Here's the second part of a four-part blog on creating an IPv6 addressing plan. Today, we'll discuss assigning subnets and addresses within a site and getting IPv6 addresses.
Assigning Subnets and Addresses within a Site
The standard single site allocation is a /48 (the maximum number of bits allowed for a prefix that ISPs will accept and re-advertise). The subnet ID portion of the prefix allows for subnet assignments within a given site.
Any subnets derived from this primary site assignment should not be any smaller (i.e., more bits) than the standard interface assignment in IPv6 of a /64.
The more granular subnet assignments derived from the /48 assigned to a site have two primary characteristics. First, as mentioned above, they are typically larger than the standard /64 interface assignment and are appropriately sized to define groups of these interface subnets. Second, these groups will be sized and assigned based on the network function or location they provide addressing for.
Table 2 shows the number of subnet groups per /48 with the resulting number of /64 subnets.
These values should help guide how many groups of subnets, as well as /64s per group, are required for a given site. In general, the more /64s required for a particular function or location within the site, the fewer the number of larger subnets available for other locations or functions at that same site. Fortunately, most organizations are unlikely to use more than 4,096 /64 subnets for a single site function or location (a limit which would still allow for 15 additional /52s—each with 4,096 /64 subnets).
The determination of how many groups of subnets (and /64s per group) are needed should include current production requirements as well as expected growth. The 4-bit boundary preferred for prefix legibility leaves room in between for unexpected growth (though at the potential future cost of concision and legibility as we’ll explore later).
As mentioned, all network interfaces should be assigned a /64 by default. The only exceptions to this rule are for point-to-point links and loopback addresses.
In recent years, there has been much debate in the Internet engineering community and among network operators as to what size subnet should be used for point-to-point links. Initial IPv6 deployments often used /64s for consistency’s sake but security issues (i.e., neighbor cache exhaustion and forwarding loops) emerged that made this method controversial. As a result, both /126s and /127s were proposed and deployed as preferable alternatives. More recently, RFC 6164 recommends the use of /127s on point-to-point links.
Figure 2 shows each of the standard IPv6 subnet assignments.
To preserve address plan consistency, every point-to-point link can be allocated a /64 but configured with a single /127 from that allocation. Alternatively, a /64 can be allocated per routing domain from which all of the /127s for that domain will be assigned.
/128s can be assigned from one /64 allocated per routing domain exclusively for loopback addresses.
Getting IPv6 Addresses
Now that you have some information to determine how many IPv6 addresses you might need, the next step is to obtain an IPv6 address allocation. This is typically done in one of two ways: an organization will either request IPv6 space from their ISP or from one of the Regional Internet Registries (or RIRs). The decision to request an IPv6 allocation from an ISP or a RIR is based on whether an organization needs a Provider Aggregatable (PA) allocation or a Provider Independent (PI) allocation.
IPv6 allocations from ISPs or IP transit providers are typically PA allocations. These allocations are usually good for the duration of the contract for IPv6 connectivity from the ISP or transit provider. As a result, renumbering the network will be required if a new provider is chosen. If your organization’s network connectivity and addressing requirements are based on a single site and you’re planning on requesting IPv6 addresses from your ISP, now would be an excellent time to inquire as to whether your ISP supports IPv6 and what the requirements are for requesting IPv6 addresses.
Alternatively, IPv6 allocations from the RIRs are typically PI allocations and are considered permanent once allocated. Such allocations are “portable” meaning that the PI allocation will generally be accepted and re-announced by any ISP or IP transit provider. Both PI and PA allocations are globally registered and globally routable. In general, multi-site networks connected to multiple ISPs or transit providers require PI allocations.
PI allocations obtained through a RIR will require justification for the address space by filling out and submitting documentation detailing current and anticipated IPv6 address requirements. If an organization has obtained IPv4 space from a RIR in the past, the process is similar for IPv6. Most organizations should have no difficulty obtaining IPv6 addresses.
Next time: a sample IPv6 addressing plan.