[172377] in North American Network Operators' Group
Re: Credit to Digital Ocean for ipv6 offering
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Jun 17 17:21:33 2014
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <53A0A6E1.9050906@Janoszka.pl>
Date: Tue, 17 Jun 2014 14:13:56 -0700
To: Grzegorz Janoszka <Grzegorz@Janoszka.pl>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On Jun 17, 2014, at 13:36 , Grzegorz Janoszka <Grzegorz@Janoszka.pl> =
wrote:
> On 2014-06-17 22:13, David Conrad wrote:
>> On Jun 17, 2014, at 12:55 PM, Grzegorz Janoszka =
<Grzegorz@Janoszka.pl> wrote:
>>> There are still applications that break with subnet smaller than =
/64, so all VPS providers probably have to use /64 addressing.
>>=20
>> Wouldn't that argue for /64s?
>=20
> /64 netmask, but not /64 for a customer. There are application which =
break if provided with /80 or /120, but I am not aware of an application =
requesting /64 for itself.
>=20
>>> /64 for one customer seems to be too much,
>>=20
>> In what way? What are you trying to protect against? It can't be =
address exhaustion (there are 2,305,843,009,213,693,952 possible /64s in =
the currently used format specifier. If there are 1,000,000,000 customer =
assignments every day of the year, the current format specifier will =
last over 6 million years).
>=20
> Too much hassle, like too big config of your router. If you have 1000 =
customers in a subnet, you would have to have 1000 separate gateway IP's =
on your router interface plus 1000 local /64 routes.
>=20
> --=20
> Grzegorz Janoszka
This is actually pretty easy. If I were structuring a VPS environment, =
then I'd put a /56 or possibly a /52, depending on the number of =
virtuals expected on each physical server. Then, for each customer who =
got a VPS on that server, I'd create a bridge interface with a /64 =
assigned to that customer. Each VPS on that physical server that =
belonged to the same customer would get put on the same /64.
The router would route the /56 or /52 to the physical server. The =
hypervisor would have connected routes for the subordinate /64s and =
provide RAs to give default to the various VPSs.
Very low maintenance, pretty straight forward and simple.
Why would you ever put multiple customers in the same subnet in IPv6? =
That's just asking for trouble if you ask me.
Owen
