[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Ipv6 addressing for Core network
- Subject: Ipv6 addressing for Core network
- From: mysidia at gmail.com (Jimmy Hess)
- Date: Wed, 9 Feb 2011 01:33:52 -0600
- In-reply-to: <[email protected]>
- References: <[email protected]>
On Tue, Feb 8, 2011 at 10:24 PM, Vikas Sharma <vikassharmas at gmail.com> wrote:
> Hi, > I am looking for the recommendation for core interfaces IP addressing schema
> for Ipv6. Some different views are (PE- P - PE, point to point link) as
> below -
> 1- ?Use Public Ipv6 with /122 and do not advertise to Internet
> 2- ?Use Public Ipv6 with /127 and do not advertise to Internet
/122 and /127 do not lie on a nibble boundary. Not recommended,
try /124 or /120 instead.
Especially if you intend to have multiple such PtP networks share the same /64.
> 3- ?Use Unique local ipv6 address
I recommend against non-public addressing for V6 point to point links,
if these links are used directly for internet connectivity; there can be issues
that creates for network diagnostics such as ping/traceroute.
Especially in regards to sourcing pings from the PtP interface.
> 4- Use Public Ipv6 with /64
I would give that a provisional thumbs up: subnetting at the /64
boundary is what is
indicated by RFC in regards to IPv6 addressing architecture; it
doesn't matter that PtP
links only have 2 hosts, the IPv6 addressing architecture calls for a
64-bit interface ID
and 64-bit network ID, meaning /64.
The provisional condition, is that there are other considerations
addressing. For now, there are reasons to configure a longer /120
prefix for those
interfaces, even while addressing on /64 boundaries.
Suggesting: set aside a dedicated /64, within public announced allocation,
and pick some /120 inside that /64 for the actual link.
/64 subnet, with /120 mask on the link.
Recommendation is a combination of (1) and (4).
For now, long configured netmasks for such links ensure SLAAC does not
operate on them,
and may head off some possible DoS risk in regards to sweep attacks /
NDP table overflow,
which can be of substantial concern for at least some devices.