Ipv6 Routing (from hell)
Michael Taht
m at teklibre.com
Thu Mar 27 07:58:29 CET 2008
I'm still performing an ipv6 thought experiment on the airstream network.
See http://www.air-stream.org.au/access_points for what the real
world looks like.
What I have mostly been struggling with is what, for me, is an ideal
scenario. G's are internet gateways. Rs are mesh routers. Cs are (many)
clients. Apology to those with proportional fonts. Or fixed fonts. Connect most
of the lines to routers....
G3 ----- R ------- R ------ R ----- G1
/ | \ / | \ |
C R C C R -R ---- C
\ |/ |
C
C ---- R --- R - ----R -----G2
| |
C ----R
OLSR can handle everything within the "G"s.
Each of the "G"s is connected to a different ISP.
In the case of IPv4, you are behind nat on the Gs (a 10 network is in use)
What happens when you are being routed thru G0 and it goes down? Your
connections reset. But you move on. So long as your gateway is
stable, your outside world connection just assumes the address of that
gateway.
In the case of IPv6, you aren't behind nat, but G1, G2, G3 have to
announce to somewhere, using something, that they all can route the
network behind them.
At present, the gateways would be tunnels through a tunnel broker,
but might in the future be 6to4 or even teredo - and one day - native.
What do you use to route this? Is BGP a must? Can you even use
BGP for subnets on a tunneled connection?
Mentally, I have three different scenarios in mind:
1) Every client/router within the network gets a unique IP/64 from each
of the gateways, which are each routing that from a delegated /48 on the tunnel.
(so in this case of 3 gateways, each client would have their link local and 3 IPs)
When a gateway dies that whole IP/64 network also dies (is there a routing de-announcement?)
mentally, the effect is the same as the NAT reset for existing connections,
but I'm not sure if this would even work. If I'm on multiple networks,
my client source address is generally going to be on that network, right?
2) There is one /48, and one tunnel. However, each of the gateways keeps
tunnels to the others open, and if the primary tunnel gateway dies, a
new gateway is elected to reopen the main tunnel. Trafficwise this means
that all traffic goes to one gateway, then gets routed around the internet
based on a closest gateway to interior gateway... or you have asymmetric
routes, or...
So you end up with a virtual "G0" feeding the other Gs... and in the
case of gateway failure you get a hiccup rather than a reset...
Or perhaps you can do a flatter routing by requesting a company specific
netblock (is that even doable yet), getting a real RIR ASN, and
hoping everybody you need to peer with peers, but that doesn't get
around the tunnel broker issue, I think.
I have no idea what it takes to get an ASN these days, or if you could
use a private one just within your G0-G4 router set....
3) There are multiple tunnels to the tunnel broker, but all are routing the
same /48. which then decides where to
send subsets of the /48 based on (some) set of oslr statistical feedback via whatever
protocol, presumably BGP. Who listens? Does any tunnel broker do this?
Any pointers to suitable RFCs, conf files, documentation, working networks -
etc deeply desired.
--
Mike Taht
PostCards From the Bleeding Edge
http://the-edge.blogspot.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cluenet.de/pipermail/ipv6-ops/attachments/20080327/1f6ae261/attachment.sig>
More information about the ipv6-ops
mailing list