IPV6 in enterprise best practices/white papaers

Mark Andrews marka at isc.org
Sat Jan 26 22:38:54 UTC 2013


In message <CAP-guGX01KLj2cG3ASmfXbmpxZ6j=i1b0DZ++s4-W8Uq_vy-5Q at mail.gmail.com>, William Herrin writes:
> On Sat, Jan 26, 2013 at 4:26 AM, Pavel Dimow <paveldimow at gmail.com> wrote:
> > I can start to create
> > AAAA record and PTR recors in DNS and after that I should configure my
> > dhcp servers and after all has been done I can test ipv6 in LAN and
> > after that I can start configure bgp with ISP.
> > Is this correct procedure?
> 
> Nope.
> 
> In their infinite(simal) wisdom the architects of IPv6 determined that
> a host configured with both a global scope IPv6 address and an IPv4
> address will attempt IPv6 in preference to IPv4. If you configure IPv6
> on a LAN without first installing your IPv6 Internet connection, that
> LAN will break horribly.

The default is to tune for IPv6 first but it been configurable for
years now.  Given one generally wants to use IPv6 over IPv4 to avoid
having you packets going through CGN boxes this is a good thing for
you and your ISP.

As for "breaking" your LAN, if the applications take 60 seconds to
fallback to the other address they were already broken.  Go complain
to your application vendor.  Some vendors have already fixed this
problem with their applications.

> Work your way from the outside in: start with BGP, then the interior
> routers and configure the LAN last.
> 
> Regards,
> Bill Herrin
> 
> 
> 
> -- 
> William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004
> 
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the NANOG mailing list