compress IPv6 addresses with double colons from the left to the right
also don’t compress a single quad of 4 zeroes
(read RFCs if wanted)
Status “ASSIGNED PA” becomes “ASSIGNED”
AGGREGATED-BY-LIR is new: put all your /56′s that you assign to customers there
use “assignment-size” switch to show how big the assignments are
sub-allocated-pa becomes “allocated-by-lir”
INFRASTRUCTURE is a
getting PI IPv6 space:
NO SUB-ASSIGNMENTS!!! Never.
4000 fridges – each with internet, security, alerting and wifi router
6to4 uses anycast!
6RD > relay operations!
464xlat > fixes the problems NAT64/DNS64 causes
DS-lite – tunnel ipv4 over ipv6
conclusion: DUAL-STACK while you can
it is still possible!
use /64′s for Loopbacks!
network design: Take the router with the most interfaces and prepare for a /64 per interface
don’t assign different sizes for routers
imagine: Nexus 7000 – maximum port density?
256 interfaces per router is assumed so /56 per router
or /52 per router, 4096 x /64 per port
/40 per router/switch that can handle customers > 256 x /48 possible
the number of hosts in a /64 is irrelevant!
flip the bit and use EUI-64
listen to RA’s
a router’s response will contain:
- address of router
- prefixes allowed on link
- SLAAC allowed?
problem: Privacy! – same MAC address
solution: Privacy extensions (random ID)
“managed” flag forces DHCPv6
use RA guard
disable RA’s (cisco)
set SNMP (and protect)
have DNS working
SLAAC can assign you a subnet “unexpectedly”
not all firewalls support ipv6
be careful with “ipv6 ready”
/48 per pop
/56 per router
/64 per interface
don’t use EUI-64!
port number for services > IPv6 addresses!
set gateway manually
in the CORE: USe /64 per link – ::1 and ::2 stuff
easy to remember
download RIPE 554 and “what to do with IPv6″
> stars get t-shirt