SlideShare a Scribd company logo

IPv6 address-planning

Tim Martin, profile picture
Tim Martin

1. The document provides guidance on strategically planning and designing an IPv6 address plan for a large multi-national enterprise called ACME. 2. It outlines the requirements including supporting up to 37 countries and 40 campus locations within the largest country. The plan should be highly hierarchical, uniform and scalable. 3. Byte boundaries are recommended between hierarchy levels to support many countries, with nibble boundaries between buildings within campuses given fewer buildings. The plan should include infrastructure addressing.

Internet
1 of 39
Downloaded 45 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
IPv6 Address PlanningTim Martin CCIE #2020 Solutions Architect Spring 2016
Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved. Agenda •  Strategic Planning Steps •  IPv6 Address Planning •  Exercise •  Conclusion
IPv6 Strategic Planning
Architectural Model Planning and coordination is required from many across the organization, including … v  Network engineers & operators v  Security engineers v  Application developers v  Desktop / Server engineers v  Web hosting / content developers v  Business development managers v  …
v  Create a project team & plan v  Identify business value, requirements & impacts v  Assess equipment & applications for IPv6 v  Begin training & develop training plan v  Develop the architectural solution v  Obtain a prefix and build the address plan v  Define an exception process for legacy systems v  Update the security policy v  Deploy IPv6 trials in the network v  Test and monitor your deployment IPv6 Planning Steps Outline
340,282,366,920,938,463,463,374,607,431,768,211,456 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456 So How Big Is The IPv6 Address Space? §  Lot’s of talk about how big, it’s BIG, do NOT worry about waste §  Theoretical vs. Practical, split the 128 bits in half §  64 bits will define the network topology, 64 bits define the host id 18,446,744,073,709,600,000 IPv6 addresses /64 (31,536,000 seconds/yr * 10,000,000 IPv6 addresses/second) 18,446,744,073,709,600,000 / 315,360,000,000,000 = 58,494 years - Ed Horley
IPv6 Addressing IPv6 Address Family Multicast AnycastUnicast Assigned Solicited Node Unique Local Link Local Global Special Embedded *IPv6 does not use broadcast addressing Well Known Temp
Hexadecimal, it’s really not that difficult Widely used in computing and programming Hex is a base 16 numerical system Typicaly expressd by 0x, i.e 0x34 Every nibble is a Hex character 4 bits have 16 combinations Easier than high school algebra 256’s |16’s | 1’s 3 4 a c 2 4 d 100s | 10’s | 1’s 0 5 2 1 7 2 5 8 9
IPv6 Address Format IPv6 addresses are 128 bits long (32 hex characters) 8 groups (words, quad’s) of 16 bits separated by (:) Network or topology portion is the prefix Includes the “subnet” Host PortionNetwork Portion 2001 : 0db8 : 0100 : 1111 : 0000 : 0000 : 0000 : 0001 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits Host IdSubnet IdGlobal Route Prefix 2001:0db8:0100:1111:0000:0000:0000:0001
Abbreviating IPv6 Addresses (RFC5952) Leading 0’s can be omitted The double colon (::) can appear only once 2001:0db8:0000: :0000:0000:0000:1e2a00a4 Full Format 2001:db8:0: :0:0:0:1e2aa4 Abbreviated Formats 2001:db8:0: ::1e2aa4
Unicast IPv6 Address Types Link-Local – Non routable exists on single layer 2 domain (fe80::/10) fe80:0000:0000:0000 :: xxxx:xxxx:xxxx:xxxx fc00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: fd00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: Unique-Local – Routable within administrative domain (fc00::/7) 2000:NNNN:NNNN HHHH:HHHH:HHHH:HHHH Global – Routable across the Internet (2000::/3) :SSSS: 3fff:NNNN:NNNN HHHH:HHHH:HHHH:HHHH:SSSS:
•  Recommended Alloca,ons •  Consumer, SMB /56 /60 /64 •  Municipal Government, Enterprise, Single AS /40 /44 /48 •  State Governments, Universi,es (LIR) /32 /36 /40 •  Addressing Plan, Site Count •  IPv4 Allocation, Multi-homed ISP • 1 - 12 sites, a /44 assignment • 13 - 192 sites, a /40 assignment • 193 - 3,072 sites, a /36 assignment • 3,073 - 49,152 sites, a /32 assignment Registries Level FourEntity IANA ISP Org PA /48 2000::/3 /12 /32 2000::/3 /48 /12 PI /32 /48 RIPE Global Address Assignment Subordinate
•  PA or PI from each region you operate in •  Coordination of advertised space within each RIR, policy will vary •  Most run PI from primary region Multi-national Model
Prefix Length Considerations Pt 2 Pt /127 WAN Core /64 or /127 Servers /64 Hosts /64 Loopback /128 •  Anywhere a host exists /64 •  Point to Point /127 Should not use all 0’s or 1’s in the host portion Nodes 1&2 are not in the same subnet •  Loopback or Anycast /128 •  RFC 7421 /64 is here •  RFC 6164 /127 cache exhaust
IPv6 Address Planning
1.  Keep it SIMPLE §  You don’t want to spend weeks explaining it! 2.  Embed information to help operations §  To help troubleshooting and operation of the network §  Examples: location, country, PIN, VLAN, IPv4 info addresses 3.  Plan for expansion (build in reserve) §  Cater for future growth, mergers & acquisitions, new locations §  Reserved vs. assigned 4.  Exploit hierarchy / aggregation §  Good aggregation is essential, just one address block (per location) §  Ensures scalability and stability 4 Rules 2001:420:1234::/48 2001:420:1234:0100:/56 2001:420:1234:0200:/56 2001:420:1234:0400:/562001:420:1234:0300:/56 2001:420:1234:0500:/56 …
§  Structure §  Prefix sizing §  Information encoding §  Infrastructure addressing Methodology
§  How many prefixes will you need at each level of the addressing plan §  Example: a BNG can handle 64000 subscribers = 64000 IPv6 prefixes §  Example: the number of interconnects (P2P) in your network §  As always, put aside a reserve! §  How many /64 prefixes (subnets) you need to deploy at a location §  I.E: desktops, WIFI, guestnet, sensors, CCTV, network infrastructure, etc.. §  As always, put aside a reserve! §  Don’t worry about the number of hosts §  We have more than 254 of IPv6 addresses for hosts :’) Methodology (2) – Number of Prefixes per Level
Example - How Many Subnets in a Location? •  Follow the logical flow –  How many subnets in each location? –  What does sit under infrastructure? –  How many point-to-point links? –  Where is the reserve? /52 Infrastructure /48 location /56 Interconnects /56 Loopbacks 256x /64 P2P links 256x /64 Loopbacks /128 per Loopback /52 Desktops /52 Wireless /52 etc. /127 per P2P link /56 reserve /56 reserve ...
§  Remember transition mechanisms – these will have specific address format requirements §  ISATAP §  NAT64 (/96) §  6rd, MAP §  Possible encoding of information in particular portions of the IPv6 prefix §  Places In the Network (PINs) §  VLANs in the prefix §  VLAN 4096 à 2001:db8:1234:4096::/64 (alternatively in hex J) §  The whole IPv4 address or just a portion §  consider this carefully – trade-off between linkage vs. independence §  IPv4 address 10.0.13.1 à 2001:db8:1234:100::10:0:13:1 §  Router IDs in the Interface Identifier / IPv4 in Link-Local §  Consider security implications! Methodology (3) – Information Encoding
Methodology (4) – Infrastructure Addressing 1. •  First recommendations: configure /64, /112 or /126 •  RFC 3627, September 2003 – /127 considered harmful •  moved to historic by RFC 6547 (Feb. 2012) •  Since April 2011, RFC 6164 recommends /127 on inter-router (P2P) links •  Current recommendation /64, /126 or /127 •  /127 mitigates ND exhaustion attacks •  Allocate /64 from a block (e.g. /56) for infrastructure links but configure /127 •  Example: 2001:db8:1234:1::0/127 and 2001:db8:1234:1::1/127 •  What about offsetting the suffix •  2001:db8:1234:1::a/127 •  2001:db8:1234:1::b/127 •  You must follow the /127 subnet rule!!! 2001:db8:1234:1::A/127 2001:db8:1234:1::B/127 R2R1 21
Methodology (4) – Infrastructure Addressing 2. •  E.g. Dedicate /56 for Loopback addresses per location •  Allocate /64 per Loopback but configure /128 •  Example: 2001:420:1234:100:1::1/128 and 2001:420:1234:101:1::1/128 •  Avoid a potential overlap with Embedded RP addresses •  Remember to check how many Longest Prefix Matches (LPM) [/128] your network devices can carry •  Does not always equal the total number of supported IPv6 prefixes Loopbacks 22
Example of an IPv6 Prefix Allocation (Cisco) /40 - /44 per Site Upto 256 Buildings per Site Site = Campus 13th Nibble = PIN /52 per PIN (4096 Subnets / PIN) PIN = Place In the Network A framework to classify network roles e.g. Lab, Desktop, DC, DMZ etc /48 per Building/FSO (16 PINs per Building/FSO) FSO = Field Sales Office /37 - /39 per Sub-Region /35 - /36 per Region Global Level 2001:420::/32 Using /34 with 50% spares For Your Reference
Example of an IPv6 Prefix Allocation (ISP) /30 /30 for Subscribers /32 for Internal Addressing /36 per PoP /32 for Private Addressing /32 for External Addressing (non-Subsribers) /32 as a reserve /56 per Subscriber /40 for Enterprise DC External /40 for Enterprise Infrastructure External /40 for Enterprise Campus External /29 from RIPE /40 for Core Network External Services /40 for Core Network Internal Services /40 for Enterprise DC Internal /64 for Loopbacks (/128s) /40 for Enterprise Campus External /40 per BNG For Your Reference
Exercise
•  Methods •  Follow IPv4 (/24 only), Organizational, Location, Function based •  Hierarchy is key (A /48 example) •  Bit twiddle's dream (16 bit subnet strategy) •  4 or 8 bits = (16 or 256) Regions (states, counties, agencies, etc..) •  4 or 8 more bits = (16 or 256) Sub Levels within those Regions •  4 more bits = (16) Traffic Types (Admin, Guest, Telephony, Video, etc..) •  Cisco IPv6 Addressing White Paper •  http://www.cisco.com/go/IPv6 •  Monotonically (1000, 2000, 3000, etc.) vs. Sparse (0000, 4000, 8000, c000 ) Building the IPv6 Address Plan 26
§  European-wide conglomerate in the food and consumables sector. §  Has presence in about 19 countries expected to grow to about 37 §  They also have a sister company (ACME ISP) which is providing European-wide telecommunications services. ACME Enterprise
§  ACME has grown organically through a policy of acquisitions and mergers over the past few years. §  Use of private (RFC 1918) and/or illegal IPv4 address blocks, NAT is widely used. This is negatively impacting the behaviour of some enterprise applications. §  ACME has decided to strategically deploy IPv6 within the ACME enterprise network. This will enable applications and services to be moved from IPv4 to IPv6 on a case-by-case basis §  For its WAN connectivity, ACME enterprise uses the MPLS VPN service offered by ACME ISP. ACME Enterprise Current State of the Network
§  ACME ISP is a RIPE member and have been allocated a /19 IPv6 address block. ACME Enterprise has been provided 2014:1b2::/32 from its ISP. ACME ISP will be interconnecting all the IPv6 locations of the ACME enterprise network. §  The most important requirements for the IPv6 addressing design are for it to be highly hierarchical, uniform and scalable. This will greatly simplify the design, operation and troubleshooting of the network. ACME Enterprise IPv6 High Level Requirements
§  As a general rule, ACME would like to use byte (8-bit)-boundaries between the different hierarchies of the IPv6 addressing. HINT!!! §  At the first level, the addressing scheme needs to support at least 37 countries (HINT!!!). Also some address blocks should be reserved for future growth in the larger countries. §  At the second level (within each country), there are a number of campus locations. It is at this level that connectivity into the ACME ISP network is provided. The largest country has about 40 campus locations (HINT!!!). ACME Enterprise Detail Requirements
§  At the third level (within each campus location), the number of buildings within each campus (4-6 maximum). Therefore, allocating these blocks on a byte boundary is deemed as overkill. A nibble (4-bit) boundary will suffice here. HINT!!! §  A separate “virtual building” address block needs to be set aside for network infrastructure addressing within that campus location. §  At the forth level (within each building), individual IPv6 subnets need to be assigned to individual VLANs. §  An additional requirement is to divide up the network infrastructure block in ranges for loopback, link and network services addressing. ACME Enterprise Detail Requirements (Cont.)
§  Design an IPv6 address plan for ACME enterprise applying with what you have learned in this session and the mentioned HINTS. §  Work top-down through the address plan. §  Focus first on the end-system addressing. §  Think about the network infrastructure addressing §  There are multiple acceptable solutions, it’s more important to think about the problem and apply the methodology. Building An Address Plan For ACME Enterprise (Tasks)
Conclusion
ACME Enterprise IPv6 Addressing Exercise /64 4096 /48
IPv6 address-planning
Recommended Reading
Cisco IPv6 Services A Phased-Plan Approach for Successful IPv6 Adoption IPv6 Assessment Service •  Determine how your network needs to change to support your IPv6 strategy IPv6 Discovery Service •  Guidance in the early stages of considering a transition to IPv6 IPv6 Planning and Design Service •  Designs, transition strategy, and support to enable a smooth migration IPv6 Implementation Service •  Validation testing and implementation consulting services Network Optimization Service •  Absorb, manage, and scale IPv6 in your environment
•  Gain Operational Experience now •  IPv6 is already here and running well •  Control IPv6 traffic as you would IPv4 •  “Poke” your Provider’s •  Lead your OT/LOB’s into the Internet Key Take Away
IPv6 address-planning

More Related Content

PDF
Cisco IPv6 Tutorial
kriz5
 
PPTX
CCNA 2 Routing and Switching v5.0 Chapter 6
Nil Menon
 
PPTX
CCNA2 Verson6 Chapter6
Chaing Ravuth
 
PDF
Eigrp.ppt
Edgardo Scrimaglia
 
PDF
MPLS L3 VPN Deployment
APNIC
 
PDF
Policy Based Routing (PBR)
KHNOG
 
PDF
Implementing cisco mpls
Matiullah Jamil
 
PDF
MPLS Deployment Chapter 1 - Basic
Ericsson
 
Cisco IPv6 Tutorial
kriz5
 
CCNA 2 Routing and Switching v5.0 Chapter 6
Nil Menon
 
CCNA2 Verson6 Chapter6
Chaing Ravuth
 
Eigrp.ppt
Edgardo Scrimaglia
 
MPLS L3 VPN Deployment
APNIC
 
Policy Based Routing (PBR)
KHNOG
 
Implementing cisco mpls
Matiullah Jamil
 
MPLS Deployment Chapter 1 - Basic
Ericsson
 

What's hot (20)

PDF
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Bruno Teixeira
 
PDF
IPv6 Address Planning
APNIC
 
PDF
MPLS Concepts and Fundamentals
Shawn Zandi
 
PDF
Nokia L3 VPN Configuration Guide
Abel Saduwa
 
PDF
IPv6 Address Planning
Deploy360 Programme (Internet Society)
 
PPTX
IS-IS Protocol Introduction
NetProtocol Xpert
 
PPT
BGP protocol presentation
Gorantla Mohanavamsi
 
PPTX
CCNP ROUTE V7 CH5
Chaing Ravuth
 
PPTX
Chapter 17 : static routing
teknetir
 
PDF
MPLS Presentation
Unni Kannan VijayaKumar
 
PPTX
CCNA 200-301 Chapter 1-Introduction to TCP IP Networking.pptx
BabarYunus1
 
PDF
Ospf.ppt
Edgardo Scrimaglia
 
PPTX
Advanced computer network
Trinity Dwarka
 
PPT
Mpls
Fasih Rehman
 
PPTX
MPLS Layer 3 VPN
NetProtocol Xpert
 
PPT
Deploying Carrier Ethernet features on ASR 9000
Vinod Kumar Balasubramanyam
 
PDF
01 introduction to mpls
Achmad Mardiansyah
 
PDF
Cisco IPv6 Tutorial by Hinwoto
Febrian ‎
 
PPT
Fundamental of Quality of Service(QoS)
Reza Farahani
 
PDF
Designing Multi-tenant Data Centers Using EVPN
Anas
 
Cisco Live! :: Cisco ASR 9000 Architecture :: BRKARC-2003 | Milan Jan/2014
Bruno Teixeira
 
IPv6 Address Planning
APNIC
 
MPLS Concepts and Fundamentals
Shawn Zandi
 
Nokia L3 VPN Configuration Guide
Abel Saduwa
 
IPv6 Address Planning
Deploy360 Programme (Internet Society)
 
IS-IS Protocol Introduction
NetProtocol Xpert
 
BGP protocol presentation
Gorantla Mohanavamsi
 
CCNP ROUTE V7 CH5
Chaing Ravuth
 
Chapter 17 : static routing
teknetir
 
MPLS Presentation
Unni Kannan VijayaKumar
 
CCNA 200-301 Chapter 1-Introduction to TCP IP Networking.pptx
BabarYunus1
 
Ospf.ppt
Edgardo Scrimaglia
 
Advanced computer network
Trinity Dwarka
 
Mpls
Fasih Rehman
 
MPLS Layer 3 VPN
NetProtocol Xpert
 
Deploying Carrier Ethernet features on ASR 9000
Vinod Kumar Balasubramanyam
 
01 introduction to mpls
Achmad Mardiansyah
 
Cisco IPv6 Tutorial by Hinwoto
Febrian ‎
 
Fundamental of Quality of Service(QoS)
Reza Farahani
 
Designing Multi-tenant Data Centers Using EVPN
Anas
 
Ad

Similar to IPv6 address-planning (20)

PPT
Cisco presentation2
ehsan nazer
 
PPT
IPv4 adressing
AssemNazirova2
 
PDF
Apnic-Training-IPv6_workshop
Nguyen Minh Thu
 
PPT
Apnic V6 Tutorial Distribution
Ali_Ahmad
 
PDF
Americas Headquarters IPv6 Addressing White Paper IPv6 Introduction
Scott Faria
 
PPS
Lesson 3: IPv6 Fundamentals
Mahmmoud Mahdi
 
PPTX
ITN_Module_12.pptx
seare1
 
PPTX
IPv6 Addressing Architecture
Shreehari Dhat
 
PPTX
Fundamental of Internet Protocol version 6.pptx
ShasikantaM
 
PPTX
what/why/how of IPv6 || 2002:3239:43c3::1
Anshu Prateek
 
PPT
IPv6 networking training sduffy v3
Shane Duffy
 
PPT
IPv6
Talal Alsubaie
 
PPT
Chapter13ccna
ernestlithur
 
PPT
Chapter13ccna
robertoxe
 
PPTX
Get Ready For Ipv6
Rishu Mehra
 
PPTX
Get Ready For Ipv6
technext1
 
PDF
IPv6 Overview
William Lee
 
PDF
IPv6 Address Planning
smarthosein
 
PDF
IPv6
Deepraj Bhujel
 
PDF
Addressing plans
enes373
 
Cisco presentation2
ehsan nazer
 
IPv4 adressing
AssemNazirova2
 
Apnic-Training-IPv6_workshop
Nguyen Minh Thu
 
Apnic V6 Tutorial Distribution
Ali_Ahmad
 
Americas Headquarters IPv6 Addressing White Paper IPv6 Introduction
Scott Faria
 
Lesson 3: IPv6 Fundamentals
Mahmmoud Mahdi
 
ITN_Module_12.pptx
seare1
 
IPv6 Addressing Architecture
Shreehari Dhat
 
Fundamental of Internet Protocol version 6.pptx
ShasikantaM
 
what/why/how of IPv6 || 2002:3239:43c3::1
Anshu Prateek
 
IPv6 networking training sduffy v3
Shane Duffy
 
IPv6
Talal Alsubaie
 
Chapter13ccna
ernestlithur
 
Chapter13ccna
robertoxe
 
Get Ready For Ipv6
Rishu Mehra
 
Get Ready For Ipv6
technext1
 
IPv6 Overview
William Lee
 
IPv6 Address Planning
smarthosein
 
IPv6
Deepraj Bhujel
 
Addressing plans
enes373
 
Ad

Recently uploaded (20)

PDF
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
PPTX
artificialintelligenceai1-copy-210604123353.pptx
b45r14
 
PPTX
SAP Ariba Sourcing PPT for learning material
NKKumar16
 
PDF
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
PPTX
Funds Management Learning Material for Beg
NKKumar16
 
PPTX
Database Information System - Management Information System
faizhossain3
 
PPTX
Introduction to cybersecurity and digital nettiquette
shanefrancisjavier21
 
PDF
FINAL CALL-6th International Conference on Networks & IOT (NeTIOT 2025)
IJMIT JOURNAL
 
PDF
The Evolution of Traditional to New Media .pdf
NIKKODENSMIRO
 
PDF
mera desh ae watn.(a source of motivation and patriotism to the youth of the ...
DtMalhonSharma
 
PPTX
newyork.pptxirantrafgshenepalchinachinane
PrashantKoirala12
 
PPT
Ethics in Information System - Management Information System
faizhossain3
 
PPT
415456121-Jiwratrwecdtwfdsfwgdwedvwe dbwsdjsadca-EVN.ppt
woldemariamworku2
 
PDF
📍 LABUAN4D EXCLUSIVE SERVER STAR GAMING ASIA NO.1 TERPOPULER DI INDONESIA ! 🌟
alexiskandar061
 
PDF
Session 1 (Week 1)fghjmgfdsfgthyjkhfdsadfghjkhgfdsa
ssuser25df8b
 
PPTX
Layers_of_the_Earth_Grade7.pptx class by
varadhanvara05
 
PDF
SlidesGDGoCxRAIS about Google Dialogflow and NotebookLM.pdf
minhtrietgect
 
PDF
si manuel quezon at mga nagawa sa bansang pilipinas
LizaDeVeraFloresLaya
 
PPTX
t_and_OpenAI_Combined_two_pressentations
wuvjwfnaadbnzelauy
 
PPT
250152213-Excitation-SystemWERRT (1).ppt
woldemariamworku2
 
The New Creative Director: How AI Tools for Social Media Content Creation Are...
SageTitans
 
artificialintelligenceai1-copy-210604123353.pptx
b45r14
 
SAP Ariba Sourcing PPT for learning material
NKKumar16
 
SASE Traffic Flow - ZTNA Connector-1.pdf
mackwell7777
 
Funds Management Learning Material for Beg
NKKumar16
 
Database Information System - Management Information System
faizhossain3
 
Introduction to cybersecurity and digital nettiquette
shanefrancisjavier21
 
FINAL CALL-6th International Conference on Networks & IOT (NeTIOT 2025)
IJMIT JOURNAL
 
The Evolution of Traditional to New Media .pdf
NIKKODENSMIRO
 
mera desh ae watn.(a source of motivation and patriotism to the youth of the ...
DtMalhonSharma
 
newyork.pptxirantrafgshenepalchinachinane
PrashantKoirala12
 
Ethics in Information System - Management Information System
faizhossain3
 
415456121-Jiwratrwecdtwfdsfwgdwedvwe dbwsdjsadca-EVN.ppt
woldemariamworku2
 
📍 LABUAN4D EXCLUSIVE SERVER STAR GAMING ASIA NO.1 TERPOPULER DI INDONESIA ! 🌟
alexiskandar061
 
Session 1 (Week 1)fghjmgfdsfgthyjkhfdsadfghjkhgfdsa
ssuser25df8b
 
Layers_of_the_Earth_Grade7.pptx class by
varadhanvara05
 
SlidesGDGoCxRAIS about Google Dialogflow and NotebookLM.pdf
minhtrietgect
 
si manuel quezon at mga nagawa sa bansang pilipinas
LizaDeVeraFloresLaya
 
t_and_OpenAI_Combined_two_pressentations
wuvjwfnaadbnzelauy
 
250152213-Excitation-SystemWERRT (1).ppt
woldemariamworku2
 

IPv6 address-planning

  • 1. IPv6 Address PlanningTim Martin CCIE #2020 Solutions Architect Spring 2016
  • 2. Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved. Agenda •  Strategic Planning Steps •  IPv6 Address Planning •  Exercise •  Conclusion
  • 4. Architectural Model Planning and coordination is required from many across the organization, including … v  Network engineers & operators v  Security engineers v  Application developers v  Desktop / Server engineers v  Web hosting / content developers v  Business development managers v  …
  • 5. v  Create a project team & plan v  Identify business value, requirements & impacts v  Assess equipment & applications for IPv6 v  Begin training & develop training plan v  Develop the architectural solution v  Obtain a prefix and build the address plan v  Define an exception process for legacy systems v  Update the security policy v  Deploy IPv6 trials in the network v  Test and monitor your deployment IPv6 Planning Steps Outline
  • 6. 340,282,366,920,938,463,463,374,607,431,768,211,456 340 undecillion, 282 decillion, 366 nonillion, 920 octillion, 938 septillion, 463 sextillion, 463 quintillion, 374 quadrillion, 607 trillion, 431 billion, 768 million, 211 thousand, 456 So How Big Is The IPv6 Address Space? §  Lot’s of talk about how big, it’s BIG, do NOT worry about waste §  Theoretical vs. Practical, split the 128 bits in half §  64 bits will define the network topology, 64 bits define the host id 18,446,744,073,709,600,000 IPv6 addresses /64 (31,536,000 seconds/yr * 10,000,000 IPv6 addresses/second) 18,446,744,073,709,600,000 / 315,360,000,000,000 = 58,494 years - Ed Horley
  • 7. IPv6 Addressing IPv6 Address Family Multicast AnycastUnicast Assigned Solicited Node Unique Local Link Local Global Special Embedded *IPv6 does not use broadcast addressing Well Known Temp
  • 8. Hexadecimal, it’s really not that difficult Widely used in computing and programming Hex is a base 16 numerical system Typicaly expressd by 0x, i.e 0x34 Every nibble is a Hex character 4 bits have 16 combinations Easier than high school algebra 256’s |16’s | 1’s 3 4 a c 2 4 d 100s | 10’s | 1’s 0 5 2 1 7 2 5 8 9
  • 9. IPv6 Address Format IPv6 addresses are 128 bits long (32 hex characters) 8 groups (words, quad’s) of 16 bits separated by (:) Network or topology portion is the prefix Includes the “subnet” Host PortionNetwork Portion 2001 : 0db8 : 0100 : 1111 : 0000 : 0000 : 0000 : 0001 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits 16 bits Host IdSubnet IdGlobal Route Prefix 2001:0db8:0100:1111:0000:0000:0000:0001
  • 10. Abbreviating IPv6 Addresses (RFC5952) Leading 0’s can be omitted The double colon (::) can appear only once 2001:0db8:0000: :0000:0000:0000:1e2a00a4 Full Format 2001:db8:0: :0:0:0:1e2aa4 Abbreviated Formats 2001:db8:0: ::1e2aa4
  • 11. Unicast IPv6 Address Types Link-Local – Non routable exists on single layer 2 domain (fe80::/10) fe80:0000:0000:0000 :: xxxx:xxxx:xxxx:xxxx fc00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: fd00:gggg:gggg: xxxx:xxxx:xxxx:xxxxssss: Unique-Local – Routable within administrative domain (fc00::/7) 2000:NNNN:NNNN HHHH:HHHH:HHHH:HHHH Global – Routable across the Internet (2000::/3) :SSSS: 3fff:NNNN:NNNN HHHH:HHHH:HHHH:HHHH:SSSS:
  • 12. •  Recommended Alloca,ons •  Consumer, SMB /56 /60 /64 •  Municipal Government, Enterprise, Single AS /40 /44 /48 •  State Governments, Universi,es (LIR) /32 /36 /40 •  Addressing Plan, Site Count •  IPv4 Allocation, Multi-homed ISP • 1 - 12 sites, a /44 assignment • 13 - 192 sites, a /40 assignment • 193 - 3,072 sites, a /36 assignment • 3,073 - 49,152 sites, a /32 assignment Registries Level FourEntity IANA ISP Org PA /48 2000::/3 /12 /32 2000::/3 /48 /12 PI /32 /48 RIPE Global Address Assignment Subordinate
  • 13. •  PA or PI from each region you operate in •  Coordination of advertised space within each RIR, policy will vary •  Most run PI from primary region Multi-national Model
  • 14. Prefix Length Considerations Pt 2 Pt /127 WAN Core /64 or /127 Servers /64 Hosts /64 Loopback /128 •  Anywhere a host exists /64 •  Point to Point /127 Should not use all 0’s or 1’s in the host portion Nodes 1&2 are not in the same subnet •  Loopback or Anycast /128 •  RFC 7421 /64 is here •  RFC 6164 /127 cache exhaust
  • 16. 1.  Keep it SIMPLE §  You don’t want to spend weeks explaining it! 2.  Embed information to help operations §  To help troubleshooting and operation of the network §  Examples: location, country, PIN, VLAN, IPv4 info addresses 3.  Plan for expansion (build in reserve) §  Cater for future growth, mergers & acquisitions, new locations §  Reserved vs. assigned 4.  Exploit hierarchy / aggregation §  Good aggregation is essential, just one address block (per location) §  Ensures scalability and stability 4 Rules 2001:420:1234::/48 2001:420:1234:0100:/56 2001:420:1234:0200:/56 2001:420:1234:0400:/562001:420:1234:0300:/56 2001:420:1234:0500:/56 …
  • 17. §  Structure §  Prefix sizing §  Information encoding §  Infrastructure addressing Methodology
  • 18. §  How many prefixes will you need at each level of the addressing plan §  Example: a BNG can handle 64000 subscribers = 64000 IPv6 prefixes §  Example: the number of interconnects (P2P) in your network §  As always, put aside a reserve! §  How many /64 prefixes (subnets) you need to deploy at a location §  I.E: desktops, WIFI, guestnet, sensors, CCTV, network infrastructure, etc.. §  As always, put aside a reserve! §  Don’t worry about the number of hosts §  We have more than 254 of IPv6 addresses for hosts :’) Methodology (2) – Number of Prefixes per Level
  • 19. Example - How Many Subnets in a Location? •  Follow the logical flow –  How many subnets in each location? –  What does sit under infrastructure? –  How many point-to-point links? –  Where is the reserve? /52 Infrastructure /48 location /56 Interconnects /56 Loopbacks 256x /64 P2P links 256x /64 Loopbacks /128 per Loopback /52 Desktops /52 Wireless /52 etc. /127 per P2P link /56 reserve /56 reserve ...
  • 20. §  Remember transition mechanisms – these will have specific address format requirements §  ISATAP §  NAT64 (/96) §  6rd, MAP §  Possible encoding of information in particular portions of the IPv6 prefix §  Places In the Network (PINs) §  VLANs in the prefix §  VLAN 4096 à 2001:db8:1234:4096::/64 (alternatively in hex J) §  The whole IPv4 address or just a portion §  consider this carefully – trade-off between linkage vs. independence §  IPv4 address 10.0.13.1 à 2001:db8:1234:100::10:0:13:1 §  Router IDs in the Interface Identifier / IPv4 in Link-Local §  Consider security implications! Methodology (3) – Information Encoding
  • 21. Methodology (4) – Infrastructure Addressing 1. •  First recommendations: configure /64, /112 or /126 •  RFC 3627, September 2003 – /127 considered harmful •  moved to historic by RFC 6547 (Feb. 2012) •  Since April 2011, RFC 6164 recommends /127 on inter-router (P2P) links •  Current recommendation /64, /126 or /127 •  /127 mitigates ND exhaustion attacks •  Allocate /64 from a block (e.g. /56) for infrastructure links but configure /127 •  Example: 2001:db8:1234:1::0/127 and 2001:db8:1234:1::1/127 •  What about offsetting the suffix •  2001:db8:1234:1::a/127 •  2001:db8:1234:1::b/127 •  You must follow the /127 subnet rule!!! 2001:db8:1234:1::A/127 2001:db8:1234:1::B/127 R2R1 21
  • 22. Methodology (4) – Infrastructure Addressing 2. •  E.g. Dedicate /56 for Loopback addresses per location •  Allocate /64 per Loopback but configure /128 •  Example: 2001:420:1234:100:1::1/128 and 2001:420:1234:101:1::1/128 •  Avoid a potential overlap with Embedded RP addresses •  Remember to check how many Longest Prefix Matches (LPM) [/128] your network devices can carry •  Does not always equal the total number of supported IPv6 prefixes Loopbacks 22
  • 23. Example of an IPv6 Prefix Allocation (Cisco) /40 - /44 per Site Upto 256 Buildings per Site Site = Campus 13th Nibble = PIN /52 per PIN (4096 Subnets / PIN) PIN = Place In the Network A framework to classify network roles e.g. Lab, Desktop, DC, DMZ etc /48 per Building/FSO (16 PINs per Building/FSO) FSO = Field Sales Office /37 - /39 per Sub-Region /35 - /36 per Region Global Level 2001:420::/32 Using /34 with 50% spares For Your Reference
  • 24. Example of an IPv6 Prefix Allocation (ISP) /30 /30 for Subscribers /32 for Internal Addressing /36 per PoP /32 for Private Addressing /32 for External Addressing (non-Subsribers) /32 as a reserve /56 per Subscriber /40 for Enterprise DC External /40 for Enterprise Infrastructure External /40 for Enterprise Campus External /29 from RIPE /40 for Core Network External Services /40 for Core Network Internal Services /40 for Enterprise DC Internal /64 for Loopbacks (/128s) /40 for Enterprise Campus External /40 per BNG For Your Reference
  • 26. •  Methods •  Follow IPv4 (/24 only), Organizational, Location, Function based •  Hierarchy is key (A /48 example) •  Bit twiddle's dream (16 bit subnet strategy) •  4 or 8 bits = (16 or 256) Regions (states, counties, agencies, etc..) •  4 or 8 more bits = (16 or 256) Sub Levels within those Regions •  4 more bits = (16) Traffic Types (Admin, Guest, Telephony, Video, etc..) •  Cisco IPv6 Addressing White Paper •  http://www.cisco.com/go/IPv6 •  Monotonically (1000, 2000, 3000, etc.) vs. Sparse (0000, 4000, 8000, c000 ) Building the IPv6 Address Plan 26
  • 27. §  European-wide conglomerate in the food and consumables sector. §  Has presence in about 19 countries expected to grow to about 37 §  They also have a sister company (ACME ISP) which is providing European-wide telecommunications services. ACME Enterprise
  • 28. §  ACME has grown organically through a policy of acquisitions and mergers over the past few years. §  Use of private (RFC 1918) and/or illegal IPv4 address blocks, NAT is widely used. This is negatively impacting the behaviour of some enterprise applications. §  ACME has decided to strategically deploy IPv6 within the ACME enterprise network. This will enable applications and services to be moved from IPv4 to IPv6 on a case-by-case basis §  For its WAN connectivity, ACME enterprise uses the MPLS VPN service offered by ACME ISP. ACME Enterprise Current State of the Network
  • 29. §  ACME ISP is a RIPE member and have been allocated a /19 IPv6 address block. ACME Enterprise has been provided 2014:1b2::/32 from its ISP. ACME ISP will be interconnecting all the IPv6 locations of the ACME enterprise network. §  The most important requirements for the IPv6 addressing design are for it to be highly hierarchical, uniform and scalable. This will greatly simplify the design, operation and troubleshooting of the network. ACME Enterprise IPv6 High Level Requirements
  • 30. §  As a general rule, ACME would like to use byte (8-bit)-boundaries between the different hierarchies of the IPv6 addressing. HINT!!! §  At the first level, the addressing scheme needs to support at least 37 countries (HINT!!!). Also some address blocks should be reserved for future growth in the larger countries. §  At the second level (within each country), there are a number of campus locations. It is at this level that connectivity into the ACME ISP network is provided. The largest country has about 40 campus locations (HINT!!!). ACME Enterprise Detail Requirements
  • 31. §  At the third level (within each campus location), the number of buildings within each campus (4-6 maximum). Therefore, allocating these blocks on a byte boundary is deemed as overkill. A nibble (4-bit) boundary will suffice here. HINT!!! §  A separate “virtual building” address block needs to be set aside for network infrastructure addressing within that campus location. §  At the forth level (within each building), individual IPv6 subnets need to be assigned to individual VLANs. §  An additional requirement is to divide up the network infrastructure block in ranges for loopback, link and network services addressing. ACME Enterprise Detail Requirements (Cont.)
  • 32. §  Design an IPv6 address plan for ACME enterprise applying with what you have learned in this session and the mentioned HINTS. §  Work top-down through the address plan. §  Focus first on the end-system addressing. §  Think about the network infrastructure addressing §  There are multiple acceptable solutions, it’s more important to think about the problem and apply the methodology. Building An Address Plan For ACME Enterprise (Tasks)
  • 34. ACME Enterprise IPv6 Addressing Exercise /64 4096 /48
  • 37. Cisco IPv6 Services A Phased-Plan Approach for Successful IPv6 Adoption IPv6 Assessment Service •  Determine how your network needs to change to support your IPv6 strategy IPv6 Discovery Service •  Guidance in the early stages of considering a transition to IPv6 IPv6 Planning and Design Service •  Designs, transition strategy, and support to enable a smooth migration IPv6 Implementation Service •  Validation testing and implementation consulting services Network Optimization Service •  Absorb, manage, and scale IPv6 in your environment
  • 38. •  Gain Operational Experience now •  IPv6 is already here and running well •  Control IPv6 traffic as you would IPv4 •  “Poke” your Provider’s •  Lead your OT/LOB’s into the Internet Key Take Away