[118214] in North American Network Operators' Group
RE: ISP customer assignments
daemon@ATHENA.MIT.EDU (Wouter de Jong)
Wed Oct 14 04:49:06 2009
Date: Wed, 14 Oct 2009 10:48:00 +0200
In-Reply-To: <20091014011440.GC612455@hiwaay.net>
From: "Wouter de Jong" <wouter@widexs.nl>
To: <nanog@nanog.org>
X-WideXS-MailScanner-From: wouter@widexs.nl
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
In a message written on Tue, Oct 13, 2009 at 08:14:40PM -0500, Chris
Adams wrote:
<..>
> What about web-hosting type servers? Right now, I've got a group of
> servers in a common IPv4 subnet (maybe a /26), with a /24 or two
routed
> to each server for hosted sites. What is the IPv6 equivalent? I can
> see a /64 for the common subnet, but what to route for aliased IPs for
> web hosts? It is kind of academic right now, since our hosting
control
> panel software doesn't handle IPv6, but I certainly won't be putting
> 2^64 sites on a single server. Use a /112 here again as well? Use a
> /64 per server because I can?
I'd be interested in any suggestions on this part as well.
We're a Hosting provider and basicly we have (for now)=20
3 different product-groups we want to launch IPv6 on :
1 - Shared Hosting
These servers (Linux), are all in 1 vlan.
Each server has 1 IPv4 address from the subnet that's configured on the
vlan.
Then we have an IPv4 /24 routed to each of the servers=20
(each server has 1 /24 to host sites on).
Here I'd assign a single /64 and use static addressing.
2 - Premium Managed & Unmanaged Hosting (Co-location).
Each customer has one (or more) dedicated subnets and vlans.
Here I'd assign a /64 per vlan.
I'd do static addressing for Managed, but probably provide=20
RA (EUI-64) for Unmanaged.
3 - Managed and Umanaged Hosting (Co-location).
These servers are in 'shared' subnets, ranging from /23 to /26,=20
and each customer get's assigned at least 1 IP from this subnet=20
and more if they can justify. For customers needing 'large' subnets,=20
we'd route a different subnet to their server of choice.
Here, I'm not sure what to do...
You should at least assign a /64 per customer, but how would one do that
when they are in shared subnets/vlans... ?
If for every server I'd need to assign a /64 secondary to our vlan
interfaces,
I'd trip the maximums=20
(Nortel Passport 8600 used for these customers has quite some
limitations on IPv6).
It would be nice though, cause once IPv4 is no longer used (...) we
could=20
move customers to another/dedicated vlan.
We've also fiddled with the idea of assigning one /48 to each of these
vlans,=20
and let each 'server' use a /64 out of it. This still seems a bit weird
though...
Also, since we do IP based billing here,=20
we'd never know if one has 'hijacked' some IP space.
Yes, we'd know for un-assigned addresses=20
(not assigned but has traffic -> alert),=20
but I don't expect a customer to use all addresses out of 'their' /64,
so the not used addresses could be easily be abused.
For IPv4, all addresses are usually really used and the customer=20
who's IP's are hijacked, would almost definitely hang on the phone in
no-time.
Some advice would be very appreciated.
Best regards,
Wouter de Jong
WideXS
