Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses)
Owen DeLong
owen at delong.com
Fri Oct 22 01:18:02 UTC 2010
On Oct 21, 2010, at 12:35 PM, George Bonser wrote:
>
>
>> From: Jeroen Massar > Sent: Thursday, October 21, 2010 9:57 AM
>> To: Allen Smith
>> Cc: NANOG list
>> Subject: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 —
>> Unique local addresses)
>>
>> [Oh wow, that subject field, so handy to indicate a topic change! ;) ]
>>
>> Short answer: you announce both PA prefixes using Router Advertisement
>> (RA) inside the network. You pull the RA when a uplink goes
>> down/breaks.
>
> That assumes importing some sort of routing state into your RA config. Sort of a conditional RA. Can that be done today by anyone?
>
It can be done with some clever JunOScript or a few other mechanisms.
Of course, it can also be done on a linux-based router fairly easily using
whatever scripting language you like.
>> Sessions break indeed, but because there is the other prefix they fall
>> over to that and build up new sessions from there.
>
> This still doesn’t address breakage that happens AFTER your link to your upstream. What if your upstream has a peering issue or their peer has a peering issue? How do you detect that the distant end has a route back to that prefix but doesn't to the other? You can't.
>
How do you do that for IPv4... There's nothing new here. The failure modes
are identical and your NAT box in IPv4 doesn't protect you from this any
better.
In fact, even multihomed BGP doesn't protect you from this unless you're
taking a full table (which is a lot more practical in IPv6 than IPv4).
Owen
More information about the NANOG
mailing list