[135497] in North American Network Operators' Group
Re: Using IPv6 with prefixes shorter than a /64 on a LAN
daemon@ATHENA.MIT.EDU (Owen DeLong)
Wed Jan 26 00:31:29 2011
From: Owen DeLong <owen@delong.com>
In-Reply-To: <20110126043722.GA4110@skywalker.creative.net.au>
Date: Tue, 25 Jan 2011 21:24:38 -0800
To: Adrian Chadd <adrian@creative.net.au>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> ...
>=20
> What did that just do to your per-site /64? That you have
> no hope of ever seeing a user use up? It just turned
> that /64 into a /112 (16 bits of port space, 32 bits
> of cloud identifier space.) What's the next killer app
> that'll chew up more of your IPv6 space?
>=20
Dude... You missed... It's not supposed to be a /64 per site.
The plan is a /48 per site. Yes, you managed to use one of
the subnets up pretty well... ON A SINGLE SUBNET.
Now, what do you do for the other 65,535 of them at the
one site?
> I'm all for IPv6. And I'm all for avoiding conjecture
> and getting to the task at hand. But simply assuming
> that the IPv6 address space will forever remain that -
> only unique host identifiers - I think is disingenious
> at best. :-)
>=20
Well.. There's assuming (like your assumption that a /64
per site was the original plan) and then there's doing
the math.
Even with the utilization you've mentioned above, my
math still holds.
Owen
>=20
>=20
> Adrian
>=20
> On Tue, Jan 25, 2011, Owen DeLong wrote:
>=20
>> I love this term... "repetitively sweeping a targets /64".
>>=20
>> Seriously? Repetitively sweeping a /64? Let's do the math...
>>=20
>> 2^64 =3D 18,446,744,073,709,551,616 IP addresses.
>>=20
>> Let's assume that few networks would not be DOS'd by a 1,000 PPS
>> storm coming in so that's a reasonable cap on our scan rate.
>>=20
>> That means sweeping a /64 takes 18,446,744,073,709,551 sec.
>> (rounded down).
>>=20
>> There are 86,400 seconds per day.
>>=20
>> 18,446,744,073,709,551 / 86,400 =3D 213,503,982,334 days.
>>=20
>> Rounding a year down to 365 days, that's 584,942,417
>> years to sweep the /64 once.
>>=20
>> If we increase our scan rate to 1,000,000 packets
>> per second, it still takes us 584,942 years to sweep
>> a /64.
>>=20
>> I don't know about you, but I do not expect to live long
>> enough to sweep a /64, let alone do so repetitively.
>>=20
>> Owen
>=20
> --=20
> - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid =
Support -
> - $24/pm+GST entry-level VPSes w/ capped bandwidth charges available =
in WA -
