New Office, New Network. Questions.

Nikolai Petrov prnpetrov at yandex.com
Sun Jul 10 18:53:52 UTC 2016


Hello NANOG,
I am Nikolai and I am a Network Administrator in a Russian middle-sized company. We do not have a large list with Networks in Russia so I am using the American list. I hope you can help me with some problems that I have. 

We are moving to our new offices in two months and I have access to the building already. My task is to set up the entire network for the company. The previous administrator has left the company and I thought of taking the chance to remove some "technical debt" and make everything from scratch again. I am alone in the network administration and about one month ago I got an intern to help me but she is a student so she doesn't know much.

I was told to move the networks this week and I have spent a lot of time thinking about how I should do it. I am sitting here with an initial plan but I have some questions that I did not manage to find complete information about. I would like your help if you can give it. I summarized my questins below and no matter how much I looked I could not find a lot of inromation and I am still confused.

1. Currently we do not have IPv6 in our network but I have seen the ISP is giving us a "/56 Block" which from what I understand is a couple hundred "/64 Subnets". I think you can only have /64 subnets in IPv6. In our IPv4 setup we have 32 addresses, four of which I will use for NAT and the remaining needed for online services and servers. In IPv6 we have a lot of addresses but I am not sure whether I should give an address of the ISP to every device. I found that there is an organization that can help avoid collisions in private IPs: https://www.sixxs.net/tools/grh/ula/ . From what I can tell it is just a registry, but I am thinking of registering the ranges there and then use these subnets and NAT them to the IPv6 address of the router. However, I noticed something strange. The WAN port of our router gets a /64 IPv6 address which is not in our IPv6. Should I use this for NAT or one of "our" addresses?

2. The previous administrator did some bad job in some parts of the network. We have an internal router protocol to move traffic between routers, but in some cases he used NAT instead of adding these subnets to the router protocol. Everything works and all things that have to be reached are reachable, however I think this is bad and we should use the router protocol for all parts of the network. I have found two protocols in our router that are good and support IPv6 and they are OSPF and BGP. I did not manage to have BGP work and it is slow so I am thinking of OSPF. Do uou think it is a good choice for IPv6 and IPv4? If I have two separate paths of 1 Gb/s, will I transfer files at 2 Gb/s?

3. In our old network we use "VRRP" which from what I know is a system for routers to shae IPs and load balance or "failover" the traffic. I have seen that IPv6 has a built-in system which is similar and has something like priorities, etc. What happens if I have two routers with same priority? Whic is used as default gateway? Is it load balancing? Also, can I use "VRRP" to load balance traffic to our DNS look-up "recursor"? 

Thank you for your answers,
Nikolai.



More information about the NANOG mailing list