Home page logo
/

nanog logo nanog mailing list archives

Re: subnet prefix length > 64 breaks IPv6?
From: Jonathan Lassoff <jof () thejof com>
Date: Sat, 24 Dec 2011 15:39:32 +0000

On Sat, Dec 24, 2011 at 6:48 AM, Glen Kent <glen.kent () gmail com> wrote:


SLAAC only works with /64 - yes - but only if it runs on Ethernet-like
Interface ID's of 64bit length (RFC2464).

Ok, the last 64 bits of the 128 bit address identifies an Interface ID
which is uniquely derived from the 48bit MAC address (which exists
only in ethernet).

SLAAC could work ok with /65 on non-Ethernet media, like a
point-to-point link whose Interface ID's length be negotiated during the
setup phase.

If we can do this for a p2p link, then why cant the same be done for
an ethernet link?


I think by "point-to-point", Alexandru was referring to PPP-signalled
links. In the case of Ethernet and SLAAC, the standards define a way to
turn a globally unique 48-bit 802.3 MAC-48 address into an EUI-64
identifier by flipping and adding some bits.

This uniquely maps conventional MAC-48 addresses into EUI-64 addresses. I
imagine this was chosen because the IEEE is encouraging new standards and
numbering schemes to use the 64-bit schemes over the older 48-bit ones.
Presumably to avoid exhaustion in the future (like we're seeing with IPv4).

The result of which is that with the standards we've got today, we can
easily map a piece of hardware's globally unique MAC address into a
globally unique 64-bit identifier -- which happens to cleanly fit into the
second half of the v6 address space.

I suppose one could make an argument to use /80 networks and just use the
MAC-48 identifier for the address portion, but given the vastness of v6
space I don't think it's really worth the extra savings of bit space.


So, to address your original question, in v6 networks with netmask lengths
greater than 64 bits nothing "breaks" per se, but some of the conventional
standards and ideas about what a "network" is in that context are broken.
While it's not possible to have hosts uniquely pick addresses for
themselves, one can use other addressing mechanisms like DHCPv6 or static
addresses.

--j


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault