static or
pure dynamic prefix allocation.

If you only do static then you get away with a read-only local (to
DHCPv6 frontend or RADIUS backend) database.  If you only do dynamic
then you get away with a local (to DHCPv6 frontend) writable
database. When you combine them then you end up with a database having
distributed update sources.  Of course possible, but with lots of new
corner cases and fault situations to handle. That's hard to justify
based on some perceived, but invalid, privacy argument.

Just my thoughts from the ISP perspective.

FWIW, we ended up with static /48 allocations to all end users after a
handful of us tested out different solutons on our own home LANs.  The
experience was that renumbering of the local LAN is brutal even with
IPv6.  There are always some device with a static address, or acl, or DNS
entry, or something like that.  Forcing end users to renumber their LAN
would make IPv6 less useful. And although no one needs a /48, there is
really no reason not to.  It guarantees that renumbering or translating
from any other ISP prefix is possible, which is good for business.  And
it allows checksum neutral prefix translation from any /64.

There has been very few complaints after more than 10 years in service.
End user privacy is of course important, but randomizing IP addresses
has little value.  ISPs are required to keep track of the assigned
addresses anyway. And all the bad actors you might worry about are fully
cabable of tracking you across any variable.  They have plenty of other
sources even if you remove the IP.  They will map your new address to
you instantly no matter how often it is rotated. Sure, you can argue
that it's theoretically better to randomize the inputs you can.  But the
real value is insignificant. And the cost of LAN remubering for the end
user is high.



Bjørn

More information about the openwrt-devel mailing list