Saturday, 23 November 2024

DHCPv6 prefix delegation

Let's start with the most basic definition of DHCPv6 prefix delegation: it is a feature of the DHCPv6 protocol that allows a DHCPv6 client to request and receive an entire IPv6 prefix (not just an IPv6 address) from a DHCPv6 server.

Perhaps this mechanism is not as well known as the much more common scenario in which DHCPv6 (and/or DHCP IPv4) provides a single address to a requesting client device, for example, a laptop or smartphone, thus allowing that device accesses the network.

For comparison, the original definition of prefix delegation in RFC 3633: IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6 describes a mechanism for prefix delegation from a delegating router [DHCPv6 server]. to requesting routers [DHCPv6 clients] that a service provider will use to assign a prefix to a customer premises equipment (CPE) [ONT/ONU] that acts as a router between the subscriber's internal network and the provider's core network of services. (Recall that the original DHCPv6 specification was updated in RFC 8415: Dynamic Host Configuration Protocol for IPv6 (DHCPv6).

Before looking at an example of this mechanism, let's consider what this same configuration looks like if we use IPv4:

 

 

An ONT/ONU device (for example, a CPE/cable modem that includes a router and perhaps a wireless access point) connects and requests, via DHCP from the upstream ISP router, a publicly routable IPv4 address to assign to its ISP router /interface with Internet connection. Meanwhile, the CPE's own internal interface is pre-configured with a private network (RFC1918) (e.g. 192.168.1.0/24). A DHCP server runs on the CPE to assign individual addresses to requesting end users. Because private addresses are a shared resource and are not globally routable, the CPE router must also use IPv4 network address translators (NAT44) to allow end users to access the Internet.

Now let's look at the configuration for IPv6:

 

 

In the case of IPv6, the ONT/ONU/CPE device requests both an IPv6 address and an IPv6 prefix (this is the delegated prefix from DHCPv6 prefix delegation). Both the address and prefix are derived from a larger prefix distributed to the ISP and taken from the publicly routable Global Unicast Allocation (GUA) of 2000::/3. As in the case of IPv4, a single public IPv6 address is assigned to the external interface of the CPE. But unlike IPv4, the CPE router uses the publicly routable IPv6 prefix to assign individual IPv6 addresses to end users. These addresses assigned to end users are also publicly routable and avoid the need for the CPE router to provide NAT, a mandatory requirement when using private IPv4 addresses. The CPE router can use DHCPv6 or SLAAC (or even both) to assign addresses to end users from the delegated prefix. The prefix size delegated by the ISP to the CPE can range from /64 (not recommended for reasons detailed below) to /48, although /56 per customer is a fairly common allocation among ISPs.

A single /64 provides the same number of IPv6 addresses as the entire IPv4 Internet squared (about 4.3 billion times 4.3 billion!)—obviously more than enough for a network of any size, let alone a residential network. In comparison, a /60 provides 16 /64 prefixes, while a /56 gives us 256 /64 prefixes. And a /48? That's 65,536 /64 prefixes! You may be wondering what the benefit is of having so many additional prefixes delegated to a home network. One possible answer is that as residential networks become more sophisticated and have greater performance and security requirements, applications and services may require and benefit from greater network segmentation. Having a large number of IPv6 prefixes available to more easily meet these requirements should facilitate and promote innovation, better performance and new features for residential networks. Until then, it's a great opportunity for a nerd to try out different configurations in the IPv6 Networking Lab!

As I already mentioned, it is not recommended that an ISP delegate a single /64 prefix to a customer. First, a single /64 would not give the customer's home network any additional subnets or the benefits that these additional subnets entail, either now or in the future. And since there are also proposals in the IETF for the eventual assignment of a /64 per interface , residential networks could end up needing many, many more /64 prefixes and, therefore, a much greater delegation of IPv6 prefixes than what is expected. is currently required or recommended.

 

Link: https://blog.lacnic.net/ipv6/delegacion-de-prefijos-dhcpv6

NOCPERU - DATA CENTER, is the first corporate data center dedicated to companies, a robust and stable system developed with fiber optic connectivity and operated by the highest international standards.

Contact Us

Trujillo, La Libertad, Perú
01 641 1239
044 64 3108
01 305-749-5753
+51 902 524 298