stateful vs stateless how to choose - frnogmedia.frnog.org/frnog_19/frnog_19-3.pdfstateful vs...
TRANSCRIPT
![Page 1: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/1.jpg)
© 2011 Infoblox Inc. All Rights Reserved.
Paul Ebersman, IPv6 Evangelist @paul_ipv6, [email protected]
Stateful vs Stateless. How to choose.
FRNOG19 – 29 Jun 2012
1
![Page 2: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/2.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 2
IPv4 Address Assignment
![Page 3: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/3.jpg)
© 2011 Infoblox Inc. All Rights Reserved.
The good old days
§ With IPv4, only two methods:
– Static
– DHCPv4
3
![Page 4: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/4.jpg)
© 2011 Infoblox Inc. All Rights Reserved.
Types of Addresses
§ Global/routable addresses
§ “Private” RFC 1918 non-routable
§ Anycast (sort of)
4
![Page 5: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/5.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 5
IPv6 Address Assignment
![Page 6: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/6.jpg)
© 2011 Infoblox Inc. All Rights Reserved.
More choices!
§ Classic: static
§ StateLess Address Auto Configuration (SLAAC)
§ Stateless DHCPv6
§ Stateful (full DCHPv6)
6
![Page 7: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/7.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 7
Address Types
§ Unicast
§ Multicast
§ Anycast
![Page 8: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/8.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 8
Address Scope
§ Link Local
§ Global Unicast
§ Unique Local
§ Transition
§ Misc (Site Local, Reserved, Special)
![Page 9: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/9.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 9
SLAAC
§ SLAAC == StateLess Address AutoConfiguration
§ Uses Router Advertisement (RA) messages
§ Network policy moved to the edge
![Page 10: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/10.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 10
SLAAC Sequence
§ Client configures link-local address – Generates 64 bit host ID – Combines link local prefix and EUID to generate
tentative address ( such as fe80::028c:f5ff:fe05:4235)
– Does DAD (Duplicate Address Detection) • Sends a multicast Neighbor Solicitation message
containing its new tentative address to the solicited node address
• If no other node responds with a Neighbor Advertisement using that address, the host configures itself with that address
![Page 11: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/11.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 11
SLAAC Sequence cont.
§ Host now looks for Router Advertisement (RA) Messages
– Sends multicast Router Solicitation message
– Listens for RA messages – Configures itself based on contents of
RA message, including doing DHCPv6
![Page 12: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/12.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 12
RA Message Contents
§ Local prefix(es), including A (autonomous address configuration) flag
§ Router info § Router's link-level address § Lifetime of default route § Router priority
§ Flags: M (ManagedAddress) flag and O (OtherConfiguration) flag
§ Maximum Transmission Unit (MTU) of upstream link
![Page 13: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/13.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 13
Not in RA Messages…
§ RDNS server
§ NTP or “other” configuration
§ RFC 6106 for RDNS in RA
– Lack of client support…
![Page 14: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/14.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 14
DHCPv6
§ “public” or “private” (temporary) addresses
§ RDNS server, NTP, TFTP, Vendor options
§ Update DNS with A/PTR
§ But no default route!
![Page 15: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/15.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 15
Decisions, Decisions
![Page 16: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/16.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 16
Differences
§ DHCPv6
– Filter/control access – Update IP address management system – Update A/PTR records in DNS – Further from client, more centralized – Handles more complex configs,
phones, printers, etc.
![Page 17: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/17.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 17
Differences
§ SLAAC
– Local/fast – Light weight – Decentralized – No logging, A/PTR updates or
IPAM updates
![Page 18: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/18.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 18
Your priorities
§ Do you have auditing or logging requirements?
§ Centralized or distributed management
§ Technical level of support staff
§ Range of different gear?
![Page 19: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/19.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 19
Centralized model
§ Need auditing
§ Need access control
§ Senior technical staff not everywhere
§ DHCPv6 is your friend
![Page 20: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/20.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 20
Coffee House
§ Baristas are not networking folks
§ Customers just need it to work
§ No logging, lease churn would be burden
§ Small range of client machines
§ SLAAC!
![Page 21: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/21.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 21
DHCPv4-like DHCPv6
§ Send RA messages with A=0, O/M=1
§ DHCP for all configurations except default route
§ DHCP server does A/PTR and IPAM updates
![Page 22: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/22.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 22
Coffee House Setup
§ Send RA messages with A/O=1, M=0
§ Send RDNS in RA messages
§ DHCP server does no leases, just gives DNS for clients that can’t do RFC 6106
![Page 23: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/23.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 23
Questions?
![Page 24: Stateful vs Stateless How to choose - FRNOGmedia.frnog.org/FRnOG_19/FRnOG_19-3.pdfStateful vs Stateless How to choose FRNOG19 – 29 Jun 2012 1 © 2011 Infoblox Inc. All Rights Reserved](https://reader030.vdocuments.mx/reader030/viewer/2022011800/5ad019587f8b9a56098df92f/html5/thumbnails/24.jpg)
© 2011 Infoblox Inc. All Rights Reserved. 24
Thank you!