A Hitch of IPv6 Space Delegation to End Users

Information Technology — Tags: , — Антон Марчуков @ 04.06.11 1:50

In my opinion IPv6 is well designed protocol accounting the problems of IPv4 and incorporating nice features of older protocols such as IPX. The design and the vision is pretty good explained in the corresponding RFCs. Small example is RFC 6177. I had a hope that there will not be a problem with lack of IP addresses and complex NAT translations anymore. But now I see that I might be wrong. And it is not due to IPv6 being poorly designed, it is due to the people who deploy it still thinking in v4 terms.

Few examples that I met so far:

Hosting provider giving /64 subnet for the use on the dedicated server.
/64 is a network with 18446744073709551616 hosts in it, sounds enough right? Wrong. Because IPv6 is all about routing. I can and I would want to have virtual machines on a dedicated server. I need to pass IPv6 addresses to them, but here I cannot route and should have a bridge with physical host interface added to it. But I want to have another network routed to me instead, so I can route it on the host to the virtual machines and have a firewall there. Just because there is no NAT anymore.
Discussion on Russian ISP forum about the fact that /64 is too much for end users (/128 should be enough, yeah). Or well if SLAAC will not work otherwise then /64 is a maximum that should be given.
Actually /64 is a minimal prefix for a unicast address in IPv6 and such a network has 18446744073709551616 hosts not because somebody will have one network with that many hosts, but to make SLAAC working. It is not a waste of the resources. it is just designed this way. And also there is no reason to assume that only one network is needed at home. It is only because in IPv4 it is hard to have several routed networks at home, but with IPv6 it is not hard at all. I would want to have one network for me and one for the guests or one for wireless and one for wired and I would want some separate DMZ network for “production services” like my VoIP phone. And I will want to have all those networks routed to me, because there is no NAT anymore. /32 that LIR receives has 16777216 of /56 networks, if somebody is lucky to have more than that customers it is possible to get another /32 for 16777216 more. Not much reasons not to give /56 to the end users. And those end users should not be better computer experts to manage it than now. Soap-box SOHO routers can do NAT right now. Manufacturing of SOHO routers that can route and firewall is no way harder, it is just was not common in IPv4.

No comments yet.

Leave a comment

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.
(c) 2017 Anton Martchukov's Weblog | powered by WordPress with Barecity