nanog mailing list archives
Re: ipv6 book recommendations?
From: William Herrin <bill () herrin us>
Date: Tue, 5 Jun 2012 17:23:17 -0400
On 6/5/12, David Hubbard <dhubbard () dino hostasaurus com> wrote:
Does anyone have suggestions on good books to really get a thorough understanding of v6, subnetting, security practices, etc. Or a few books. Just turned up dual stack with our peers and a test network but I'd like to be a lot more comfortable with it before looking at our customer network.
Hi David, Instead of going the book route, I'd suggest getting some tunneled addresses from he.net and then working through http://ipv6.he.net/certification/ . They have the basics pretty well covered, it's interactive and it's free. Some additional thoughts: 1. Anybody who tells you that there are security best practices for IPv6 is full of it. It simply hasn't seen enough use in the environment to which we're now deploying it and rudimentary technologies widely used in IPv4 (e.g. NAT/PAT to private address space) haven't yet made their transition. 2. Subnetting in v6 in a nutshell: a. If it's a LAN, /64. Always. Stateless autoconfiguration (SLAAC) only works for /64. b. Delegations on 4-bit boundaries for reverse-DNS convenience. c. If it's a point to point, a reasonable practice seems to be a /64 per network area and around /124 per link. Works OK for ethernet point to points too. d. Default customer assignments should be /56 or /48 depending on who you ask. /48 was the IETF's original plan. Few of your customers appear to use tens of LANS, let alone thousands. Maybe that will change but the motivations driving such a thing seem a bit pie in the sky. /56 let's the customer implement more than one LAN (e.g. wired and wireless) but burns through your address space much more slowly. /60 would do that too but nobody seems to be using it. /64 allows only one LAN, so avoid it. e. "sparse allocation" if you feel like it. The jury is still out on whether this is a good idea. Basically, instead of assigning address blocks linearly, you divide your largest free space in half and stick the new assignment right in the middle. Good news: if the assignment later needs to grow your can probably just change the subnet mask, keeping the number of entries in the routing table the same. Bad news: fragments the heck out of your address space so when you actually need a large address block for something, you don't have it. Trying to keep non-dynamic assignments in local or regional aggregable blocks works about as well as it did in IPv4, which is to say poorly. Regards, Bill Herrin -- William D. Herrin ................ herrin () dirtside com bill () herrin us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004
Current thread:
- ipv6 book recommendations? David Hubbard (Jun 05)
- Re: ipv6 book recommendations? Dobbins, Roland (Jun 05)
- Re: ipv6 book recommendations? Chris Grundemann (Jun 05)
- Re: ipv6 book recommendations? Seth Mos (Jun 05)
- Re: ipv6 book recommendations? isabel dias (Jun 05)
- Re: ipv6 book recommendations? Owen DeLong (Jun 05)
- Re: ipv6 book recommendations? Adam Kennedy (Jun 05)
- Re: ipv6 book recommendations? isabel dias (Jun 05)
- Re: ipv6 book recommendations? Dobbins, Roland (Jun 05)
- Re: ipv6 book recommendations? Bryan Irvine (Jun 05)
- Re: ipv6 book recommendations? William Herrin (Jun 05)
- Re: ipv6 book recommendations? Owen DeLong (Jun 05)
- Re: ipv6 book recommendations? Chris Grundemann (Jun 05)
- Re: ipv6 book recommendations? Owen DeLong (Jun 05)
- Re: ipv6 book recommendations? Chris Grundemann (Jun 05)
- Re: ipv6 book recommendations? Owen DeLong (Jun 05)
- Re: ipv6 book recommendations? William Herrin (Jun 05)
- Re: ipv6 book recommendations? Owen DeLong (Jun 05)
- Re: ipv6 book recommendations? Owen DeLong (Jun 05)
- Re: ipv6 book recommendations? Owen DeLong (Jun 05)
- Re: ipv6 book recommendations? Mark Boolootian (Jun 05)