[183565] in North American Network Operators' Group
Re: IPv6 Subscriber Access Deployments
daemon@ATHENA.MIT.EDU (Owen DeLong)
Tue Sep 8 20:19:35 2015
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <BY2PR07MB027C0FDC81D1944C75BBF44C0530@BY2PR07MB027.namprd07.prod.outlook.com>
Date: Tue, 8 Sep 2015 12:31:22 -0700
To: Josh Moore <jmoore@atcnetworks.net>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
Short answer to that is =E2=80=9CDHCPv6-PD=E2=80=9D
Longer answer:
Customer=E2=80=99s router should get an address on the external =
interface through one of SLAAC, DHCP-PD, Static Assignment, depending on =
how the ISP prefers to do this.
If the ISPs equipment supports IPv6 on shared VLANs with DHCP snooping =
and other security, you can implement it with a single /64 giving each =
router a unique address within that segment, but it=E2=80=99s not really =
ideal. This was mainly done in IPv4 to conserve addresses. Separate =
point to point VLANs are a cleaner solution and since there are enough =
addresses in IPv6 to do this, that is how most providers implement. I =
prefer using /64s (or at least assigning /64s) to these VLANs, but there =
are those who argue for /127, some equipment is broken and requires a =
/126, and yet others argue for other nonsensical prefixes.
Once the router has an external address communicating point to point =
with the ISP router, it should then send an DHCPv6-PD request asking for =
a prefix that it can manage. The ISPs DHCP server should then send back =
a /48 (or if you want to be silly, a /56 or a /60, and if you want to be =
insane, a /64).
The reality is that if you send a smaller prefix back, you risk having =
difficulty with your future ARIN applications as your Provider =
Allocation Unit is based on the smallest prefix you delegate to =
end-users. So if you, for example, assign /48 to business customers and =
/60 to residential customers, you=E2=80=99re going to have to justify =
why each of your business customers needed 4096 /60s when you claim that =
you need more IPv6 space.
OTOH, if you simply issue /48s to everyone, you can just go back and say =
=E2=80=9CEach end site got a /48 and there are N end-sites=E2=80=9D and =
you=E2=80=99re good, no questions asked about the size of any of those =
end-sites.
Owen
> On Sep 8, 2015, at 12:12 , Josh Moore <jmoore@atcnetworks.net> wrote:
>=20
> We are talking a purely bridged environment. However, I have been =
wondering how in the world end-to-end IPv6 connectivity is supposed to =
work if a customer hooks up their own router. That is one of the points =
of IPv6...
>=20
>=20
>=20
>=20
> Joshua Moore
> Network Engineer
> ATC Broadband
> 912.632.3161 - O | 912.218.3720 - M
>=20
>=20
> -----Original Message-----
> From: Valdis.Kletnieks@vt.edu [mailto:Valdis.Kletnieks@vt.edu]=20
> Sent: Tuesday, September 08, 2015 3:08 PM
> To: Josh Moore
> Cc: nanog@nanog.org
> Subject: Re: IPv6 Subscriber Access Deployments
>=20
> On Tue, 08 Sep 2015 19:04:06 -0000, Josh Moore said:
>> I'm reading that the recommended method for assigning IPv6 addresses =
to end-users is to do this via a dedicated VLAN and /64.
>=20
> Important question - are you talking about the IPv6 address supplied =
to the CPE router itself, or a /48 or /56 delegated to the CPE router to =
allocate to subnets and devices behind it?
