nanog mailing list archives

RE: Using /126 for IPv6 router links

From: "Matt Addison" <maddison () lightbound net>
Date: Mon, 25 Jan 2010 11:33:04 -0500

From: Mathias Seiler [mailto:mathias.seiler () mironet ch]
Subject: Re: Using /126 for IPv6 router links

Ok let's summarize:

/64:
+     Sticks to the way IPv6 was designed (64 bits host part)
+     Probability of renumbering very low
+     simpler for ACLs and the like
+     rDNS on a bit boundary

<>    You can give your peers funny names, like 2001:db8::dead:beef ;)

-     Prone to attacks (scans, router CPU load)
-     "Waste" of addresses
-     Peer address needs to be known, impossible to guess with 2^64
addresses


/126
+     Only 4 addresses possible (memorable, not so error-prone at
configuration-time and while debugging)
+     Not prone to scan-like attacks

-     Not on a bit boundary, so more complicated for ACLs and ...
-     ... rDNS
-     Perhaps need to renumber into /64 some time.
-     No 64 bits for hosts


You're forgetting Matthew Petach's suggestion- reserve/assign a /64 for
each PtP link, but only configure the first /126 (or whatever /126 you
need to get an amusing peer address) on the link. 

+       Sticks to the way IPv6 was designed (64 bits host part- even if
it isn't all configured)
+       Probability of renumbering very low
+       simpler for ACLs and the like
+       rDNS on a bit boundary
+       Only 4 addresses possible (memorable, not so error-prone at
configuration-time and while debugging)
+       Not prone to scan-like attacks
+       Easy to renumber into a /64 if you need to

-       "Waste" of addresses

Seems to be a fairly good compromise, unless there's something I missed.

~Matt

Current thread:

Re: Using /126 for IPv6 router links, (continued)
- - - Re: Using /126 for IPv6 router links Joel Jaeggli (Jan 29)
    - Re: Using /126 for IPv6 router links Owen DeLong (Jan 26)
  - Re: Using /126 for IPv6 router links Glen Turner (Jan 24)
    - Re: Using /126 for IPv6 router links Mark Smith (Jan 24)
- Re: Using /126 for IPv6 router links Leo Bicknell (Jan 23)
  - Re: Using /126 for IPv6 router links Nathan Ward (Jan 24)
    - Re: Using /126 for IPv6 router links Owen DeLong (Jan 24)
- Re: Using /126 for IPv6 router links Matthew Petach (Jan 25)
  - Re: Using /126 for IPv6 router links Richard A Steenbergen (Jan 25)
  - Re: Using /126 for IPv6 router links Mathias Seiler (Jan 25)
    - RE: Using /126 for IPv6 router links Matt Addison (Jan 25)
    - RE: Using /126 for IPv6 router links Igor Gashinsky (Jan 26)
    - Re: Using /126 for IPv6 router links Steve Bertrand (Jan 26)
    - Re: Using /126 for IPv6 router links Grzegorz Janoszka (Jan 27)
    - RE: Using /126 for IPv6 router links TJ (Jan 27)
    - RE: Using /126 for IPv6 router links Pekka Savola (Jan 26)
    - Re: Using /126 for IPv6 router links Mark Smith (Jan 26)
    - Re: Using /126 for IPv6 router links Jim Burwell (Jan 27)
    - RE: Using /126 for IPv6 router links Igor Gashinsky (Jan 27)
    - Re: Using /126 for IPv6 router links Steve Bertrand (Jan 27)
    - Re: Using /126 for IPv6 router links Igor Gashinsky (Jan 27)

(Thread continues...)