BCP: Slicing a /32 for an ISP

Iljitsch van Beijnum iljitsch at muada.com
Mon Apr 14 13:03:12 CEST 2008 

On 2 apr 2008, at 3:19, Steve Bertrand wrote:

> Has anyone done any documentation on how they decided to slice up  
> their IPv6 allocation?

Well, I've done this twice, both times for networks with not much  
internal hierarchy. If you have a network with more or less autonomous  
parts you may want to think about giving each part its own address  
range and aggregate those. I would probably start with a /40 or so for  
that and see what happens from there, that way you're not carving up  
that /32 too badly at this early stage.

Anyway, my recommendations, please note that free advice may not be  
worth more than what you paid for it:

- reserve the first /48 and especially the first /64 for your own  
stuff that you want to have short addresses

- give every DNS server a manually configured address in its own /64  
so you don't have to change the address when you change the hardware  
and you can move each of them around the network

- take a /48 to number your network/routers. If you use vlans, encode  
the vlan ID (without converting to hex) like this: </32 prefix>: 
1:<vlan ID>::/64

- where possible, use EUI-64 addressing for routers, that way you  
don't have to keep track of which router has which address

- if you don't like /64 or unnumbered for point-to-point, use /112s (=  
2001:db8:aaaa:bbbb:cccc:dddd:eeee:<subnet bits>) and don't use the all- 
zeros address or the top 127 addresses to avoid issues with reserved  
anycast addresses

- give all users with their own prefix also a /64 to number the link  
between your and their routers, use ::1 for yours, ::2 for theirs that  
you route their prefix to

- enable router advertisements + stateless autoconfig on all subnets  
even if not immediately needed UNLESS it's a shared subnet with  
devices from IPv6-unaware customers who may be surprised to see their  
stuff autoconfigure v6 (this way a box without manual config gets v6  
and if you have multiple routers they can fail over from one to the  
other)

Good luck!

More information about the ipv6-ops mailing list