Why use DHCPv6 over Stateless Address Autoconfiguration?

by Jeff   Last Updated September 12, 2019 01:00 AM

IPv6 and RFC 2462 provide a means for hosts to configure their own IP addresses via stateless address autoconfiguration. To me this seems like the bee's knees, and it leaves me wondering why someone would want to go through the trouble of configuring a DHCPv6 server instead. I don't manage networks as a profession, so I'm guessing that there are some obvious simple reasons why one would want to support DHCPv6 that don't occur to me. Could someone please elaborate on what these reasons might be?

Tags : dhcp ipv6 radvd ndp


Answers 7


One thing that DHCPv6 supplies that autoconfig doesn't is DNS servers.

becomingwisest
becomingwisest
February 28, 2011 04:35 AM

DHCPv6 provides more control to the administrator in assigning addresses. If you really want that sort of control over your IPv6 addresses, you don't understand IPv6 yet.

It also can be used to provide additional configuration parameters beyond the basic address/gateway supported through autoconfiguration. An example might be WINS servers, NTP servers, TFTP boot servers, and other less common options. None of which are worth the pain of deploying a DHCPv6 architecture in my opinion.

Stick with autoconfig.

eater
eater
February 28, 2011 04:45 AM

You want DHCPv6 if

  • the network administrator should have control over who gets (which) IPv6 addresses, e.g. because they need to be in sync with AAAA DNS records, or
  • if you don't want to tell the outside your MAC addresses (i.e. what hardware vendors you use), but don't want to use privacy extensions either, e.g. to still use permanent IPv6 addresses, or
  • if you want the same dynamic DNS updates for IPv6 which you're used from your DHCP(v4) server for IPv4.
Axel Beckert
Axel Beckert
December 12, 2014 23:11 PM

DHCPv6 has many features not present in SLAAC. Most of those features are rarely needed.

There is however one DHCPv6 feature, which would be useful in many cases. That is prefix delegation. If you are a network administrator at an ISP, that one feature may be enough for you to make it worthwhile to deploy a DHCPv6 server. If you are not working for an ISP, you probably don't need prefix delegation.

What prefix delegation can do is that the DHCPv6 server at the ISP can tell the CPE router which range of addresses it can use for its internal LAN(s). Without prefix delegation only the WAN interface of the router could be autoconfigured. The LAN would need to be manually configured.

The CPE router would act as DHCPv6 client. It would not need to act as DHPv6 server, since the LAN(s) can just use SLAAC.

kasperd
kasperd
December 12, 2014 23:32 PM

The whole point of ipv6 is for every device to have a permanent unique address that can be routed (found) in the network. The 'D' in DHCP stands for 'Dynamic' which was needed in ipv4 when ipv4 address exhaustion started to be a problem. ipv4 addresses could no longer be assigned without having routing problems. That is not the case with ipv6.

It is not needed. It defeats the point of having a bigger ip address space.

DHCPv6 foments an stratified ip address space. Not a good idea as we have seen with ipv4.

Stick with autoconfig.

Jose Luis Quiroga Beltran
Jose Luis Quiroga Beltran
September 14, 2016 14:01 PM

Dhcpv6-PD is actually really efficient in the sense of ad-hoc networks. Got a computer that can't use ndp to get dns, so have to use dhcp to get dns, tftp and certificate server. Also, dhcpv6 is good for prefix delegation, I like to assign /128 addresses.

Omoeba
Omoeba
November 21, 2016 15:32 PM

SLAAC was a good attempt to autoconfig addresses and remove the centralization that a DHCP server obliges. In a IPv4 network with all devices' addresses handled by DHCP server, if it fails, soon enough (when leases start expiring), nobody will be able to talk anymore.

But SLAAC lacks features. In example, if you wanna attribute a local domain name for every device, you're gonna need a local DNS server anyway. If all connections are done by these names instead of (very) long IPv6 addresses, then you have back your centralized server giving you neat features and that irritating risk. Then, if you have a DNS server, then a DHCP one isn't big issue.

Another example, if you have multiple VLANs. Say you wanna restrict only known devices to your VLAN, and configure another one for new yet-unknown devices. This VLAN can't access Internet and neither see your devices. Then a DHCP server comes at hand.

A big issue with SLAAC is that a device's address has its MAC. It was ingenuous to do that, as it increased address size and reduced privacy, some say security too. DHCP server allows you to use other rules to set addresses.

Hikari
Hikari
September 12, 2019 00:27 AM

Related Questions


Setting up stateful DHCPv6 on Linux

Updated September 06, 2018 15:00 PM


radvd dynamic global prefix subnetting

Updated June 26, 2017 08:00 AM

Radvd sending advertisement to the wrong interface

Updated October 17, 2015 05:00 AM