or you'll have to set IPv6 addresses on server-like devices manually.
If you use SLAAC/NDP on the LAN side, won’t these server-like devices get the same v6 address each time?
In theory yes. But when allowing devices to use SLAAC they often assume multiple addresses: one is MAC address based (and is thus deterministic, hence usable in server-like scenarios), others are random (and many times with limited life time) and are used for outgoing connections. So if one wants to use IPv6 statefull firewall and control egress connections, SLAAC addresses can be a pain in the back side.
However, migrating service to another server (which will likely have different MAC address on NIC if not hosted in a VM) in such case will cause major service disturbance (it can take long time before change in DNS entry gets propagated to outskirts of our galaxy).
And: paranoid administrators don't want to reveal server's MAC address to the whole universe, it's a security issue
(never mind that MAC address of a device behind a router is useful in very limited extent and if it becomes usable, that firewall/router has other bigger issues).The whole thing about IPv6 prefix delegation can be a pain: from router's POV they are most of times dynamic (even if router always gets the same ... it still has to request prefix so that upstream devices get properly configured to route the whole prefix to the router). Using the prefixes entirely inside ROS is fine (prefix gets stored in a pool, interface addresses are taken from pool; if delegated prefix changes, the change is propagated down to interface addresses and via ND to connected devices). But as soon as one has to use anything external to ROS (either proper DHCPv6 server or public DNS server), life gets complicated. MT's cloud is very usable in IPv4 (since most users receive a single IP address and any servers behind the router then depend on NAT), any services provided can be simple CNAME to <serailnumber>.sn.mynetname.net . But with IPv6 it's not directly usable because referenced IPv6 address will only correspond to router itself while server IPv6 addresses are only mildly related.
Statistics: Posted by mkx — Mon Mar 04, 2024 10:44 am