IPv6 Default Allocation - What size allocation are you giving out

• Previous message (by thread): IPv6 Default Allocation - What size allocation are you giving out
• Next message (by thread): IPv6 Default Allocation - What size allocation are you giving out
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Oct 9, 2014 at 10:40 AM, William Herrin <bill at herrin.us> wrote:

> On Thu, Oct 9, 2014 at 12:29 PM, Richard Hicks <richard.hicks at gmail.com>
> wrote:
> > Sixty replies and no one linked to the BCOP?
> > Is there a reason we are ignoring it?
>
> Hi Richard,
>
> It's dated (a *lot* about IPv6 has changed since 2011) and a we've
> learned enough to know some of the things in there are dubious. For
> example:
>
> "Regardless of the number of hosts on an individual LAN or WAN
> segment, every multi-access network (non-point-to-point) requires at
> least one /64 prefix."
>
> But using /64s on WAN links invites needless problems with neighbor
> discovery when an attacker decides to send one ping each to half a
> million adresses all of which happen to land on that WAN link. WAN
> links should really use something whose size is much closer to the
> number of routers on the link, in the same order of magnitude anyway.
> So /64s for LANs, sure, but size the WAN links small to make them less
> vulnerable to attack.
>

The BCOP specfically addresses this in 4b:
" *b. Point-to-point links should be allocated a /64 and configured with a
/126 or /127*"


> And:
>
> "Only subnet on nibble boundaries" is not reasonable. When I need two
> LANs in a building I should burn 14 more to get to a nibble boundary?
> Really?
>
> "Only delegate on nibble boundaries" is a more reasonable statement.
> When you assign addresses to your customer or to a different internal
> team's control, THAT should be on a nibble boundary for the customer's
> convenience understanding the written-down version of what network is
> theirs and for your convenience when it comes time to delegate reverse
> DNS.
>
> Inside your network under control of the same engineers, subnet and
> route just as you would with IPv4.
>
> Regards,
> Bill Herrin
>
>
>
> --
> William Herrin ................ herrin at dirtside.com  bill at herrin.us
> Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
> May I solve your unusual networking challenges?
>

• Previous message (by thread): IPv6 Default Allocation - What size allocation are you giving out
• Next message (by thread): IPv6 Default Allocation - What size allocation are you giving out
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]