nanog mailing list archives
Re: IPv6 allocation plan, security, and 6-to-4 conversion
From: Dustin Melancon <DMelancon () venyu com>
Date: Tue, 10 Feb 2015 17:25:09 +0000
Hey Eric, I did not see anyone else post this, but the NANOG BCOP (Best Current Operating Practices) group has released the following document to help guide new IPv6 allocation plans which you and others may find helpful: http://bcop.nanog.org/images/6/62/BCOP-IPv6_Subnetting.pdf Another useful document from Department of Defense on IPv6 Addressing: http://www.v6.dren.net/AddressingPlans.pdf BCOP Conclusions 1. Every individual network segment requires at a minimum, one /64 prefix 2. Only subnet on nibble boundaries 3. Implement a hierarchical addressing plan to allow for aggregation a. Each individual site should be allocated a /48 prefix 4. One /48 from each region should be reserved for infrastructure a. Loopbacks should be allocated from the top /64 b. Point-to-point links should be allocated a /64 and configured with a /126 or /127 5. Sites/PoPs/locations and regions, etc. should be laid out such that within each level of the hierarchy, each subnet prefix is of equal size a. Each ³site² should likewise have an equalized internal hierarchy Regarding your management block, I would use the recommendation above to maintain a /48 in each region for management with the top /64 used for loopbacks. However I definitely would NOT bother removing this network from your advertised blocks as there are much better ways to implement security and it would screw with your ability to cleanly aggregate your IPv6 allocation. Thanks, Dustin Melancon Sr. Network Engineer Venyu
Current thread:
- Re: IPv6 allocation plan, security, and 6-to-4 conversion Baldur Norddahl (Feb 01)
- <Possible follow-ups>
- Re: IPv6 allocation plan, security, and 6-to-4 conversion William Herrin (Feb 01)
- Re: IPv6 allocation plan, security, and 6-to-4 conversion Owen DeLong (Feb 01)
- Re: IPv6 allocation plan, security, and 6-to-4 conversion Tore Anderson (Feb 01)
- Re: IPv6 allocation plan, security, and 6-to-4 conversion Baldur Norddahl (Feb 01)
- Re: IPv6 allocation plan, security, and 6-to-4 conversion Tore Anderson (Feb 01)
- RE: IPv6 allocation plan, security, and 6-to-4 conversion Crawford, Scott (Feb 06)
- Re: IPv6 allocation plan, security, and 6-to-4 conversion David Barak (Feb 08)
- Re: IPv6 allocation plan, security, and 6-to-4 conversion Dustin Melancon (Feb 10)