[160758] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: IPv6 support by wifi systems

daemon@ATHENA.MIT.EDU (Brandon Ross)
Tue Feb 12 13:49:12 2013

Date: Tue, 12 Feb 2013 13:49:02 -0500 (EST)
From: Brandon Ross <bross@pobox.com>
To: Luke Jenkins <ljenkins@weber.edu>
In-Reply-To: <CAM5f3QFSjud9ey0+o7MK8OVWAZ-5+vgCeUWjqsW++-N38wtg0Q@mail.gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

On Tue, 12 Feb 2013, Luke Jenkins wrote:

> MLD Snooping and IPv6 ACLs are a must.

MLD Snooping only seems important to me if you are actually going to do 
multicast outside of the local broadcast domain, which I can't imagine 
doing in most service provider environments.  Am I missing a reason for it 
or a use case otherwise?

> Check to make sure that the solution allows for many (for your network's 
> definition of many) IPv6 addresses per host. You'll have at least three 
> per host between link local, global, and one or more privacy addresses.

It would seem to me that either a wifi vendor would support source address 
shield for IPv6, which MUST include multiple addresses, or it would just 
pass everything without paying attention to source addresses.  Is there a 
vendor that does not do one or the other?  If so, please name names.

> I've been providing native dual stack on my Cisco controller based wireless
> network for a few years now. IPv6 support was brought up a notch with the
> 7.2 code release. RA Guard was the obvious big features that was added, but
> I also appreciated the addition of ND caching to keep that chatter down.
> http://www.cisco.com/en/US/products/ps10315/products_tech_note09186a0080bae506.shtml#discovery

Nice.  Can you confirm if they've added DHCPv6 shield too?  Source address 
shield for IPv6?

> I've also used some Ruckus gear on an IPv6 network and it seemed to have
> all the right knobs and pass all the right IPv6 packets. Though this was on
> my home network so I can't speek to their IPv6 scalability (no reason to
> doubt it, just wanted to be clear).

Thanks, that's a useful data point.

-- 
Brandon Ross                                      Yahoo & AIM:  BrandonNRoss
+1-404-635-6667                                                ICQ:  2269442
Schedule a meeting:  https://doodle.com/bross            Skype:  brandonross
home help back first fref pref prev next nref lref last post