On 4 December 2017 at 09:25, Michael Richardson <[email protected]> wrote:
>
> {did not make it in person, and had a conflict and I haven't watched the
> session on youtube yet}
>
> Kyle Larose <[email protected]> wrote:
> > - Question was raised about whether we should restrict the number of v6
> > addresses (one address, one prefix, etc).
>
> Was there any consensus?
>
> I don't see a way to restrict the number of v6 addresses per UE except via stateful
> DHCPv6, and few use that.
No consensus yet, IIRC.
<hats:off>
My opinion is that we cannot restrict IPv6 addresses (violation of
7934). And any captive portal that identifies clients solely by IPv6
address is going to give some UEs a royally painful experience. When
the downstream network architecture can include whole /64s given to
single devices (e.g. 64-per-host) the experience will get really bad.
This is just a reality of dealing with IPv6 (and I think it's a good
thing). We just need to adapt, and I think it actually points to some
constraints we can use to narrow down the solution space.
As I see it at the moment, the only future-proof options come down do:
- building into the portal/enforcement point knowledge of the
network architecture
- identifying clients by things that identify the device on-link
(e.g. MAC address)
- identifying clients by things that identify the link itself (DSL
line ID, /64, ...)
</hats>
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature