IPv6 Design: Forget The IPv4 Rules
You've acquired a nice new IPv6 address block, and now you need to come up with an IPv6 address allocation design for your network. If there is one bit of advice I can offer you as you begin your IPv6 address design, it's this: Abandon almost everything you've learned about IPv4 address design. Throw it right out the window.
September 2, 2011
You've acquired a nice new IPv6 address block, and now you need to come up with an IPv6 address allocation design for your network. If there is one bit of advice I can offer you as you begin your IPv6 address design, it's this: Abandon almost everything you've learned about IPv4 address design. Throw it right out the window.
Yes, an IPv6 address at the binary level is still used the same way an IPv4 address is used. Yes, the address bits are still divided between a network part that specifies the exact location of the link to which a device is attached and a host part that identifies a specific device on the link. Yes, you still use CIDR notation (a forward slash and a number) to specify an address prefix of some length. And, yes, if you want to represent just the prefix you set all the host bits to zero (a 24-bit IPv4 prefix might be written as 192.168.23.0/24; a 48-bit IPv6 prefix might be written as 2001:db8:9c5::/48).
Above those bit-level functional equivalences, it's a whole new ball game.
A single design principle dominates all others in IPv4 address design: address conservation. Variable-Length Subnet Masking (VLSM) is an essential IPv4 design tactic in which the number of hosts required on individual subnets throughout the network is carefully balanced against the total number of subnets your IPv4 prefix can support. You wind up with several different subnet sizes in your network, each allowing for just enough known or forecast host addresses and no more.
In fact, the very concept of subnetting in IPv4 is the idea of borrowing some of the host bits to use as part of the network prefix. This dates back to pre-CIDR days when unicast IPv4 prefixes belonged to one of three classes (/8, /16, or /24). IPv6 prefix assignments, on the other hand, are treated differently. There is always allowance of a 64-bit host portion (the Interface-ID); except for networks that are deemed to only need a single subnet, such as homes or small offices, your prefix assignment will be some length shorter than 64 bits such as /40, /48 or /56. Those bits of the network portion between the fixed prefix assignment and the fixed 64-bit Interface-ID are for subnetting. You don't have to borrow host bits.
IPv6 represents a mind-boggling number of addresses, and that boggleness extends right down into your own network. Think about this: If you are allocated a /40 prefix, you have the capacity to support as many /64 subnets--4.3 billion--as there are individual addresses in the entire IPv4 address space. If you are an enterprise network, you are more likely to get a /48; that's still 65,536 64-bit subnets. And each /64 supports 1.8 x 1,019 individual addresses. These kinds of numbers mean that you can trade traditional address conservation principles for all kinds of other benefits: consistent, one-size-fits-all subnets; addresses that are easier to interpret, troubleshoot and maintain at the hex level without needing to look at the binary representation; and an address design with the flexibility and scalability to meet future network requirements, even if you're not sure what those requirements might be.
Yet, when I've done IPv6 address designs for clients, convincing at least some of the architecture team to forsake long-ingrained IPv4 thinking can be a tough sell. "Why do I need 1.8x10^19 x 1,019 addresses on a subnet? Any sanely built subnet will have only a miniscule fraction of that number of devices." The objections can get particularly strenuous when we start talking about using a /64 on point-to-point links. "Why am I assigning 180 million trillion addresses to a link that will only ever use just two of them?" you might ask.
These objections miss the point. It's not about how many addresses you are wasting; it's about what you get in return for being wasteful. After all, what else are you going to do with all those addresses? If you cannot address your entire network with 64-bit subnets and still have plenty to spare, you haven't been given a prefix appropriate to the size of your network.
There are a couple of reasons other than address conservation why you might want to consider a different subnet size on your point-to-point links, and I'll discuss them in a later post.
I'll admit that leaving all those nice IPv6 addresses to never ever be used sometimes bothers me, too. I've been working with IPv4 for a very long time and am far from immune to having traditional sensibilities offended. That's why it's important to not think generically about IP address design. There's IPv4 design, and there's IPv6 design. Two different sets of practices.
About the Author
You May Also Like
Radical Automation of ITSM
September 19, 2024Unleash the power of the browser to secure any device in minutes
September 24, 2024Maximizing Manufacturing Efficiency with Real-Time Production Monitoring
September 25, 2024