Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses)
Jeroen Massar
jeroen at unfix.org
Thu Oct 21 19:51:49 UTC 2010
On 2010-10-21 21:35, George Bonser wrote:
>
>
>> From: Jeroen Massar > Sent: Thursday, October 21, 2010 9:57 AM
>> To: Allen Smith
>> Cc: NANOG list
>> Subject: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 —
>> Unique local addresses)
>>
>> [Oh wow, that subject field, so handy to indicate a topic change! ;) ]
>>
>> Short answer: you announce both PA prefixes using Router Advertisement
>> (RA) inside the network. You pull the RA when a uplink goes
>> down/breaks.
>
> That assumes importing some sort of routing state into your RA config.
> Sort of a conditional RA. Can that be done today by anyone?
Should be possible with any vendor that supports IPv6.
If you take a vendor C box and the box dies (just pull the power plug to
test this or configure it with something funky ;), Neighbor Discovery
starts failing and every IPv6 stack that I know will deprecate the
routes over that gateway, and stuff fails over.
For 'production usage', let your monitor script login to your router,
whatever brand/make/model that is, and unconfigure the RA or heck kill
the radvd daemon.
>> Sessions break indeed, but because there is the other prefix they fall
>> over to that and build up new sessions from there.
>
> This still doesn’t address breakage that happens AFTER your link to your upstream.
> What if your upstream has a peering issue or their peer has a peering
issue?
> How do you detect that the distant end has a route back to that
prefix but
> doesn't to the other? You can't.
Solve it the way you solve it with PI:
- Get an SLA with every destination you want to reach
Indeed, that is a more or less unsolveable problem.
You can of course monitor all the destinations you want to reach and
based on that to use the prefix or not.
Greets,
Jeroen
More information about the NANOG
mailing list