IPv6 - real vs theoretical problems

• Previous message (by thread): IPv6 - real vs theoretical problems
• Next message (by thread): IPv6 - real vs theoretical problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 6, 2011 at 5:00 PM, Deepak Jain <deepak at ai.net> wrote:
> Wouldn't a number of problems go away if we just, for now, follow the
> IPv4 lessons/practices like allocating the number of addresses a
> customer needs --- say /122s or /120s that current router
> architectures know how to handle -- to these boxes/interfaces
> today, while just reserving /64 or /56 spaces for each of them
> for whenever the magic day comes along where they can be
> used safely?

Hi Deepak,

No. IPv6 is only *almost* the same as IPv4. Drill these three
differences into your mind and you should do just fine:

/64 LAN netmask
nibble delegation boundary
how many LANs (not hosts!) in this stub network?

Without going into the technical details, IPv6 has been engineered
with the intention that any netmask will work but a /64 netmask works
distinctly better. Don't think of it as a 128 bit address. Think of it
as a 64 bit network address plus a 64 bit host address. Apply IPv4
lessons to the 64 bit network address. The 64 bit host address is for
the customer, the same way the 16-bit TCP port is for the customer.

IPv6 has been rigged so that address space naturally delegates on
nibble boundaries. It's one NS entry in the RDNS zone. It's an exact
string of characters in the hexadecimal written form. Should you
delegate on a different boundary, you invite all the common
difficulties human beings have evaluating a netmask and add in the
trouble dealing with base 16, rarely for any discernible gain.

In IPv4 you think about how many addresses do I need to accommodate X
hosts. This mental model does not match IPv6's technology model. If
LANs are always /64, how many LANs does this stub network require?


Example: Customer A has a gaming PC in a DMZ and two surfing PCs. How
many IPv6 addresses?

1 LAN (/64) for the DMZ
1 LAN (/64) for the PCs
1 LAN (/64) between the firewall and the router
round up to the nibble boundary: 16 LANs (/60)

Consider providing a /56 or a /48 instead of a /60 so that there's
lots of room for expansion, dynamic interior delegation or whatever.
But /60 is your absolute floor. Less will turn out to be like telling
the same customer to use 192.168.1.252/30: technical difficulties will
promptly ensue.

Regards,
Bill Herrin


-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004

• Previous message (by thread): IPv6 - real vs theoretical problems
• Next message (by thread): IPv6 - real vs theoretical problems
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]