Questions on IPv6 deployment

• Previous message (by thread): Questions on IPv6 deployment
• Next message (by thread): Questions on IPv6 deployment
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

> Suggest /128's for loopbacks and /124's for point to points, all from
> the same /64. This way you don't burn space needlessly, don't open
> yourself to neighbor discovery issues on point to points

I usually reserve one /64 for loopbacks, reserve a /64 per point-to-point connection and configure a /127 using ::a on one side and ::b on the other. All of these from a block reserved for infrastructure for filtering:

> and can
> filter inbound Internet packets to that /64 in one fell swoop so that
> it's harder to hit your routers directly. Just make sure not to filter
> the outbound packets.

Having a single block for infrastructure makes this very easy. In most cases I don't need to worry about "burning space needlessly" so I reserve /64s per point-to-point. Worrying about "wasting" address space is more often an IPv4-ism than good practice with IPv6 IMHO :-)  But it all depends on the complexity of your network. There are cases where it makes sense to think about this.

> Reminder: No matter what size you pick, use nibble boundaries for
> visual and DNS convenience. So /124, not /126.

Good advice!

Cheers,
Sander

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20170117/14451796/attachment.sig>

• Previous message (by thread): Questions on IPv6 deployment
• Next message (by thread): Questions on IPv6 deployment
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]