Point 2 point IPs between ASes

William Herrin bill at herrin.us
Wed Jun 28 15:03:01 CST 2017


The common recommendations for IPv6 point to point interface numbering are:


Advantages: conforms to IPv6 standard for a LAN link
Disadvantages: DOS threats against this design. Looping on a true ptp
circuit. Neighbor discovery issues.

Advantages: supports multiple routers on each end of the circuit. Conforms
to nibble assignment boundary that helps keep address assignments clean and
Disadvantages: ancient hardware that barely supports IPv6 may have trouble
efficiently handling routes longer than /64.

Advantages: equivalent to an IPv4 /30 with exactly the same functionality.
Disadvantages: equivalent to an IPv4 /30 with exactly the same

Advantages: saves that extra pair of IP addresses.
Disadvantages: complicates configuration just to save two IPv6 addresses.

For /124, /126 and /127: allocate all of your addresses for every router in
the system from the same /64. Use router ACLs to control entry of packets
directed to that /64. Nice clean way to stop hackers from poking at your

Bill Herrin

On Tue, Jun 27, 2017 at 4:28 PM, Krunal Shah <KShah at primustel.ca> wrote:

> Hello,
> What subnet mask you are people using for point to point IPs between two
> ASes? Specially with IPv6, We have a transit provider who wants us to use
> /64 which does not make sense for this purpose. isn’t it recommended to use
> /127 as per RFC 6164 like /30 and /31 are common for IPv4.
> I was thinking, if someone is using RFC7404 for point to point IP between
> two ASes and establish BGP over link local addresses. This way you have
> your own IP space on your router and transit provider does not have to
> allocate IP space for point to point interface between two ASes. In
> traceroutes you would see only loopback IP address with GUA assigned from
> your allocated routable address space. Remotely DDoS to this link isn’t
> possible this way. Thoughts?
> [Description: cid:image010.png at 01D1ECB6.5D17D120]<https://primus.ca/>
> Krunal Shah
> Network Analyst, IP & Transport Network Engineering
> O: 416-855-1805
> kshah at primustel.ca
> [Description: cid:image011.png at 01D1ECB6.5D17D120]<https://primus.ca/>
> [Description: cid:image012.png at 01D1ECB6.5D17D120] <https://twitter.com/
> Primus4Business>   [Description: cid:image013.png at 01D1ECB6.5D17D120] <
> https://www.facebook.com/primusforbusiness>    [Description:
> cid:image014.png at 01D1ECB6.5D17D120] <https://www.linkedin.com/
> company/primus-telecommunications-canada-inc->
> ________________________________
>  This electronic message contains information from Primus Management ULC
> ("PRIMUS") , which may be legally privileged and confidential. The
> information is intended to be for the use of the individual(s) or entity
> named above. If you are not the intended recipient, be aware that any
> disclosure, copying, distribution or use of the contents of this
> information is prohibited. If you have received this electronic message in
> error, please notify us by telephone or e-mail (to the number or address
> above) immediately. Any views, opinions or advice expressed in this
> electronic message are not necessarily the views, opinions or advice of
> PRIMUS. It is the responsibility of the recipient to ensure that any
> attachments are virus free and PRIMUS bears no responsibility for any loss
> or damage arising in any way from the use thereof.The term "PRIMUS"
> includes its affiliates.
> ________________________________
>  Pour la version en français de ce message, veuillez voir
> http://www.primustel.ca/fr/legal/cs.htm

William Herrin ................ herrin at dirtside.com  bill at herrin.us
Dirtside Systems ......... Web: <http://www.dirtside.com/>

More information about the NANOG mailing list