SlideShare a Scribd company logo

IPv6 address-planning

Tim Martin, profile picture
Tim Martin

1. The document provides guidance on strategically planning and designing an IPv6 address plan for a large multi-national enterprise called ACME. 2. It outlines the requirements including supporting up to 37 countries and 40 campus locations within the largest country. The plan should be highly hierarchical, uniform and scalable. 3. Byte boundaries are recommended between hierarchy levels to support many countries, with nibble boundaries between buildings within campuses given fewer buildings. The plan should include infrastructure addressing.

Internet
1 of 39
Downloaded 45 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
IPv6 Address PlanningTim Martin CCIE #2020 Solutions Architect Spring 2016
Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved. Agenda •  Strategic Planning Steps •  IPv6 Address Planning •  Exercise •  Conclusion
IPv6 Strategic Planning
Architectural Model Planning and coordination is required from many across the organization, including … v  Network engineers & operators v  Security engineers v  Application developers v  Desktop / Server engineers v  Web hosting / content developers v  Business development managers v  …
v  Create a project team & plan v  Identify business value, requirements & impacts v  Assess equipment & applications for IPv6 v  Begin training & develop training plan v  Develop the architectural solution v  Obtain a prefix and build the address plan v  Define an exception process for legacy systems v  Update the security policy v  Deploy IPv6 trials in the network v  Test and monitor your deployment IPv6 Planning Steps Outline
340,282,366,920,938,463,463,374,607,431,768,211,456 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456 So How Big Is The IPv6 Address Space? §  Lot’s of talk about how big, it’s BIG, do NOT worry about waste §  Theoretical vs. Practical, split the 128 bits in half §  64 bits will define the network topology, 64 bits define the host id 18,446,744,073,709,600,000 IPv6 addresses /64 (31,536,000 seconds/yr * 10,000,000 IPv6 addresses/second) 18,446,744,073,709,600,000 / 315,360,000,000,000 = 58,494 years - Ed Horley
IPv6 Addressing IPv6 Address Family Multicast AnycastUnicast Assigned Solicited Node Unique Local Link Local Global Special Embedded *IPv6 does not use broadcast addressing Well Known Temp
Hexadecimal, it’s really not that difficult Widely used in computing and programming Hex is a base 16 numerical system Typicaly expressd by 0x, i.e 0x34 Every nibble is a Hex character 4 bits have 16 combinations Easier than high school algebra 256’s |16’s | 1’s 3 4 a c 2 4 d 100s | 10’s | 1’s 0 5 2 1 7 2 5 8 9
IPv6 Address Format IPv6 addresses are 128 bits long (32 hex characters) 8 groups (words, quad’s) of 16 bits separated by (:) Network or topology portion is the prefix Includes the “subnet” Host PortionNetwork Portion 2001 : 0db8 : 0100 : 1111 : 0000 : 0000 : 0000 : 0001 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits Host IdSubnet IdGlobal Route Prefix 2001:0db8:0100:1111:0000:0000:0000:0001
Abbreviating IPv6 Addresses (RFC5952) Leading 0’s can be omitted The double colon (::) can appear only once 2001:0db8:0000: :0000:0000:0000:1e2a00a4 Full Format 2001:db8:0: :0:0:0:1e2aa4 Abbreviated Formats 2001:db8:0: ::1e2aa4
Unicast IPv6 Address Types Link-Local – Non routable exists on single layer 2 domain (fe80::/10) fe80:0000:0000:0000 :: xxxx:xxxx:xxxx:xxxx fc00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: fd00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: Unique-Local – Routable within administrative domain (fc00::/7) 2000:NNNN:NNNN HHHH:HHHH:HHHH:HHHH Global – Routable across the Internet (2000::/3) :SSSS: 3fff:NNNN:NNNN HHHH:HHHH:HHHH:HHHH:SSSS:
•  Recommended Alloca,ons •  Consumer, SMB /56 /60 /64 •  Municipal Government, Enterprise, Single AS /40 /44 /48 •  State Governments, Universi,es (LIR) /32 /36 /40 •  Addressing Plan, Site Count •  IPv4 Allocation, Multi-homed ISP • 1 - 12 sites, a /44 assignment • 13 - 192 sites, a /40 assignment • 193 - 3,072 sites, a /36 assignment • 3,073 - 49,152 sites, a /32 assignment Registries Level FourEntity IANA ISP Org PA /48 2000::/3 /12 /32 2000::/3 /48 /12 PI /32 /48 RIPE Global Address Assignment Subordinate
•  PA or PI from each region you operate in •  Coordination of advertised space within each RIR, policy will vary •  Most run PI from primary region Multi-national Model
Prefix Length Considerations Pt 2 Pt /127 WAN Core /64 or /127 Servers /64 Hosts /64 Loopback /128 •  Anywhere a host exists /64 •  Point to Point /127 Should not use all 0’s or 1’s in the host portion Nodes 1&2 are not in the same subnet •  Loopback or Anycast /128 •  RFC 7421 /64 is here •  RFC 6164 /127 cache exhaust
IPv6 Address Planning
1.  Keep it SIMPLE §  You don’t want to spend weeks explaining it! 2.  Embed information to help operations §  To help troubleshooting and operation of the network §  Examples: location, country, PIN, VLAN, IPv4 info addresses 3.  Plan for expansion (build in reserve) §  Cater for future growth, mergers & acquisitions, new locations §  Reserved vs. assigned 4.  Exploit hierarchy / aggregation §  Good aggregation is essential, just one address block (per location) §  Ensures scalability and stability 4 Rules 2001:420:1234::/48 2001:420:1234:0100:/56 2001:420:1234:0200:/56 2001:420:1234:0400:/562001:420:1234:0300:/56 2001:420:1234:0500:/56 …
§  Structure §  Prefix sizing §  Information encoding §  Infrastructure addressing Methodology
§  How many prefixes will you need at each level of the addressing plan §  Example: a BNG can handle 64000 subscribers = 64000 IPv6 prefixes §  Example: the number of interconnects (P2P) in your network §  As always, put aside a reserve! §  How many /64 prefixes (subnets) you need to deploy at a location §  I.E: desktops, WIFI, guestnet, sensors, CCTV, network infrastructure, etc.. §  As always, put aside a reserve! §  Don’t worry about the number of hosts §  We have more than 254 of IPv6 addresses for hosts :’) Methodology (2) – Number of Prefixes per Level
Example - How Many Subnets in a Location? •  Follow the logical flow –  How many subnets in each location? –  What does sit under infrastructure? –  How many point-to-point links? –  Where is the reserve? /52 Infrastructure /48 location /56 Interconnects /56 Loopbacks 256x /64 P2P links 256x /64 Loopbacks /128 per Loopback /52 Desktops /52 Wireless /52 etc. /127 per P2P link /56 reserve /56 reserve ...
§  Remember transition mechanisms – these will have specific address format requirements §  ISATAP §  NAT64 (/96) §  6rd, MAP §  Possible encoding of information in particular portions of the IPv6 prefix §  Places In the Network (PINs) §  VLANs in the prefix §  VLAN 4096 à 2001:db8:1234:4096::/64 (alternatively in hex J) §  The whole IPv4 address or just a portion §  consider this carefully – trade-off between linkage vs. independence §  IPv4 address 10.0.13.1 à 2001:db8:1234:100::10:0:13:1 §  Router IDs in the Interface Identifier / IPv4 in Link-Local §  Consider security implications! Methodology (3) – Information Encoding
Methodology (4) – Infrastructure Addressing 1. •  First recommendations: configure /64, /112 or /126 •  RFC 3627, September 2003 – /127 considered harmful •  moved to historic by RFC 6547 (Feb. 2012) •  Since April 2011, RFC 6164 recommends /127 on inter-router (P2P) links •  Current recommendation /64, /126 or /127 •  /127 mitigates ND exhaustion attacks •  Allocate /64 from a block (e.g. /56) for infrastructure links but configure /127 •  Example: 2001:db8:1234:1::0/127 and 2001:db8:1234:1::1/127 •  What about offsetting the suffix •  2001:db8:1234:1::a/127 •  2001:db8:1234:1::b/127 •  You must follow the /127 subnet rule!!! 2001:db8:1234:1::A/127 2001:db8:1234:1::B/127 R2R1 21
Methodology (4) – Infrastructure Addressing 2. •  E.g. Dedicate /56 for Loopback addresses per location •  Allocate /64 per Loopback but configure /128 •  Example: 2001:420:1234:100:1::1/128 and 2001:420:1234:101:1::1/128 •  Avoid a potential overlap with Embedded RP addresses •  Remember to check how many Longest Prefix Matches (LPM) [/128] your network devices can carry •  Does not always equal the total number of supported IPv6 prefixes Loopbacks 22
Example of an IPv6 Prefix Allocation (Cisco) /40 - /44 per Site Upto 256 Buildings per Site Site = Campus 13th Nibble = PIN /52 per PIN (4096 Subnets / PIN) PIN = Place In the Network A framework to classify network roles e.g. Lab, Desktop, DC, DMZ etc /48 per Building/FSO (16 PINs per Building/FSO) FSO = Field Sales Office /37 - /39 per Sub-Region /35 - /36 per Region Global Level 2001:420::/32 Using /34 with 50% spares For Your Reference
Example of an IPv6 Prefix Allocation (ISP) /30 /30 for Subscribers /32 for Internal Addressing /36 per PoP /32 for Private Addressing /32 for External Addressing (non-Subsribers) /32 as a reserve /56 per Subscriber /40 for Enterprise DC External /40 for Enterprise Infrastructure External /40 for Enterprise Campus External /29 from RIPE /40 for Core Network External Services /40 for Core Network Internal Services /40 for Enterprise DC Internal /64 for Loopbacks (/128s) /40 for Enterprise Campus External /40 per BNG For Your Reference
Exercise
•  Methods •  Follow IPv4 (/24 only), Organizational, Location, Function based •  Hierarchy is key (A /48 example) •  Bit twiddle's dream (16 bit subnet strategy) •  4 or 8 bits = (16 or 256) Regions (states, counties, agencies, etc..) •  4 or 8 more bits = (16 or 256) Sub Levels within those Regions •  4 more bits = (16) Traffic Types (Admin, Guest, Telephony, Video, etc..) •  Cisco IPv6 Addressing White Paper •  http://www.cisco.com/go/IPv6 •  Monotonically (1000, 2000, 3000, etc.) vs. Sparse (0000, 4000, 8000, c000 ) Building the IPv6 Address Plan 26
§  European-wide conglomerate in the food and consumables sector. §  Has presence in about 19 countries expected to grow to about 37 §  They also have a sister company (ACME ISP) which is providing European-wide telecommunications services. ACME Enterprise
§  ACME has grown organically through a policy of acquisitions and mergers over the past few years. §  Use of private (RFC 1918) and/or illegal IPv4 address blocks, NAT is widely used. This is negatively impacting the behaviour of some enterprise applications. §  ACME has decided to strategically deploy IPv6 within the ACME enterprise network. This will enable applications and services to be moved from IPv4 to IPv6 on a case-by-case basis §  For its WAN connectivity, ACME enterprise uses the MPLS VPN service offered by ACME ISP. ACME Enterprise Current State of the Network
§  ACME ISP is a RIPE member and have been allocated a /19 IPv6 address block. ACME Enterprise has been provided 2014:1b2::/32 from its ISP. ACME ISP will be interconnecting all the IPv6 locations of the ACME enterprise network. §  The most important requirements for the IPv6 addressing design are for it to be highly hierarchical, uniform and scalable. This will greatly simplify the design, operation and troubleshooting of the network. ACME Enterprise IPv6 High Level Requirements
§  As a general rule, ACME would like to use byte (8-bit)-boundaries between the different hierarchies of the IPv6 addressing. HINT!!! §  At the first level, the addressing scheme needs to support at least 37 countries (HINT!!!). Also some address blocks should be reserved for future growth in the larger countries. §  At the second level (within each country), there are a number of campus locations. It is at this level that connectivity into the ACME ISP network is provided. The largest country has about 40 campus locations (HINT!!!). ACME Enterprise Detail Requirements
§  At the third level (within each campus location), the number of buildings within each campus (4-6 maximum). Therefore, allocating these blocks on a byte boundary is deemed as overkill. A nibble (4-bit) boundary will suffice here. HINT!!! §  A separate “virtual building” address block needs to be set aside for network infrastructure addressing within that campus location. §  At the forth level (within each building), individual IPv6 subnets need to be assigned to individual VLANs. §  An additional requirement is to divide up the network infrastructure block in ranges for loopback, link and network services addressing. ACME Enterprise Detail Requirements (Cont.)
§  Design an IPv6 address plan for ACME enterprise applying with what you have learned in this session and the mentioned HINTS. §  Work top-down through the address plan. §  Focus first on the end-system addressing. §  Think about the network infrastructure addressing §  There are multiple acceptable solutions, it’s more important to think about the problem and apply the methodology. Building An Address Plan For ACME Enterprise (Tasks)
Conclusion
ACME Enterprise IPv6 Addressing Exercise /64 4096 /48
IPv6 address-planning
Recommended Reading
Cisco IPv6 Services A Phased-Plan Approach for Successful IPv6 Adoption IPv6 Assessment Service •  Determine how your network needs to change to support your IPv6 strategy IPv6 Discovery Service •  Guidance in the early stages of considering a transition to IPv6 IPv6 Planning and Design Service •  Designs, transition strategy, and support to enable a smooth migration IPv6 Implementation Service •  Validation testing and implementation consulting services Network Optimization Service •  Absorb, manage, and scale IPv6 in your environment
•  Gain Operational Experience now •  IPv6 is already here and running well •  Control IPv6 traffic as you would IPv4 •  “Poke” your Provider’s •  Lead your OT/LOB’s into the Internet Key Take Away
IPv6 address-planning

More Related Content

PPT
dynamic host configuration protocol
kinish kumar
 
PPTX
Cisco nx os
Utpal Sinha
 
PPTX
Hot standby router protocol (hsrp) using
ShubhiGupta94
 
DOCX
3PAR: HOW TO CHANGE THE IP ADDRESS OF HP 3PAR SAN
Saroj Sahu
 
PPT
CCNA SUMMER TRAINNING PPT
Nishant Goel
 
PPTX
MPLS Layer 3 VPN
NetProtocol Xpert
 
PDF
Ospf.ppt
Edgardo Scrimaglia
 
PPSX
Lesson 6: Dynamic Host Configuration Protocol A
Mahmmoud Mahdi
 
dynamic host configuration protocol
kinish kumar
 
Cisco nx os
Utpal Sinha
 
Hot standby router protocol (hsrp) using
ShubhiGupta94
 
3PAR: HOW TO CHANGE THE IP ADDRESS OF HP 3PAR SAN
Saroj Sahu
 
CCNA SUMMER TRAINNING PPT
Nishant Goel
 
MPLS Layer 3 VPN
NetProtocol Xpert
 
Ospf.ppt
Edgardo Scrimaglia
 
Lesson 6: Dynamic Host Configuration Protocol A
Mahmmoud Mahdi
 

What's hot (20)

PPT
Spanning tree protocol
Muuluu
 
PPTX
Dhcp
Tapan Khilar
 
PPTX
CCNP Switching Chapter 1
Chaing Ravuth
 
PPTX
CCNA v6.0 ITN - Chapter 08
Irsandi Hasan
 
PPT
DHCP Protocol
Mohammed Hisham
 
PDF
Ccnp presentation [Day 1-3] Class
SagarR24
 
PPT
Bgp
Febrian ‎
 
PPTX
CCNA 2 Routing and Switching v5.0 Chapter 9
Nil Menon
 
PPTX
CCNA 2 Routing and Switching v5.0 Chapter 11
Nil Menon
 
PPTX
HSRP ccna
MohamedJafar5
 
PPT
Nat pat
CYBERINTELLIGENTS
 
PDF
Cisco ospf
sarasanandam
 
PDF
IPv6 Address Planning
APNIC
 
DOCX
How to configure vlan, stp, dtp step by step guide
IT Tech
 
PPTX
CCNA v6.0 ITN - Chapter 07
Irsandi Hasan
 
PPTX
Dhcp
Chinmoy Jena
 
PPT
CCNA PPT
Reetesh Gupta
 
PPT
CCNA IP Addressing
Dsunte Wilson
 
ODP
Dhcp presentation
Indian Institute of Technology, Bombay
 
PPTX
Chapter 15 : routing concepts
teknetir
 
Spanning tree protocol
Muuluu
 
Dhcp
Tapan Khilar
 
CCNP Switching Chapter 1
Chaing Ravuth
 
CCNA v6.0 ITN - Chapter 08
Irsandi Hasan
 
DHCP Protocol
Mohammed Hisham
 
Ccnp presentation [Day 1-3] Class
SagarR24
 
Bgp
Febrian ‎
 
CCNA 2 Routing and Switching v5.0 Chapter 9
Nil Menon
 
CCNA 2 Routing and Switching v5.0 Chapter 11
Nil Menon
 
HSRP ccna
MohamedJafar5
 
Nat pat
CYBERINTELLIGENTS
 
Cisco ospf
sarasanandam
 
IPv6 Address Planning
APNIC
 
How to configure vlan, stp, dtp step by step guide
IT Tech
 
CCNA v6.0 ITN - Chapter 07
Irsandi Hasan
 
Dhcp
Chinmoy Jena
 
CCNA PPT
Reetesh Gupta
 
CCNA IP Addressing
Dsunte Wilson
 
Dhcp presentation
Indian Institute of Technology, Bombay
 
Chapter 15 : routing concepts
teknetir
 
Ad

Similar to IPv6 address-planning (20)

PPT
Cisco presentation2
ehsan nazer
 
PPT
IPv4 adressing
AssemNazirova2
 
PDF
Apnic-Training-IPv6_workshop
Nguyen Minh Thu
 
PPT
Apnic V6 Tutorial Distribution
Ali_Ahmad
 
PDF
Americas Headquarters IPv6 Addressing White Paper IPv6 Introduction
Scott Faria
 
PPS
Lesson 3: IPv6 Fundamentals
Mahmmoud Mahdi
 
PPTX
ITN_Module_12.pptx
seare1
 
PPTX
IPv6 Addressing Architecture
Shreehari Dhat
 
PDF
IPv6 Address Planning
Deploy360 Programme (Internet Society)
 
PPTX
Fundamental of Internet Protocol version 6.pptx
ShasikantaM
 
PPTX
what/why/how of IPv6 || 2002:3239:43c3::1
Anshu Prateek
 
PPT
IPv6 networking training sduffy v3
Shane Duffy
 
PPT
IPv6
Talal Alsubaie
 
PPT
Chapter13ccna
ernestlithur
 
PPT
Chapter13ccna
robertoxe
 
PPTX
Get Ready For Ipv6
Rishu Mehra
 
PPTX
Get Ready For Ipv6
technext1
 
PDF
IPv6 Overview
William Lee
 
PDF
IPv6 Address Planning
smarthosein
 
PDF
IPv6
Deepraj Bhujel
 
Cisco presentation2
ehsan nazer
 
IPv4 adressing
AssemNazirova2
 
Apnic-Training-IPv6_workshop
Nguyen Minh Thu
 
Apnic V6 Tutorial Distribution
Ali_Ahmad
 
Americas Headquarters IPv6 Addressing White Paper IPv6 Introduction
Scott Faria
 
Lesson 3: IPv6 Fundamentals
Mahmmoud Mahdi
 
ITN_Module_12.pptx
seare1
 
IPv6 Addressing Architecture
Shreehari Dhat
 
IPv6 Address Planning
Deploy360 Programme (Internet Society)
 
Fundamental of Internet Protocol version 6.pptx
ShasikantaM
 
what/why/how of IPv6 || 2002:3239:43c3::1
Anshu Prateek
 
IPv6 networking training sduffy v3
Shane Duffy
 
IPv6
Talal Alsubaie
 
Chapter13ccna
ernestlithur
 
Chapter13ccna
robertoxe
 
Get Ready For Ipv6
Rishu Mehra
 
Get Ready For Ipv6
technext1
 
IPv6 Overview
William Lee
 
IPv6 Address Planning
smarthosein
 
IPv6
Deepraj Bhujel
 
Ad

Recently uploaded (20)

PPT
Introduction to dns domain name syst.ppt
MUHAMMADKAVISHSHABAN
 
PDF
LB# 820-1889_051-7370_C000.schematic.pdf
matheusalbuquerqueco3
 
PDF
BGP Security Best Practices that Matter, presented at PHNOG 2025
APNIC
 
PPTX
Slides Powerpoint: Eco Economic Epochs.pptx
Steven McGee
 
PDF
The Internet of Things (IoT) refers to a vast network of interconnected devic...
chethana8182
 
PDF
DNSSEC Made Easy, presented at PHNOG 2025
APNIC
 
PPTX
Microsoft PowerPoint Student PPT slides.pptx
Garleys Putin
 
PPTX
B2B_Ecommerce_Internship_Simranpreet.pptx
LipakshiJindal
 
PPTX
AI ad its imp i military life read it ag
ShwetaBharti31
 
PPTX
Artificial-Intelligence-in-Daily-Life (2).pptx
nidhigoswami335
 
PDF
Data Protection & Resilience in Focus.pdf
AmyPoblete3
 
PPTX
The Latest Scam Shocking the USA in 2025.pptx
onlinescamreport4
 
PPTX
Black Yellow Modern Minimalist Elegant Presentation.pptx
nothisispatrickduhh
 
PPT
Transformaciones de las funciones elementales.ppt
rirosel211
 
PDF
LOGENVIDAD DANNYFGRETRRTTRRRTRRRRRRRRR.pdf
juan456ytpro
 
PPTX
LESSON-2-Roles-of-ICT-in-Teaching-for-learning_123922 (1).pptx
renavieramopiquero
 
PPTX
Unlocking Hope : How Crypto Recovery Services Can Reclaim Your Lost Funds
lionsgate network
 
PDF
Slides: PDF Eco Economic Epochs for World Game (s) pdf
Steven McGee
 
PPTX
Blue and Dark Blue Modern Technology Presentation.pptx
ap177979
 
PDF
UI/UX Developer Guide: Tools, Trends, and Tips for 2025
Penguin peak
 
Introduction to dns domain name syst.ppt
MUHAMMADKAVISHSHABAN
 
LB# 820-1889_051-7370_C000.schematic.pdf
matheusalbuquerqueco3
 
BGP Security Best Practices that Matter, presented at PHNOG 2025
APNIC
 
Slides Powerpoint: Eco Economic Epochs.pptx
Steven McGee
 
The Internet of Things (IoT) refers to a vast network of interconnected devic...
chethana8182
 
DNSSEC Made Easy, presented at PHNOG 2025
APNIC
 
Microsoft PowerPoint Student PPT slides.pptx
Garleys Putin
 
B2B_Ecommerce_Internship_Simranpreet.pptx
LipakshiJindal
 
AI ad its imp i military life read it ag
ShwetaBharti31
 
Artificial-Intelligence-in-Daily-Life (2).pptx
nidhigoswami335
 
Data Protection & Resilience in Focus.pdf
AmyPoblete3
 
The Latest Scam Shocking the USA in 2025.pptx
onlinescamreport4
 
Black Yellow Modern Minimalist Elegant Presentation.pptx
nothisispatrickduhh
 
Transformaciones de las funciones elementales.ppt
rirosel211
 
LOGENVIDAD DANNYFGRETRRTTRRRTRRRRRRRRR.pdf
juan456ytpro
 
LESSON-2-Roles-of-ICT-in-Teaching-for-learning_123922 (1).pptx
renavieramopiquero
 
Unlocking Hope : How Crypto Recovery Services Can Reclaim Your Lost Funds
lionsgate network
 
Slides: PDF Eco Economic Epochs for World Game (s) pdf
Steven McGee
 
Blue and Dark Blue Modern Technology Presentation.pptx
ap177979
 
UI/UX Developer Guide: Tools, Trends, and Tips for 2025
Penguin peak
 

IPv6 address-planning

  • 1. IPv6 Address PlanningTim Martin CCIE #2020 Solutions Architect Spring 2016
  • 2. Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved. Agenda •  Strategic Planning Steps •  IPv6 Address Planning •  Exercise •  Conclusion
  • 4. Architectural Model Planning and coordination is required from many across the organization, including … v  Network engineers & operators v  Security engineers v  Application developers v  Desktop / Server engineers v  Web hosting / content developers v  Business development managers v  …
  • 5. v  Create a project team & plan v  Identify business value, requirements & impacts v  Assess equipment & applications for IPv6 v  Begin training & develop training plan v  Develop the architectural solution v  Obtain a prefix and build the address plan v  Define an exception process for legacy systems v  Update the security policy v  Deploy IPv6 trials in the network v  Test and monitor your deployment IPv6 Planning Steps Outline
  • 6. 340,282,366,920,938,463,463,374,607,431,768,211,456 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456 So How Big Is The IPv6 Address Space? §  Lot’s of talk about how big, it’s BIG, do NOT worry about waste §  Theoretical vs. Practical, split the 128 bits in half §  64 bits will define the network topology, 64 bits define the host id 18,446,744,073,709,600,000 IPv6 addresses /64 (31,536,000 seconds/yr * 10,000,000 IPv6 addresses/second) 18,446,744,073,709,600,000 / 315,360,000,000,000 = 58,494 years - Ed Horley
  • 7. IPv6 Addressing IPv6 Address Family Multicast AnycastUnicast Assigned Solicited Node Unique Local Link Local Global Special Embedded *IPv6 does not use broadcast addressing Well Known Temp
  • 8. Hexadecimal, it’s really not that difficult Widely used in computing and programming Hex is a base 16 numerical system Typicaly expressd by 0x, i.e 0x34 Every nibble is a Hex character 4 bits have 16 combinations Easier than high school algebra 256’s |16’s | 1’s 3 4 a c 2 4 d 100s | 10’s | 1’s 0 5 2 1 7 2 5 8 9
  • 9. IPv6 Address Format IPv6 addresses are 128 bits long (32 hex characters) 8 groups (words, quad’s) of 16 bits separated by (:) Network or topology portion is the prefix Includes the “subnet” Host PortionNetwork Portion 2001 : 0db8 : 0100 : 1111 : 0000 : 0000 : 0000 : 0001 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits Host IdSubnet IdGlobal Route Prefix 2001:0db8:0100:1111:0000:0000:0000:0001
  • 10. Abbreviating IPv6 Addresses (RFC5952) Leading 0’s can be omitted The double colon (::) can appear only once 2001:0db8:0000: :0000:0000:0000:1e2a00a4 Full Format 2001:db8:0: :0:0:0:1e2aa4 Abbreviated Formats 2001:db8:0: ::1e2aa4
  • 11. Unicast IPv6 Address Types Link-Local – Non routable exists on single layer 2 domain (fe80::/10) fe80:0000:0000:0000 :: xxxx:xxxx:xxxx:xxxx fc00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: fd00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: Unique-Local – Routable within administrative domain (fc00::/7) 2000:NNNN:NNNN HHHH:HHHH:HHHH:HHHH Global – Routable across the Internet (2000::/3) :SSSS: 3fff:NNNN:NNNN HHHH:HHHH:HHHH:HHHH:SSSS:
  • 12. •  Recommended Alloca,ons •  Consumer, SMB /56 /60 /64 •  Municipal Government, Enterprise, Single AS /40 /44 /48 •  State Governments, Universi,es (LIR) /32 /36 /40 •  Addressing Plan, Site Count •  IPv4 Allocation, Multi-homed ISP • 1 - 12 sites, a /44 assignment • 13 - 192 sites, a /40 assignment • 193 - 3,072 sites, a /36 assignment • 3,073 - 49,152 sites, a /32 assignment Registries Level FourEntity IANA ISP Org PA /48 2000::/3 /12 /32 2000::/3 /48 /12 PI /32 /48 RIPE Global Address Assignment Subordinate
  • 13. •  PA or PI from each region you operate in •  Coordination of advertised space within each RIR, policy will vary •  Most run PI from primary region Multi-national Model
  • 14. Prefix Length Considerations Pt 2 Pt /127 WAN Core /64 or /127 Servers /64 Hosts /64 Loopback /128 •  Anywhere a host exists /64 •  Point to Point /127 Should not use all 0’s or 1’s in the host portion Nodes 1&2 are not in the same subnet •  Loopback or Anycast /128 •  RFC 7421 /64 is here •  RFC 6164 /127 cache exhaust
  • 16. 1.  Keep it SIMPLE §  You don’t want to spend weeks explaining it! 2.  Embed information to help operations §  To help troubleshooting and operation of the network §  Examples: location, country, PIN, VLAN, IPv4 info addresses 3.  Plan for expansion (build in reserve) §  Cater for future growth, mergers & acquisitions, new locations §  Reserved vs. assigned 4.  Exploit hierarchy / aggregation §  Good aggregation is essential, just one address block (per location) §  Ensures scalability and stability 4 Rules 2001:420:1234::/48 2001:420:1234:0100:/56 2001:420:1234:0200:/56 2001:420:1234:0400:/562001:420:1234:0300:/56 2001:420:1234:0500:/56 …
  • 17. §  Structure §  Prefix sizing §  Information encoding §  Infrastructure addressing Methodology
  • 18. §  How many prefixes will you need at each level of the addressing plan §  Example: a BNG can handle 64000 subscribers = 64000 IPv6 prefixes §  Example: the number of interconnects (P2P) in your network §  As always, put aside a reserve! §  How many /64 prefixes (subnets) you need to deploy at a location §  I.E: desktops, WIFI, guestnet, sensors, CCTV, network infrastructure, etc.. §  As always, put aside a reserve! §  Don’t worry about the number of hosts §  We have more than 254 of IPv6 addresses for hosts :’) Methodology (2) – Number of Prefixes per Level
  • 19. Example - How Many Subnets in a Location? •  Follow the logical flow –  How many subnets in each location? –  What does sit under infrastructure? –  How many point-to-point links? –  Where is the reserve? /52 Infrastructure /48 location /56 Interconnects /56 Loopbacks 256x /64 P2P links 256x /64 Loopbacks /128 per Loopback /52 Desktops /52 Wireless /52 etc. /127 per P2P link /56 reserve /56 reserve ...
  • 20. §  Remember transition mechanisms – these will have specific address format requirements §  ISATAP §  NAT64 (/96) §  6rd, MAP §  Possible encoding of information in particular portions of the IPv6 prefix §  Places In the Network (PINs) §  VLANs in the prefix §  VLAN 4096 à 2001:db8:1234:4096::/64 (alternatively in hex J) §  The whole IPv4 address or just a portion §  consider this carefully – trade-off between linkage vs. independence §  IPv4 address 10.0.13.1 à 2001:db8:1234:100::10:0:13:1 §  Router IDs in the Interface Identifier / IPv4 in Link-Local §  Consider security implications! Methodology (3) – Information Encoding
  • 21. Methodology (4) – Infrastructure Addressing 1. •  First recommendations: configure /64, /112 or /126 •  RFC 3627, September 2003 – /127 considered harmful •  moved to historic by RFC 6547 (Feb. 2012) •  Since April 2011, RFC 6164 recommends /127 on inter-router (P2P) links •  Current recommendation /64, /126 or /127 •  /127 mitigates ND exhaustion attacks •  Allocate /64 from a block (e.g. /56) for infrastructure links but configure /127 •  Example: 2001:db8:1234:1::0/127 and 2001:db8:1234:1::1/127 •  What about offsetting the suffix •  2001:db8:1234:1::a/127 •  2001:db8:1234:1::b/127 •  You must follow the /127 subnet rule!!! 2001:db8:1234:1::A/127 2001:db8:1234:1::B/127 R2R1 21
  • 22. Methodology (4) – Infrastructure Addressing 2. •  E.g. Dedicate /56 for Loopback addresses per location •  Allocate /64 per Loopback but configure /128 •  Example: 2001:420:1234:100:1::1/128 and 2001:420:1234:101:1::1/128 •  Avoid a potential overlap with Embedded RP addresses •  Remember to check how many Longest Prefix Matches (LPM) [/128] your network devices can carry •  Does not always equal the total number of supported IPv6 prefixes Loopbacks 22
  • 23. Example of an IPv6 Prefix Allocation (Cisco) /40 - /44 per Site Upto 256 Buildings per Site Site = Campus 13th Nibble = PIN /52 per PIN (4096 Subnets / PIN) PIN = Place In the Network A framework to classify network roles e.g. Lab, Desktop, DC, DMZ etc /48 per Building/FSO (16 PINs per Building/FSO) FSO = Field Sales Office /37 - /39 per Sub-Region /35 - /36 per Region Global Level 2001:420::/32 Using /34 with 50% spares For Your Reference
  • 24. Example of an IPv6 Prefix Allocation (ISP) /30 /30 for Subscribers /32 for Internal Addressing /36 per PoP /32 for Private Addressing /32 for External Addressing (non-Subsribers) /32 as a reserve /56 per Subscriber /40 for Enterprise DC External /40 for Enterprise Infrastructure External /40 for Enterprise Campus External /29 from RIPE /40 for Core Network External Services /40 for Core Network Internal Services /40 for Enterprise DC Internal /64 for Loopbacks (/128s) /40 for Enterprise Campus External /40 per BNG For Your Reference
  • 26. •  Methods •  Follow IPv4 (/24 only), Organizational, Location, Function based •  Hierarchy is key (A /48 example) •  Bit twiddle's dream (16 bit subnet strategy) •  4 or 8 bits = (16 or 256) Regions (states, counties, agencies, etc..) •  4 or 8 more bits = (16 or 256) Sub Levels within those Regions •  4 more bits = (16) Traffic Types (Admin, Guest, Telephony, Video, etc..) •  Cisco IPv6 Addressing White Paper •  http://www.cisco.com/go/IPv6 •  Monotonically (1000, 2000, 3000, etc.) vs. Sparse (0000, 4000, 8000, c000 ) Building the IPv6 Address Plan 26
  • 27. §  European-wide conglomerate in the food and consumables sector. §  Has presence in about 19 countries expected to grow to about 37 §  They also have a sister company (ACME ISP) which is providing European-wide telecommunications services. ACME Enterprise
  • 28. §  ACME has grown organically through a policy of acquisitions and mergers over the past few years. §  Use of private (RFC 1918) and/or illegal IPv4 address blocks, NAT is widely used. This is negatively impacting the behaviour of some enterprise applications. §  ACME has decided to strategically deploy IPv6 within the ACME enterprise network. This will enable applications and services to be moved from IPv4 to IPv6 on a case-by-case basis §  For its WAN connectivity, ACME enterprise uses the MPLS VPN service offered by ACME ISP. ACME Enterprise Current State of the Network
  • 29. §  ACME ISP is a RIPE member and have been allocated a /19 IPv6 address block. ACME Enterprise has been provided 2014:1b2::/32 from its ISP. ACME ISP will be interconnecting all the IPv6 locations of the ACME enterprise network. §  The most important requirements for the IPv6 addressing design are for it to be highly hierarchical, uniform and scalable. This will greatly simplify the design, operation and troubleshooting of the network. ACME Enterprise IPv6 High Level Requirements
  • 30. §  As a general rule, ACME would like to use byte (8-bit)-boundaries between the different hierarchies of the IPv6 addressing. HINT!!! §  At the first level, the addressing scheme needs to support at least 37 countries (HINT!!!). Also some address blocks should be reserved for future growth in the larger countries. §  At the second level (within each country), there are a number of campus locations. It is at this level that connectivity into the ACME ISP network is provided. The largest country has about 40 campus locations (HINT!!!). ACME Enterprise Detail Requirements
  • 31. §  At the third level (within each campus location), the number of buildings within each campus (4-6 maximum). Therefore, allocating these blocks on a byte boundary is deemed as overkill. A nibble (4-bit) boundary will suffice here. HINT!!! §  A separate “virtual building” address block needs to be set aside for network infrastructure addressing within that campus location. §  At the forth level (within each building), individual IPv6 subnets need to be assigned to individual VLANs. §  An additional requirement is to divide up the network infrastructure block in ranges for loopback, link and network services addressing. ACME Enterprise Detail Requirements (Cont.)
  • 32. §  Design an IPv6 address plan for ACME enterprise applying with what you have learned in this session and the mentioned HINTS. §  Work top-down through the address plan. §  Focus first on the end-system addressing. §  Think about the network infrastructure addressing §  There are multiple acceptable solutions, it’s more important to think about the problem and apply the methodology. Building An Address Plan For ACME Enterprise (Tasks)
  • 34. ACME Enterprise IPv6 Addressing Exercise /64 4096 /48
  • 37. Cisco IPv6 Services A Phased-Plan Approach for Successful IPv6 Adoption IPv6 Assessment Service •  Determine how your network needs to change to support your IPv6 strategy IPv6 Discovery Service •  Guidance in the early stages of considering a transition to IPv6 IPv6 Planning and Design Service •  Designs, transition strategy, and support to enable a smooth migration IPv6 Implementation Service •  Validation testing and implementation consulting services Network Optimization Service •  Absorb, manage, and scale IPv6 in your environment
  • 38. •  Gain Operational Experience now •  IPv6 is already here and running well •  Control IPv6 traffic as you would IPv4 •  “Poke” your Provider’s •  Lead your OT/LOB’s into the Internet Key Take Away