[118205] in North American Network Operators' Group
Re: ISP customer assignments
daemon@ATHENA.MIT.EDU (Chris Adams)
Tue Oct 13 22:50:57 2009
Date: Tue, 13 Oct 2009 21:49:57 -0500
From: Chris Adams <cmadams@hiwaay.net>
To: NANOG <nanog@nanog.org>
Mail-Followup-To: Chris Adams <cmadams@hiwaay.net>, NANOG <nanog@nanog.org>
In-Reply-To: <4ED49A24-0786-4E27-9277-A0428C0F13A8@daork.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Once upon a time, Nathan Ward <nanog@daork.net> said:
> On 14/10/2009, at 2:14 PM, Chris Adams wrote:
> >What about web-hosting type servers? Right now, I've got a group of
> >servers in a common IPv4 subnet (maybe a /26), with a /24 or two
> >routed
> >to each server for hosted sites. What is the IPv6 equivalent? I can
> >see a /64 for the common subnet, but what to route for aliased IPs for
> >web hosts? It is kind of academic right now, since our hosting
> >control
> >panel software doesn't handle IPv6, but I certainly won't be putting
> >2^64 sites on a single server. Use a /112 here again as well? Use a
> >/64 per server because I can?
>
> Why route them to the servers? I would just put up a /64 for the web
> servers and bind addresses to your ethernet interface out of that /64
> as they are used by each site.
> I guess you might want to route them to the servers to save ND entries
> or something on your router?
In the past, we saw issues with thousands of ARP entries (it has been a
while and I don't remember what issues now though). Moving a block from
one server to another didn't require clearing an ARP cache (and
triggering a couple of thousand new ARP requests).
Also, it is an extra layer of misconfiguration-protection: if the IPs
are routed, accidentally assigning the wrong IP on the wrong server
didn't actually break any existing sites (and yes, that is a lesson from
experience).
Of course, with IPv4, you never assigned a large enough block to begin
with that would anticipate all growth, so routing additional blocks was
a lot easier than changing blocks, cleaner than secondary IPs
multiplying like crazy, etc., etc. None of that would be an issue with
a single /64.
--
Chris Adams <cmadams@hiwaay.net>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
