Choice of address for IPv6 default gateway
Dale W. Carder
dwcarder at wisc.edu
Wed Jan 25 09:39:51 CST 2012
On Jan 25, 2012, at 8:41 AM, Daniel STICKNEY wrote:
> I'm having trouble finding authoritative sources on the best common
> practice (if there even is one) for the choice of address for an IPv6
> default gateway in a production server environment (not desktops). For
> example in IPv4 it is common to chose the first or last address in the
> subnet (.1 or .254 for example) as the VIP for VRRP/HSRP. I'm interested
> in input from production environments and or ARIN/RIPE/IANA/etc or top
Well, you're not going to find anything authoritative per se, but
we are using fe80::1 with HSRP on every LAN with v6 enabled. More recent
HSRP implementations also support <prefix>::1, but that doesn't seem to
make any sense to me since link-local is where your gateway lives.
> What about using RAs to install the default route on the servers? The
> 'priority' option (high/medium/low) easy fits with an architecture using
> an active/standby router setup where the active router is configured
> with the 'high' priority and the standby 'medium'. With the timeout
> values tuned for relatively rapid (~3 seconds) failover this might be
> feasible. Anyone use this in production?
Our servers are statically assigned with prefix::1000 and counting up,
and fe80::1%int for the gateway. Some servers are doing an IP per
service / customer.
In some initial deployments I did, RA Priority did not seem to be
observed. That was 8 or 9 years ago so maybe that has changed, but it
was not comforting.
We were more worried about unintentional & rogue RA vs active/standby
routers. Now that we have RA Guard deployed on > 100,000 edge ports,
that doesn't really matter anymore.
More information about the NANOG