nanog mailing list archives
Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses)
From: Jeroen Massar <jeroen () unfix org>
Date: Thu, 21 Oct 2010 18:57:13 +0200
[Oh wow, that subject field, so handy to indicate a topic change! ;) ] On 2010-10-21 18:29, Allen Smith wrote: [... well described situation about having two/multiple IPv4 upstreams, enabling dual-stack at both, but wanting to failover between them without doing NATv6 ...] Short answer: you announce both PA prefixes using Router Advertisement (RA) inside the network. You pull the RA when a uplink goes down/breaks. Sessions break indeed, but because there is the other prefix they fall over to that and build up new sessions from there. Most RA "daemons" will properly send a 0-lifetime announcement to pull the prefix thus all hosts are automatically informed that the prefix has become invalid. Of course you can also make the router's IP address unreachable as then Neighbor Discovery will take care of failing over too. To address your 'we have multiple groups of people some use slow some use fast', put them in separate (V)LANs and presto. You could effectively live with using one prefix per group and only failing over to the other prefix when the primary one goes down; that is only RA the prefix to those VLANs when you really need it. You should be getting a /48 from both ISPs and here comes the reason for always getting a /48 and nothing else: you have the same numbering plan for all of them. Now the problem with such a setup is the many locations where you actually are hardcoding the IP addresses/prefixes into: firewalls, DNS etc. That is the hard part to solve, especially when these services are managed by other parties. Greets, Jeroen
Current thread:
- Re: Why ULA: low collision chance (Was: IPv6 fc00::/7 — Unique local addresses), (continued)
- Re: Why ULA: low collision chance (Was: IPv6 fc00::/7 — Unique local addresses) Jack Bates (Oct 23)
- Re: Why ULA: low collision chance (Was: IPv6 fc00::/7 — Unique local addresses) William Herrin (Oct 23)
- Re: Why ULA: low collision chance (Was: IPv6 fc00::/7 — Unique local addresses) William Herrin (Oct 21)
- Re: Why ULA: low collision chance (Was: IPv6 fc00::/7 — Unique local addresses) Owen DeLong (Oct 21)
- Re: IPv6 fc00::/7 — Unique local addresses Owen DeLong (Oct 21)
- Re: IPv6 fc00::/7 — Unique local addresses Ray Soucy (Oct 21)
- Re: IPv6 fc00::/7 — Unique local addresses Ray Soucy (Oct 21)
- Re: IPv6 fc00::/7 — Unique local addresses Owen DeLong (Oct 21)
- Re: IPv6 fc00::/7 — Unique local addresses Ray Soucy (Oct 21)
- Re: IPv6 fc00::/7 — Unique local addresses Allen Smith (Oct 21)
- Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) Jeroen Massar (Oct 21)
- Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) Phil Regnauld (Oct 21)
- Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) Owen DeLong (Oct 21)
- Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) Mark Andrews (Oct 21)
- RE: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) George Bonser (Oct 21)
- Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) Jack Bates (Oct 21)
- RE: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) George Bonser (Oct 21)
- Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) Jeroen Massar (Oct 21)
- Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 — Unique local addresses) Owen DeLong (Oct 21)
- RE: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 - Unique local addresses) George Bonser (Oct 21)
- Re: Failover IPv6 with multiple PA prefixes (Was: IPv6 fc00::/7 - Unique local addresses) Leo Bicknell (Oct 21)