On 2/18/22 12:34 PM, Marc Haber wrote:
> DHCPv6 does perfectly coexist with SLAAC.

Yes and no.

Yes they perfectly co-exist in a /64, presuming there aren't conflicts.

No, they don't mix well when something other than a /64 is used in
conjunction with DHCP.

> SLAAC provides basic connectivity, allowing management access. And then
> DHCPv6 comes in and statelessly provides additional operational data.

If we apply Occam's Razor (the simpler solution is usually better) and
Parsimony (we only need one solution) to the two possible solutions DHCP
or DHCP+SLAAC, we quickly see that SLAAC is not /strictly/ necessary.

--
Grant. . . .
unix || die

Am Freitag, 18. Februar 2022, um 13:41:50 Uhr schrieb Grant Taylor:

> All three of these require some very basic knowledge of what clasfull
> networking is.

I agree.
Also it is helpful to know the history to know why the default mask in
Windows is depending on the IP address entered. I also only understood
that after knowing what classful IPv4 is.

Grant Taylor <gtaylor@tnetconsulting.net> wrote:
>On 2/18/22 12:34 PM, Marc Haber wrote:
>> DHCPv6 does perfectly coexist with SLAAC.
>
>Yes and no.
>
>Yes they perfectly co-exist in a /64, presuming there aren't conflicts.

What kind of Conflicts do you mean? SLAAC has its own part of the /64,
so does privacy extensions. Just stay on your own turf with DHCP and
do not conflict.

>No, they don't mix well when something other than a /64 is used in
>conjunction with DHCP.

Using something other than a /64 is applying IPv4 practices to IPv6.
That's a decidedly bad idea.

>> SLAAC provides basic connectivity, allowing management access. And then
>> DHCPv6 comes in and statelessly provides additional operational data.
>
>If we apply Occam's Razor (the simpler solution is usually better) and
>Parsimony (we only need one solution) to the two possible solutions DHCP
>or DHCP+SLAAC, we quickly see that SLAAC is not /strictly/ necessary.

SLAAC adds complexity. Stateless DHCPv6 removes more complexity than
SLAAC adds.

--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Marco Moock <mo01@posteo.de> wrote:
>Am Freitag, 18. Februar 2022, um 20:33:06 Uhr schrieb Marc Haber:
>
>> This is just choosing a different prefix for your network. There is no
>> magic in that.
>
>But to do that correctly you need to be aware how subnetting works.
>You need to understand what /<any number> means etc.

Yes, agreed. IPv4 subnetting is more than just knowing that.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Grant Taylor <gtaylor@tnetconsulting.net> wrote:
>1) There is a *HUGE* /difference/ in explaining what something is
>verses advocating for it's use.
>
>Point in case: Marc, you couldn't be as strong an advocate against
>classfull networking if you weren't aware of it.

I want people to stop knowing about it. It has been irrelevant in the
internet for nearly three decades. You are free to run your own
private internet with classful addressing as long as you don't try to
connect to the Internet. Then pain begins. If you don't know about
classful networks, you're not tempted to use that knowledge.

>2) Most people need at least some understanding off why something is
>bad in order to choose not to sue it. That is predicated on having a
>minimal understanding of what said thing is.

Not knowing is fine.

>3) If people have never been exposed to something, much less why it's
>bad, there is a reasonable chance that some of them will either
>re-invent (a variant of) it or discover it and take it up as a good idea.

I am not against telling people in the last hour of class "now that
you know how things work, I'm going to tell you how things started.
This is just a history lesson, don't ever try to implement this on the
Internet."

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Marco Moock <mo01@posteo.de> wrote:
>Am Freitag, 18. Februar 2022, um 13:41:50 Uhr schrieb Grant Taylor:
>
>> All three of these require some very basic knowledge of what clasfull
>> networking is.
>
>I agree.
>Also it is helpful to know the history to know why the default mask in
>Windows is depending on the IP address entered. I also only understood
>that after knowing what classful IPv4 is.

All you nee to know about this is "Windows is going to paste some
wrong value in the netmask/prefix field, just ignore it and enter the
correct value".

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

On 2/19/22 2:03 AM, Marc Haber wrote:
> What kind of Conflicts do you mean?

Different /64 prefixes. }:-)

> Using something other than a /64 is applying IPv4 practices to IPv6.

And yet this very thread has talked about /56 or even /48 from
providers. Those aren't /64.

> That's a decidedly bad idea.

Let's agree to disagree.

> SLAAC adds complexity. Stateless DHCPv6 removes more complexity than
> SLAAC adds.

So why is SLAAC actually /needed/ in a DHCPv6 environment?

--
Grant. . . .
unix || die

On 2/19/22 2:07 AM, Marc Haber wrote:
> I want people to stop knowing about it.

....

> I am not against telling people in the last hour of class "now that
> you know how things work, I'm going to tell you how things started.
> This is just a history lesson, don't ever try to implement this on
> the Internet."

You just contradicted yourself.

If you want people to stop knowing about it then you also want to not
tell them about it at any point in class.

If you want to provide the history lesson -- ostensibly for those that
care -- then you don't want people to stop knowing about it.

So, which is it?

--
Grant. . . .
unix || die

On 2/19/22 2:03 AM, Marc Haber wrote:
> Using something other than a /64 is applying IPv4 practices to IPv6.

I have seen people use something other than /64 on networks as memory
protection against exploding a neighbor cache on a link with very few
systems. E.g. a mostly point to point link using a /120 ~ /124 or even
a /127. Particularly on non-point-to-point links that are used as
point-to-point links, e.g. Ethernet cross over cable.

The reason for the /120 ~ /124 is to allow multiple / redundant devices
on either end.

--
Grant. . . .
unix || die

On 2/19/22 2:03 AM, Marc Haber wrote:
> Using something other than a /64 is applying IPv4 practices to IPv6.

I've seen people use /128s out of a single /64 for (primary) loop-back
addresses on all their routers.

--
Grant. . . .
unix || die

Grant Taylor <gtaylor@tnetconsulting.net> wrote:
>On 2/19/22 2:03 AM, Marc Haber wrote:
>> What kind of Conflicts do you mean?
>
>Different /64 prefixes. }:-)

That's peaceful and working and desired parallel existence, not a
conflict.

>> Using something other than a /64 is applying IPv4 practices to IPv6.
>
>And yet this very thread has talked about /56 or even /48 from
>providers. Those aren't /64.

A /56 is 256 /64 networks. Noone with basic understanding would
configure a /56 on a single broadcast domain outside of a lab setting
("let's see whether it works, and if not, which color will the smoke
have?").

>> SLAAC adds complexity. Stateless DHCPv6 removes more complexity than
>> SLAAC adds.
>
>So why is SLAAC actually /needed/ in a DHCPv6 environment?

If you want to do stateless DHCPv6, you'd better have SLAAC.

The idea of having DHCPv6 without SLAAC is usually either born out of
IPv4 thinking or from Corporate "Security".

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Grant Taylor <gtaylor@tnetconsulting.net> wrote:
>On 2/19/22 2:03 AM, Marc Haber wrote:
>> Using something other than a /64 is applying IPv4 practices to IPv6.
>
>I have seen people use something other than /64 on networks as memory
>protection against exploding a neighbor cache on a link with very few
>systems. E.g. a mostly point to point link using a /120 ~ /124 or even
>a /127. Particularly on non-point-to-point links that are used as
>point-to-point links, e.g. Ethernet cross over cable.

Yes. One can detect networks built by experienced IPv4 people by
seeing multiple /120 crammed into a sincle /64 address space to "save"
addresses. Experienced IPv6 people will reserve a /64 per transfer
network and just use a /120 from that.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Grant Taylor <gtaylor@tnetconsulting.net> wrote:
>On 2/19/22 2:03 AM, Marc Haber wrote:
>> Using something other than a /64 is applying IPv4 practices to IPv6.
>
>I've seen people use /128s out of a single /64 for (primary) loop-back
>addresses on all their routers.

I bet you'll find some more exceptions if you look closely enough. But
that's just proving the rule.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Am Samstag, 19. Februar 2022, um 17:03:46 Uhr schrieb Grant Taylor:

> So why is SLAAC actually /needed/ in a DHCPv6 environment?

It isn't needed. You can enable it by setting the A flag for a prefix,
but a network works perfectly fine without SLAAC. Just don't set the A
flag for the prefix, but set the M flag in the Router Advertisement to
tell the computers that they should contact a DHCPv6 server via
link-local multicast. I already tried in a test environment with ULA
addresses.

Am Sonntag, 20. Februar 2022, um 07:39:46 Uhr schrieb Marc Haber:

> The idea of having DHCPv6 without SLAAC is usually either born out of
> IPv4 thinking or from Corporate "Security".

Or if you like that a computer gets a "specific" address and not one
that it generates via privacy extensions (default in most OSes).

Marco Moock <mo01@posteo.de> wrote:
>Am Sonntag, 20. Februar 2022, um 07:39:46 Uhr schrieb Marc Haber:
>> The idea of having DHCPv6 without SLAAC is usually either born out of
>> IPv4 thinking or from Corporate "Security".
>
>Or if you like that a computer gets a "specific" address and not one
>that it generates via privacy extensions (default in most OSes).

I regularly run SLAAC with preferred lifetime 0. The machine will then
generate an address and set it as deprecated, which means that this
address is only used if there is no alternative. The static IP address
for the service is either locally configured or pushed in via
stateless DHCPv6.

That makes sure the machine is at least reachable (and thus fixable)
even if DHCP is broken.

systemd-networkd even has a feature that allows local configuration of
"in either prefix you have learned on that interface, statically
configure THIS interface ID", which will guide the machine seamlessly
even through prefix changes.

I honestly don't know how privacy extension addresses play in here,
but I'd expect that a privacy extension address on a prefix announced
with lifetime zero is either not generated at all or deprecated from
the very beginning.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

On 2022-02-20, Marc Haber <mh+usenetspam1118@zugschl.us> wrote:
> The idea of having DHCPv6 without SLAAC is usually either born out of
> IPv4 thinking or from Corporate "Security".

IPv4 thinking is the only thinking that counts as far as I am concerned.
No IPv6 here, not now, not ever.

--
------------------------------------------------------------------------------
18 Reasons I won't be vaccinated -- https://tinyurl.com/ebty2dx3
Covid vaccines: experimental biology -- https://tinyurl.com/57mncfm5
The fraud of "Climate Change" -- https://RealClimateScience.com
There is no "climate crisis" -- https://climatedepot.com
Don't talk to cops! -- https://DontTalkToCops.com
------------------------------------------------------------------------------

On 2/20/22 14:50, Roger Blake wrote:
> On 2022-02-20, Marc Haber <mh+usenetspam1118@zugschl.us> wrote:
>> The idea of having DHCPv6 without SLAAC is usually either born out of
>> IPv4 thinking or from Corporate "Security".
>
> IPv4 thinking is the only thinking that counts as far as I am concerned.
> No IPv6 here, not now, not ever.
>

get off the trump/fox news kool-aid, moron, and go back to school - if
you knew what you were talking about, you'd be dangerous.
Just because you can puke up that sig doesn't make you anything but a
ripe target for Darwin's Law.

So sorry, can't cure stupid.

jrg <jeff.g.group@att.net> wrote:
>So sorry, can't cure stupid.

This. Thanks for saying that.
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

On 2/20/22 3:50 PM, Roger Blake wrote:
> IPv4 thinking is the only thinking that counts as far as I am concerned.
> No IPv6 here, not now, not ever.

Unless you /actively/ disable IPv6, there is a very good chance that
IPv6 is enabled on contemporary devices /by/ /default/.

I remember when Microsoft started enabling IPv6 by default on server
OSs. It was possible to ignore it for a while. But then things started
to try to use it. As such, it required active management or active
disabling. That was 10-15 years ago.

--
Grant. . . .
unix || die

Grant Taylor <gtaylor@tnetconsulting.net> wrote:
>I remember when Microsoft started enabling IPv6 by default on server
>OSs. It was possible to ignore it for a while. But then things started
>to try to use it. As such, it required active management or active
>disabling. That was 10-15 years ago.

Do you guys know that Microsoft stopped testing Windows in IPv4 only
environments years ago? Do you really want to run all those untested
code paths?

If I remember correctly, on premises Exchange isnt even supported any
more in IPv4 only setups.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

On 2/21/22 10:41 AM, Marc Haber wrote:
> Do you guys know that Microsoft stopped testing Windows in IPv4 only
> environments years ago?

No, I was not aware of that.

> Do you really want to run all those untested code paths?

I feel like the IPv4 code paths are (quite close to) the same in both
IPv4 only and dual IPv4 and IPv6 environments.

> If I remember correctly, on premises Exchange isnt even supported
> any more in IPv4 only setups.

The first MUST HAVE IPv6 issue I ran into was related to Microsoft
Exchange. I think it was a 2003 or maybe 2008.

Back when I first ran into the MUST HAVE IPv6, I was able to get away
with a link-local IPv6 address in an otherwise IPv4 only environment 15
years ago.

--
Grant. . . .
unix || die

Am Montag, 21. Februar 2022, um 18:41:32 Uhr schrieb Marc Haber:

> If I remember correctly, on premises Exchange isnt even supported any
> more in IPv4 only setups.

It definitely works without global IPv6 connectivity, but sometimes
uses link-local IPv6 to communicate with other Exchange servers.

Marco Moock <mo01@posteo.de> wrote:
>Am Montag, 21. Februar 2022, um 18:41:32 Uhr schrieb Marc Haber:
>> If I remember correctly, on premises Exchange isnt even supported any
>> more in IPv4 only setups.
>
>It definitely works without global IPv6 connectivity, but sometimes
>uses link-local IPv6 to communicate with other Exchange servers.

Yes, that's what I remember.

Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " |
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834