nanog mailing list archives
Re: IPV6 in enterprise best practices/white papaers
From: Owen DeLong <owen () delong com>
Date: Tue, 29 Jan 2013 13:55:36 -0800
Whereas, with IPv6 you have most, if not all of the same factors to consider, but there is some marginal added complexity around things like SLAAC/RA, some different terminology, binary math in hex instead of octal, network sizes are many orders of magnitude larger, etc. So the net effect is that even though "under the hood" it's not all that different, it all feels new and strange. And we all know how humans react to things that are new and strange. :)I think "marginal added complexity" is probably a polite understatement;No, it really isn't. I realize that the IPv6 zealots hate it when I say this, but in many ways you can treat IPv6 just like IPv4 with bigger addresses.
I'm a pretty well known IPv6 zealot and I completely agree with you.
1. Don't filter ICMPv6. 2. Treat a /64 roughly the way you'd treat a /24 in IPv4.
Actually, I'd say treat a /64 roughly the way you'd treat any sized subnet in IPv4, whether it's a /24, a /31, or something in between or even a really large IPv4 single network such as a /22. If it's an IPv4 /32, then think IPv6 /128.
3. Put SLAAC on the networks you have DHCPv4 on. 4. Statically assign addresses and networks for v6 on the systems you statically assign them on v4 (servers, etc.) 5. Neighbor Discovery (ND) replaces arp, but mostly you don't every need to worry about it (just like you hardly ever need to worry about arp). Voila! You've just learned 80% of what you need to know to be successful with IPv6.
Agreed. The remainder has to do with: 1. Understanding and configuring RDNSS support if you're going to use SLAAC. 2. Understanding and configuring DHCPv6 if you want to use that. 3. Managing AAAA records and dealing with ip6.arpa (nearly identical to A and in-addr.arpa) 4. IPv6 routing protocols (if you are in a larger environment) 5. Security policies that are more complex than simply default-deny-all-inbound/permit-outbound. There's really not a whole lot else one needs to learn for most environments.
No, quite the opposite. What I'm saying is that if you already understand how to run a network with v4 that learning the v6 terminology and equivalent concepts, plus the few extra things that you actually do need to manage for v6, is not that difficult. It just *seems* hard because before you tackle it, it's all new and strange.
I 100% agree with this summary. Owen
Current thread:
- Re: IPV6 in enterprise best practices/white papaers, (continued)
- Re: IPV6 in enterprise best practices/white papaers Karl Auer (Jan 27)
- Re: IPV6 in enterprise best practices/white papaers Jay Ashworth (Jan 28)
- Re: IPV6 in enterprise best practices/white papaers Doug Barton (Jan 28)
- Re: IPV6 in enterprise best practices/white papaers Jay Ashworth (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Doug Barton (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Jay Ashworth (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Doug Barton (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Jay Ashworth (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Doug Barton (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Miquel van Smoorenburg (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Owen DeLong (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Doug Barton (Jan 28)
- Re: IPV6 in enterprise best practices/white papaers Mukom Akong T. (Jan 28)
- Re: IPV6 in enterprise best practices/white papaers Måns Nilsson (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Karl Auer (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers TJ (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Jussi Peltola (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Karl Auer (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Jussi Peltola (Jan 29)
- Re: IPV6 in enterprise best practices/white papaers Karl Auer (Jan 30)
- Re: IPV6 in enterprise best practices/white papaers Nick Hilliard (Jan 30)