[193429] in North American Network Operators' Group
Re: Questions on IPv6 deployment
daemon@ATHENA.MIT.EDU (William Herrin)
Tue Jan 17 12:06:44 2017
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <742C49EB-205D-4C96-BF96-DD61B361BE21@corp.crocker.com>
From: William Herrin <bill@herrin.us>
Date: Tue, 17 Jan 2017 11:48:09 -0500
To: Matthew Crocker <matthew@corp.crocker.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Mon, Jan 16, 2017 at 10:11 AM, Matthew Crocker
<matthew@corp.crocker.com> wrote:
> I=E2=80=99m looking for some direction/reading list of how to properly co=
nfigure IPv6. I=E2=80=99ve read to use a /64 for PtP interfaces and I=E2=
=80=99ve read use a /128 instead. Assign all loopbacks from the same /64=
, use a different /64 for each loopback. Ect, ect.
Hi Matthew,
Suggest /128's for loopbacks and /124's for point to points, all from
the same /64. This way you don't burn space needlessly, don't open
yourself to neighbor discovery issues on point to points and can
filter inbound Internet packets to that /64 in one fell swoop so that
it's harder to hit your routers directly. Just make sure not to filter
the outbound packets.
Reminder: No matter what size you pick, use nibble boundaries for
visual and DNS convenience. So /124, not /126.
Regards,
Bill Herrin
--=20
William Herrin ................ herrin@dirtside.com bill@herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>