IPv6 Address Planning

www.internetsociety.org/deploy360/

IPv6 Address Planning

Dan York

Deploy360 Programme www.internetsociety.org/deploy360/


Objectives

After this section, you should be able to:

•  Understand the value of an IPv6 address plan

•  Plan how you will assign IPv6 subnets

•  Estimate the IPv6 addressing needs of your network

•  Subnet an IPv6 prefix


Why Create An IPv6 Address Plan?

•  Routing tables can be smaller and more efficient

•  Security policies can be easier to implement

•  Application policies can be implemented

•  Network management/provisioning can be easier

•  Troubleshooting can be easier, particularly with visual identification

•  Easier scaling as more devices or locations are added


IPv4 Subnetting Concepts To Forget!

Why do we do subnetting? •  IPv4: Conserve address space

•  IPv6: planning and optimization for routing and security

Subnets vs hosts – number of hosts irrelevant in IPv6 •  There will rarely be a need to expand a /64 subnet (264 hosts)

•  264 = 18,446,744,073,709,551,616 hosts

www.internetsociety.org

IPv6 Address Planning Basics

9/25/13


A Typical IPv6 Address For A Device (Host)

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)

Prefix (/64)


Network Prefixes

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)

/16

/32

/48


Address Block Assignments

9/23/13

Prefix Assignment Number of Addresses

/32 LIR (Local Internet Registry) – often an ISP 296

/48 Organization 280

/64 Organization network 264

/128 Individual host (PC, server, router, etc.) 1


/32 Prefix

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)

Prefix (/32) Subnet (/32)


/48 Prefix

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)



Common Prefixes - /48, /52, /56, /60

2001:db8:1234:152c:12b4:5678:d334:9af Prefix (/48) Subnet (/16)





Common Subnet Prefixes

9/23/13

Prefix Number of /64 Subnets

/48 65,536

/52 4,096

/56 256

/60 16

/64 1


Common Subnet Prefixes - # of Subnets

9/23/13

Prefix /52 Subnets

/56 Subnets

/60 Subnets

/64 Subnets

/48 16 256 4,096 65,536

/52 16 256 4,096

/56 16 256

/60 16

/64 1

Ex. a /52 prefix could have:

•  16 /56 subnets

•  256 /60 subnets

•  4,096 /64 subnets


Example Allocation

9/24/13

Core

Region 1

Site 1 Site 2

Region 2

Site 3 Site 4 Site 5

Region 3

Site 6 Site 7

Internet

LAN LAN LAN LAN LAN LAN LAN

/48

/52

/64 /64 /64 /64 /64 /64 /64

/52 /52


Using "Nibbles" as boundaries

•  A "nibble" is one hexadecimal digit (or 4 bits)

•  You don't have to subnet based on nibbles. You can use other prefixes, ex. /49, /51, /54

•  But it is MUCH easier to identify addresses if you do.

hex 1234

binary 0001:0010:0011:0100


Example: Very Simple Subnets

2001:db8:1234:1000::/64


2001:db8:1234:2000::/64 2001:db8:1234:3000::/64 2001:db8:1234:4000::/64

2001:db8:1234:f000::/64 …


Example: Very Simple Subnets

2001:db8:1234:1::/64


2001:db8:1234:2::/64 2001:db8:1234:3::/64 2001:db8:1234:4::/64

2001:db8:1234:f::/64 …


Key Point: Focus on the 16 bits (and 4 nibbles)

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)



Subnet Planning

9/25/13


Next Step: Plan Your Subnet Scheme

•  Multiple ways to use the 4 nibbles (assuming a /48)

•  Plan nibbles by: •  Region and site

•  Location

•  Use type (ex. employees, students, guests)

•  Business units

•  Applications (ex. data, voice, video)

•  Combinations of some of the above

•  THERE IS NO ONE RIGHT ANSWER! •  Will depend upon your site and your objectives

9/24/13


Example Planning Considerations

•  Do you want to optimize for your security policies? •  Do you want to make it easy for firewalls to filter based on… location?

user type? applications?

•  Do you want to optimize for router policies and performance?

•  Do you want to have the smallest and most efficient routing table possible?

•  Do you have a higher or lower quantity of certain types of objects?

•  For example, do you only have 2 locations but 20 types of applications?


Example #1: Location and Use Type

2001:db8:1234:152c:12b4:5678:d334:9af


Location (16):

•  Building 1

•  Building 2

•  Building 3

Use Type (16):

•  Employees

•  Servers

•  Infrastructure

Individual networks (256)


Example #2: Locations (many) and Use Type

2001:db8:1234:152c:12b4:5678:d334:9af


Location (256):

•  Building 1

•  Building 2

•  Building 3

Use Type (16):

•  Employees

•  Servers

•  Infrastructure

Individual networks (16)


Example #3 – business units first

Start by allocating based on business units: •  Corporate: 2001:db8:1a:0000::/52 •  Finance: 2001:db8:1a:1000::/52 •  Marketing: 2001:db8:1a:2000::/52 •  Engineering: 2001:db8:1a:3000::/52 •  Customer Support: 2001:db8:1a:4000::/52

Then allocate on applications (here for one unit): •  Engineering - Data: 2001:db8:1a:3000::/56 •  Engineering - Voice: 2001:db8:1a:3200::/56 •  Engineering - Video: 2001:db8:1a:3400::/56 •  Engineering - Wireless: 2001:db8:1a:3800::/56 •  Engineering - Management: 2001:db8:1a:3c00::/56

9/24/13


Example #3, continued

Next allocate based on region (here for "Data"): •  Engineering - Data – Eastern region: 2001:db8:1a:3000::/60 •  Engineering - Data – Northern region: 2001:db8:1a:3080::/60 •  Engineering - Data – Western region: 2001:db8:1a:3040::/60 •  Engineering - Data – Southern region: 2001:db8:1a:30c0::/60

Then allocate on individual sites: •  Engineering - Data - Northern region - Site 0: 2001:db8:1a:3080::/64 •  Engineering - Data - Northern region - Site 1: 2001:db8:1a:3081::/64 •  Engineering - Data - Northern region - Site 2: 2001:db8:1a:3082::/64

9/24/13


Example #4 – applications first

Start by allocating based on applications: •  Data: 2001:db8:1a:0000::/52 •  Voice: 2001:db8:1a:8000::/52 •  Video: 2001:db8:1a:4000::/52 •  Wireless: 2001:db8:1a:c000::/52 •  Management: 2001:db8:1a:2000::/52

Then allocate on regions (here for one unit): •  Voice – Eastern region: 2001:db8:1a:8000::/56 •  Voice – Northern region: 2001:db8:1a:8800::/56 •  Voice – Western region: 2001:db8:1a:8400::/56 •  Voice – Southern region: 2001:db8:1a:8c00::/56

9/24/13


Example #4, continued

Next allocate based on business unit: •  Voice – Southern region – Corporate: 2001:db8:1a:8c00::/60 •  Voice – Southern region – Finance: 2001:db8:1a:8c10::/60 •  Voice – Southern region – Marketing: 2001:db8:1a:8c20::/60 •  Voice – Southern region – Engineering: 2001:db8:1a:8c30::/60 •  Voice – Southern region – Cust Support: 2001:db8:1a:8c40::/60

Then finally on individual sites: •  Voice – Southern– Marketing – Site 1: 2001:db8:1a:8c2a::/64 •  Voice – Southern– Marketing – Site 2: 2001:db8:1a:8c29::/64 •  Voice – Southern– Marketing – Site 3: 2001:db8:1a:8c2e::/64

9/24/13


Again: focus on the 16 bits (and 4 nibbles)

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)



Subnet Numbering: Planning For Growth

Multiple ways for numbering individual subnets:

•  Numerical (monotonic) – just increment by 1: •  2001:db8:1234:0000::/64 •  2001:db8:1234:1000::/64 •  2001:db3:1234:2000::/64

•  Sparse allocation (RFC 3531) •  2001:db8:1234:0000::/64

•  2001:db8:1234:8000::/64 •  2001:db3:1234:4000::/64

•  Random allocation •  Randomly choose numbers

9/24/13


Calculating The # Of Required Subnets

•  Determine primary factor you want to use •  Ex. location

•  Determine number of needed groups •  Ex. 15 locations, 2 administrative groups, 5 future = 22 total

•  Round up to nearest nibble •  Ex. 22 would fit within 2 nibbles (256 values)

•  Decide what to do with remaining nibbles (if any) •  Continue subnetting with a secondary factor

•  Don't subdivide and just have large subnets

9/24/13


How Many Nibbles?

9/24/13

# of nibbles Number of subnets

1 16

2 256

3 4,096

4 65,536

2001:db8:1234:152c:12b4:5678:d334:9af


Other Subnet Schemes

•  VLAN Numbers •  Organization may already have location/type planned into VLANs

•  Mirroring IPv4 Networks

•  Point-to-point / inter-router links •  RFC 6164 suggests use of /127 prefixes

•  You may want to reserve a /64 and then assign a /127

9/24/13


Subnetting on non-nibble boundaries

•  Again, you can subnet on non-nibble boundaries •  Can make more efficient use of space, just may be harder to use

•  Calculate # of bits necessary by finding the nearest power of 2 greater than or equal to value

•  If 6 locations, 8 (23) is closest so 3 bits would be needed. •  If 20 locations, 32 (25) is closest so 5 bits would be needed.

•  Example of subnet boundaries using 3 bits (/51): •  Subnet 1 – 2001:db8:1a:0::/51

•  Values – 2001:db8:1a:0:0:0:0:0 – 2001:db8:1a:1fff:ffff:ffff:ffff:ffff

•  Subnet 2 – 2001:db8:1a:2000::/51 •  Values – 2001:db8:1a:2000:0:0:0:0 – 2001:db8:1a:3fff:ffff:ffff:ffff:ffff

•  Subnet 3 – 2001:db8:1a:4000::/51

9/24/13


Subnets at an Internet Service Provider (ISP) or Local Internet Registry (LIR)

9/25/13


ISP/LIR Customers Typically Receive A /48 Prefix

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)



ISPs/LIRs Typically Receive A /32 Prefix

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)



Allocating a /32 at the LIR Level

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)

Prefix (/32) Subnet (/16) Subnet (/16)

Prefix (/48)


Again a focus on 16 bits (4 nibbles)

2001:db8:1234:152c:12b4:5678:d334:9af

Host (/64)

Prefix (/32) Subnet (/16) Subnet (/16)

Prefix (/48)


Using Nibbles: # of /48 Subnets In a /32

9/23/13

Prefix /36 Subnets

/40 Subnets

/44 Subnets

/48 Subnets

/32 16 256 4,096 65,536

/36 16 256 4,096

/40 16 256

/44 16

/48 1

2001:db8:1234:152c:12b4:5678:d334:9af

2001:db8::/32

2001:db8:1000:/36

2001:db8:1200:/40

2001:db8:1230:/44

2001:db8:1234:/48


Subnetting At A Bit Level

2001:db8:1234:152c:12b4:5678:d334:9af

0001001000110100


Bits And Subnets

•  Helpful to think of number of possible subnets for each bit used:

•  Using 1 bit gets you 2 subnets, 2 bits gets you 4 …

•  May be more helpful to view it in this form:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 2 4 8 16 32 64 128 256 512 1024 2048 4096 8192 16384 32768 65536

16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 65536 32768 16384 8192 4096 2048 1024 512 256 128 64 32 16 8 4 2


Subnetting At A Bit Level

•  If you use __ bits, you will have __ subnets and use a __ prefix

•  Ex: 2001:db8:1230::/44 – 16 subnets - entire last nibble 2001:db8:1230::/47 – 2 subnets

•  2001:db8:1230:: - 2001:db8:1237:: •  2001:db8:1238:: - 2001:db8:123f::

2001:db8:1234:152c:12b4:5678:d334:9af

0001001000110100

16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 65536 32768 16384 8192 4096 2048 1024 512 256 128 64 32 16 8 4 2 1

/32 /33 /34 /35 /36 /37 /38 /39 /40 /41 /42 /43 /44 /45 /46 /47 /48



Assigning Individual Subnets

•  2001:db8:1230::/44 – 16 subnets – entire nibble (increment by 1)

•  2001:db8:1230::/47 – 2 subnets •  2001:db8:1230::/47 - 2001:db8:1230:: - 2001:db8:1237:: •  2001:db8:1238::/47 - 2001:db8:1238:: - 2001:db8:123f::

•  2001:db8:1230::/46 – 4 subnets •  2001:db8:1230::/46 - 2001:db8:1230:: - 2001:db8:1233:: •  2001:db8:1234::/46 - 2001:db8:1234:: - 2001:db8:1237:: •  2001:db8:1238::/46 - 2001:db8:1238:: - 2001:db8:123b:: •  2001:db8:123c::/46 - 2001:db8:123c:: - 2001:db8:123f::

2001:db8:1234:152c:12b4:5678:d334:9af Bits 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 Subnets 65536 32768 16384 8192 4096 2048 1024 512 256 128 64 32 16 8 4 2

Prefix /32 /33 /34 /35 /36 /37 /38 /39 /40 /41 /42 /43 /44 /45 /46 /47

Nibble Hex Increment

1 2 4 8 1 2 4 8 1 2 4 8 1 2 4 8



Requesting IPv6 Addresses

•  Many ISPs/LIRs simply request a /32 •  2001:db8::/32

•  You can request larger address space

•  How many /32s do you want to have?

•  See: •  http://www.internetsociety.org/deploy360/resources/how-to-get-ipv6-addresses/


Requesting Greater Than A /32

•  If you use __ bits, you will have __ subnets and use a __ prefix

•  If you want 2 /32's, request a /31

•  RIRs may have different policies about what size address blocks you can obtain

2001:0db8:1234:152c:12b4:5678:d334:9af

0000110110111000

16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 65536 32768 16384 8192 4096 2048 1024 512 256 128 64 32 16 8 4 2 1

/16 /17 /18 /19 /20 /21 /22 /23 /24 /25 /26 /27 /28 /29 /30 /31 /32


Recommendations and Resources

9/25/13


Closing Recommendations

•  Ensure that all prefixes fall on nibble boundaries

•  Plan a hierarchical scheme for easy aggregation or enforcement of policies

•  Allocate /64 prefixes for all end subnets

•  Consider scalability and future potential growth

•  Think about how well your plan might handle renumbering

•  Document your planning thoroughly


Resources

AFRINIC IPv6 Foundations •  http://learn.afrinic.net/index.php/en/resources/ipv6

SURFnet / RIPE NCC "Preparing an IPv6 Address Plan" •  http://www.surfnet.nl/Documents/rapport_201309_IPv6_numplan_EN.pdf

Internet Society Deploy360 Programme •  http://www.internetsociety.org/deploy360/ipv6/basics/ •  http://www.internetsociety.org/deploy360/resources/ipv6-address-planning/

9/25/13


[email protected] http://www.internetsociety.org/deploy360/

Dan York Senior Content Strategist Internet Society

Thank You!

Date post:	15-May-2015
Category:	Technology
Upload:	deploy360-programme-internet-society
View:	1,559 times
Download:	1 times

IPv6 Address Planning

Technology