IPv6 Address Space Allocation for ISP
There are plenty of articles on understanding IPv6 for all categories: from users to providers, and if a user with the “correct” dual-stack provider just needs to turn on a device that supports IPv6, then what the provider does with its IPv6 block is not clear. Let's try to figure it out. The article implies that the reader can count IPv6 masks; no more is required.
If even with a score of the problem, then the picture should help a little
So, a typically allocated IPv6 block is / 32. These are 79228162514264337593543950336 unique IP addresses, which "should be enough for everyone." It would seem that even an average ISP with such a quantity doesn’t really care about the exhaustibility of the address space, but network engineers know that the problem of proper address planning is not only in saving addresses, but also in that it affects the performance of the equipment and, as a result, the performance the whole network.
There are some recommendations that regional registrars and RFC6177 give :
Obviously, with this approach, the meaning of VLAN per user, VLAN per access-switch or vlan per building adjusted for different types of clients is not entirely reasonable and contradicts the recommendations of RIPE. In my opinion, 2-4 VLANs per site will be enough: corporate clients, individuals and, possibly, telephony and TV, if there is a need to distribute them (e.g. for ACL, netflow, etc.) where at the access level do the corresponding bindings, e.g. DHCPv6 opt37
Visualization:
Take a spherical ISP, present in five cities, each of which has / is planned 100 sites, each will have corporate clients, physical. faces and SIP with IPTV. Our provider is the right one, it offers corporate clients a wide variety of tariffs (unlimited and for traffic), it seems to me that no one provides physicists with traffic already, and on their SIP server / SoftSwitch allows access only from certain subnets in which they are located voice gateways (the subscriber receives telephony in the form of an FXS port). And so it gets 2001: DB8 :: / 32 (the address recommended for documentation, RFC3849). Next, simple mathematics of the 5th grade level: we need / 38 networks to each city, but it will be more “beautiful” to split the network into a city into / 36, networks with such a breakdown will be enough for 11 more cities. Call this the first level of address space.
Further we distribute addresses in the city. Second level. Let it be Samara with its 2001: db8: 2 :: / 48. We recall that the site should have / 64. I must make a reservation right away that I omit the intermediate stage of summing the blocks of several aggregations into some intermediate ones between / 64 and / 48, because I believe that this is not a typical scheme to describe, it depends on the physical and logical construction of the network (for example, you can combine all / 64 networks of one ospf area into one shorter prefix). T.O. we get no more than 5 VLANs on the aggregation (+ managment), not counting the VPN, saving device resources, ease of configuration of STP, QoS, etc., as well as access switches (the config will differ only in control IP). Corporate clients wishing for example / 56 also fit well into this picture.
In some cases, it may make sense to convert a typical three-level model of building a network (core-aggregation-access) into a core-access by putting something on the aggregation level of an L2 level to reduce the cost of the network.
The article was not big, I didn’t give examples of IPv6 configurations, because this is beyond the scope of the article, if there is a desire of readers - I can paint typical things based on this article. I tried to collect all the recommendations for IPv6 and paint them in human language. Edits, comments, suggestions and additions are in every way welcome!
If even with a score of the problem, then the picture should help a little
So, a typically allocated IPv6 block is / 32. These are 79228162514264337593543950336 unique IP addresses, which "should be enough for everyone." It would seem that even an average ISP with such a quantity doesn’t really care about the exhaustibility of the address space, but network engineers know that the problem of proper address planning is not only in saving addresses, but also in that it affects the performance of the equipment and, as a result, the performance the whole network.
There are some recommendations that regional registrars and RFC6177 give :
- ISP is allocated / 32 block
- Each node where addresses are aggregated should receive a / 48 network (65536 networks / 64 sizes)
- There should be no subnets longer than / 64, which means that for each VLAN a / 64 subnet is allocated (18446744073709551616 IP addresses)
- All loopbacks must be in the same / 64 subnet, the interface mask is / 128
Obviously, with this approach, the meaning of VLAN per user, VLAN per access-switch or vlan per building adjusted for different types of clients is not entirely reasonable and contradicts the recommendations of RIPE. In my opinion, 2-4 VLANs per site will be enough: corporate clients, individuals and, possibly, telephony and TV, if there is a need to distribute them (e.g. for ACL, netflow, etc.) where at the access level do the corresponding bindings, e.g. DHCPv6 opt37
Visualization:
Take a spherical ISP, present in five cities, each of which has / is planned 100 sites, each will have corporate clients, physical. faces and SIP with IPTV. Our provider is the right one, it offers corporate clients a wide variety of tariffs (unlimited and for traffic), it seems to me that no one provides physicists with traffic already, and on their SIP server / SoftSwitch allows access only from certain subnets in which they are located voice gateways (the subscriber receives telephony in the form of an FXS port). And so it gets 2001: DB8 :: / 32 (the address recommended for documentation, RFC3849). Next, simple mathematics of the 5th grade level: we need / 38 networks to each city, but it will be more “beautiful” to split the network into a city into / 36, networks with such a breakdown will be enough for 11 more cities. Call this the first level of address space.
We got the 16 following networks
| 2001: db8 :: / 48 | Moscow |
| 2001: db8: 1 :: / 48 | St. Petersburg |
| 2001: db8: 2 :: / 48 | Samara |
| 2001: db8: 3 :: / 48 | Tambov |
| 2001: db8: 4 :: / 48 | Vladivostok |
| 2001: db8: 5 :: / 48 | Reserve |
| 2001: db8: 6 :: / 48 | Reserve |
| 2001: db8: 7 :: / 48 | Reserve |
| 2001: db8: 8 :: / 48 | Reserve |
| 2001: db8: 9 :: / 48 | Reserve |
| 2001: db8: a :: / 48 | Reserve |
| 2001: db8: b :: / 48 | Reserve |
| 2001: db8: c :: / 48 | Reserve |
| 2001: db8: d :: / 48 | Reserve |
| 2001: db8: e :: / 48 | Reserve |
| 2001: db8: f :: / 48 | Reserve |
Further we distribute addresses in the city. Second level. Let it be Samara with its 2001: db8: 2 :: / 48. We recall that the site should have / 64. I must make a reservation right away that I omit the intermediate stage of summing the blocks of several aggregations into some intermediate ones between / 64 and / 48, because I believe that this is not a typical scheme to describe, it depends on the physical and logical construction of the network (for example, you can combine all / 64 networks of one ospf area into one shorter prefix). T.O. we get no more than 5 VLANs on the aggregation (+ managment), not counting the VPN, saving device resources, ease of configuration of STP, QoS, etc., as well as access switches (the config will differ only in control IP). Corporate clients wishing for example / 56 also fit well into this picture.
In some cases, it may make sense to convert a typical three-level model of building a network (core-aggregation-access) into a core-access by putting something on the aggregation level of an L2 level to reduce the cost of the network.
The article was not big, I didn’t give examples of IPv6 configurations, because this is beyond the scope of the article, if there is a desire of readers - I can paint typical things based on this article. I tried to collect all the recommendations for IPv6 and paint them in human language. Edits, comments, suggestions and additions are in every way welcome!