Internet Protocol version 6 address management

From Citizendium
Revision as of 13:03, 1 September 2008 by imported>Howard C. Berkowitz (snapshot)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
This article is developing and not approved.
Main Article
Discussion
Definition [?]
Related Articles  [?]
Bibliography  [?]
External Links  [?]
Citable Version  [?]
 
This editable Main Article is under development and subject to a disclaimer.

Template:TOC-right

For more information, see: Internet Protocol version 6.
See also: Internet Protocol version 6 deployment

This article deals with the process of obtaining and managing Internet Protocol version 6 (IPv6) address space. The size and other characteristics of the address block assigned will affect many aspects of deployment.

Best practices are evolving. Sources used here include the ARIN IPv6 wiki [1], the IPv6 Portal [2]

General principles, perhaps counterintuitive to IPv4 experience

Subnet assumptions

Each LAN, VLAN, etc. should be a /64. Remember that 48 bits of that will be used by stateless autoconfiguration, but the remaining /24 bits gives quite a bit of room for internal aggregation (e.g., OSPF areas).

Aspects of good IPv6 management will be quite counterintuitive for experienced IPv4 network designers and administrators. For example, IETF expects that you will assign a /64 for point-to-point links.

  • Fewer typos because all subnets are the same size
  • You can use longer prefixes but what's the point?
  • /126 will break Mobile IPv6 Home Agent discovery
  • /112 leaves final 16 bits free for Node IDs
  • Use /64 unless you have read and understand RFC 3627 [3]

Private addresses

Before assuming the need for private addresses in the style of RFC1918, think long and hard about why they are needed in an IPv6 context. Even in IPv4, RFC1918 has not been a panacea, especially after mergers and divestitures, or a need for an extranet VPN, or simply to expand the address space.

The IPv6-ish way to creat a ULA prefix as defined in RFC4193[4]

  • Use http://www.sixxs.net/tools/grh/ula/ web tool to generate one
  • Add it to the registry at the above site, if you want people to know that this is your private space
  • Make sure your internal registry people are aware of your ULA prefix(es) so that everybody uses

End user organizations

The enterprise network should receive a prefix sufficient to provide a /48 allocation for each site (office/campus/PoP) at which the company has employees or systems.

Organizations may have multiple /48s for groups of sites; there will need to be justification that the larger blocks will be adequately used, according to address registry guidelines, within five years.

Orgainzations with multiple /48 allocations should consider enterprise-wise aggregation levels of /60 or larger blocks for the administration of enterprise policies for common functions such as:

  • DMZ
  • Realtime traffic, such as voice & video
  • Network loopback addresses and Link space

End user sites

For end user sites, the basic allocation is assumed to be a /48, which allows 65k subnets. When considering this number of subnets, remember that the large address space is meant to avoid the complexities of the many lengths of subnets common in real-world IPv4 implementations. No subnets, with possible exceptions for loopbacks, will use prefixes longer than /64; the /128 loopbacks will come out of a specific /64 block.

Service providers

All customers get one /48 unless they can show that they need more than 65k subnets.

  • Host count is irrelevant.
  • Do not assign to customers from PoP aggregates
  • Define aggregate areas which contain several PoPs
  • Carry customer networks in iBGP
  • Aggregate only in eBGP
  • If you have lots of consumer customers you may want to assign /56s to private residence sites.

Expect the registry to allocate a /32 and reserve one /32

  • Plan for the time when you get a second allocation giving you a /31 aggregate.
  • If you get more than /32 first time round, ask the RIR how much is reserved so you can plan appropriately.

References

  1. American Registry for Internet Numbers, IPv6 Addressing Plans
  2. IPv6 Forum
  3. P. Savola (September 2003), Use of /127 Prefix Length Between Routers Considered Harmful, RFC3627
  4. R. Hinden, B. Haberman (October 2005), Unique Local IPv6 Unicast Addresses, RFC4193