IPv6 prefixes longer then /64: are they possible in DOCSIS networks?
Bill Stewart
nonobvious at gmail.com
Wed Nov 30 22:46:05 UTC 2011
On Tue, Nov 29, 2011 at 3:46 AM, Dmitry Cherkasov <doctorchd at gmail.com> wrote:
> Currently I research on IPv6 provisioning systems and I need to decide
> whether the ability to use longer then /64 prefixes should be
> supported in them or not. If we restrict user to using /64 per network
> we need to have convincing reasons for this. Best practice and common
> sense stand for using /64 but this may be not sufficient for some
> people.
There's a very strong case to be made for "Be conservative in what you
generate and liberal in what you accept" here.
One of the primary reasons for using /64 everywhere is the fear that
somebody somewhere in your network built some piece of equipment or
software that you're using that doesn't let you use prefixes longer
than /64, and you don't want to have to find them all the hard way.
Please don't be that piece of software!
My organization uses longer addresses for equipment we control because
we have different ops folks handling routers, firewalls, load
balancers, miscellaneous control boxes, etc. and it lets them keep
track of who's in charge of what address space without requiring a /47
out of the customer's /48 network just for the management subnets for
the equipment we manage for them. We've also found that in production
networks, /126 usually is too long a prefix, because often we'll be
doing high availability configurations with HSRP/VRRP, so it's cleaner
to be /124 or shorter (plus nibble-aligned or byte-aligned address
blocks make report generation less ugly.)
--
----
Thanks; Bill
Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.
More information about the NANOG
mailing list