IPv6 Unicast Address Assignment Considerations
Cisco SystemsDe Kleetlaan 6aDiegemBelgium1831+32 2704 5473gunter@cisco.comCisco Systems7025-6 Kit Creek RoadResearch Triangle ParkNorth CarolinaUSAPO Box 14987+1 919 392-3723cpopovic@cisco.comUniversity of SouthamptonHighfield SouthamptonUnited KingdomSO17 1BJ +44 23 8059 3257tjc@ecs.soton.ac.ukT-Systems Enterprise Services GmbHGoslarer Ufer 35BerlinGermany10589+49 30 3497 3124Olaf.Bonness@t-systems.com T-Systems Enterprise Services GmbHGoslarer Ufer 35BerlinGermany10589+49 30 3497 3164HahnC@t-systems.comI-DInternet-DraftIPv6addressingOne fundamental aspect of any IP communications infrastructure
is its addressing plan. With its new address architecture and allocation
policies, the introduction of IPv6 into a network means that network
designers and operators need to reconsider their existing
approaches to network addressing. Lack of guidelines on handling
this aspect of network design could slow down the deployment and
integration of IPv6. This draft aims to provide the information and
recommendations relevant to planning the addressing aspects of IPv6
deployments. The draft also provides IPv6 addressing case studies for
both an enterprise and an ISP network.
The Internet Protocol Version 6 (IPv6) Addressing Architecture
defines three main types of addresses: unicast,
anycast and multicast. This document focuses on unicast addresses, for which there
are currently two principal allocated types: Global Unique Addresses
('globals') and Unique Local IPv6 Addresses (ULAs).
In addition until recently there has been 'experimental' 6bone address
space , though its use has been
deprecated since June 2006 .
The document covers aspects that should be
considered during IPv6 deployment for the design and planning of an
addressing scheme for an IPv6 network.
The network's IPv6 addressing plan may be for an IPv6-only network, or for
a dual-stack infrastructure where some or all devices have addresses
in both protocols.
These considerations will help an IPv6 network
designer to efficiently and prudently assign the IPv6 address space that
has been allocated to their organization.
The address assignment considerations are analyzed separately for the
two major components of the IPv6 unicast addresses, namely 'Network
Level Addressing' (the allocation of subnets)
and the 'Subnet Prefix' (address usage within a subnet). Thus
the document includes a discussion of aspects of address assignment
to nodes and interfaces in an IPv6 network. Finally the document
provides two examples of successfully deployed address plans in
a service provider (ISP) and an enterprise network.
Parts of this document highlight the differences that an experienced
IPv4 network designer should consider when planning an IPv6 deployment,
for example:
IPv6 devices will more likely be multi-addressed in comparison with their IPv4
counterpartsThe practically unlimited size of an IPv6 subnet (2^64 bits) reduces
the requirement to size subnets to device counts for the purposes of
(IPv4) address conservationEven though there is no broadcast for the IPv6 protocol, there is still
need to consider the number of devices in a given subnet due to traffic
storm and level of traffic generated by hosts
The implications of the vastly increased subnet size on the threat of
address-based host scanning and other scanning techniques,
as discussed in .
We do not discuss here how a site or ISP should proceed with acquiring
its globally routable IPv6 address prefix. However, one should note that
IPv6 networks currently
receive their global unicast address allocation from their
'upstream' provider, which may be another ISP, a Local Internet Registry
(LIR) or a Regional Internet Registry (RIR). In each case the prefix
received is provider assigned (PA). Until very recently there has been
no provider independent (PI) address space for IPv6 generally
available. However ARIN is now piloting PI address space allocations,
subject to customers meeting certain requirements.
We do not discuss PI policy here. The observations and recommendations
of this text are largely independent of the PA or PI nature of the address
block being used. At this time we assume that
most commonly an IPv6 network which changes provider
will need to undergo a renumbering process, as described in
.
A separate document makes recommendations to
ease the IPv6 renumbering process.
This document does not discuss implementation aspects related to the transition
between the ULA addresses and the now obsoleted site-local addresses.
Most implementations know about Site-local addresses even though they are
deprecated, and do not know about ULAs - even though they represent current
specification. As result transitioning between these types of addresses
may cause difficulties.
-->
This section discusses the kind of IPv6 addresses used at the
network level for the IPv6 infrastructure. The kind of addresses that
can be considered are Global Unique Addresses and ULAs. We also comment
here on the recently deprecated 6bone address space.The most commonly used unicast addresses will be Global Unique
Addresses ('globals').
No significant considerations are necessary if the organization has an
address
space assignment and a single prefix is deployed through a single upstream
provider.
However, a multihomed site may deploy addresses from
two or
more Service Provider assigned IPv6 address ranges. Here, the
network Administrator must
have awareness on where and how these ranges are used on the
multihomed infrastructure environment. The nature of the usage of
multiple prefixes may depend on the reason for multihoming (e.g.
resilience failover, load balancing, policy-based routing, or multihoming
during an IPv6 renumbering event). IPv6 introduces improved support
for multi-addressed hosts through the IPv6 default address selection
methods described in RFC3484 . A multihomed
host may thus have two addresses, one per prefix (provider), and select
source and destination addresses to use as described in that RFC.
ULAs have replaced the originally conceived Site Local addresses
in the IPv6 addressing architecture, for reasons described in
.
ULAs improve on site locals by offering a high
probability of the global uniqueness of the prefix used, which can
be beneficial in the case of (deliberate or accidental) leakage, or where
networks are merged. ULAs are akin to the private address
space assigned for IPv4 networks, except
that in IPv6 networks we may expect to see ULAs used alongside global
addresses, with ULAs used internally and globals used externally.
Thus use of ULAs does not imply use of NAT for IPv6.
The ULA address range allows network administrators to deploy
IPv6 addresses on their network without asking for a globally
unique registered IPv6 address range. A ULA prefix
is 48 bits, i.e. a /48, the same as the currently recommended allocation
for a site from the globally routable IPv6 address
space .ULAs provide the means to deploy a fixed addressing
scheme that is not affected by a change in service provider and
the corresponding PA global addresses. Internal operation of the network is thus unaffected
during renumbering events. Nevertheless, this type of address must be used
with caution.
A site using ULAs may or may not also deploy globals. In an isolated
network ULAs may be deployed on their own. In a connected network,
that also deploys global addresses, both may be deployed, such that
hosts become multiaddressed (one global and one ULA address) and
the IPv6 default address selection algorithm will pick the appropriate
source and destination addresses to use, e.g. ULAs will be selected where
both the source and destination hosts have ULA addresses. Because
a ULA and a global site prefix are both /48 length, an administrator
can choose to use the same subnetting (and host addressing) plan for
both prefixes.
As an example of the problems ULAs may cause,
when using IPv6 multicast within the network,
the IPv6 default address selection algorithm
prefers the ULA address as the source address for the
IPv6 multicast streams. This is NOT a valid option when sending
an IPv6 multicast stream to the IPv6 Internet for two reasons.
For one, these addresses are not globally routable so RPF checks
for such traffic will fail outside the internal network. The other
reason is that the traffic will likely not cross the network
boundary due to multicast domain control and perimeter security policies.
In principle ULAs allow easier network mergers than RFC1918
addresses do for IPv4 because ULA prefixes have a
high probability of uniqueness, if the prefix is chosen as described
in the RFC.
The usage of ULAs should be carefully considered even when not
attached to the IPv6 Internet due to the potential for added
complexity when connecting to the Internet at some point in the
future.
The 6Bone address space was used before the RIRs started to
distribute 'production' IPv6 prefixes. The 6Bone prefixes have a
common first
16 bits in the IPv6 Prefix of 3FFE::/16. This address range is
deprecated as of 6th June 2006 and should
be avoided on any new IPv6 network deployments. Sites using 6bone
address space should renumber to production address space using
procedures as defined in .
IPv6 provides network administrators with a significantly larger
address space, enabling them to be very creative in how they can define
logical and practical address plans. The subnetting of
assigned prefixes can
be done based on various logical schemes that involve factors such as:
Geographical Boundaries - by assigning a common prefix to all
subnets within a geographical area
Organizational Boundaries - by assigning a common prefix to an
entire organization or group within a corporate infrastructure
Service Type - by reserving certain prefixes for predefined
services such as: VoIP, Content Distribution, wireless services,
Internet Access, etc
Such logical addressing plans have the potential to simplify network operations
and service offerings, and to simplify network management and troubleshooting.
A very large network would also have no need to consider using private
address space for its infrastructure devices, simplifying network
management.
The network designer must however keep in mind several factors when developing
these new addressing schemes:
Prefix Aggregation - The larger IPv6 addresses can lead to larger
routing tables unless network designers are actively pursuing aggregation.
While prefix aggregation will be enforced by the service provider, it is
beneficial for the individual organizations to observe the same principles
in their network design process
Network growth - The allocation mechanism for
flexible growth of a network prefix, documented in RFC3531
can be used to allow the network
infrastructure to grow and be numbered in a way that is likely
to preserve aggregation (the plan leaves 'holes' for growth)
ULA usage in large networks - Networks which have a large
number of 'sites' that each deploy a ULA prefix which will by
default be a 'random' /48 under fc00::/7 will have no aggregation
of those prefixes. Thus the end result may be cumbersome
because the network will have large amounts of non-aggregated
ULA prefixes. However, there is no rule to disallow large networks
to use a single ULA for all 'sites', as a ULA still provides 16 bits
for subnetting to be used internally
We do not discuss here how a network designer sizes their
application for address space. By default a site will receive
a /48 prefix . The default provider
allocation via the RIRs is currently a /32 .
These allocations are indicators for a first allocation for a
network. Different sizes may be obtained based on the anticipated
address usage . There are examples of
allocations as large as /19 having been made from RIRs to
providers at the time of writing.
Despite the large IPv6 address space which enables easier subnetting,
it still is important to ensure an efficient use of this resource. Some
addressing schemes, while facilitating aggregation and management, could
lead to significant numbers of addresses being unused. Address conservation
requirements are less stringent in IPv6 but they should still be observed.
The proposed HD value for IPv6 is 0.94 compared
to the current value of 0.96 for IPv4. Note that for IPv6 HD is calculated
for sites (i.e. on a basis of /48), instead of based on addresses like with IPv4.
This section analyzes the considerations applied to define
the subnet prefix of the IPv6 addresses. The boundaries of
the subnet prefix allocation are specified in RFC4291
. In
this document we analyze their practical implications. Based
on RFC4291 it is legal for any IPv6 unicast address
starting with binary address '000' to have a subnet prefix
larger than, smaller than or of equal to 64 bits. Each of these three
options is discussed in this document.
An allocation of a prefix shorter then 64 bits to a node or
interface is bad practice. The shortest subnet prefix that could
theoretically be assigned to an interface or node is limited by the
size of the network prefix allocated to the organization.
A possible reason for choosing the subnet prefix for an
interface shorter then /64 is that it would allow more nodes to
be attached to that interface compared to a prescribed length of 64 bits.
This however is unnecessary considering that 2^64 provides
plenty of node addresses for a well designed IPv6 network. Layer two
technologies are unlikely to support such large numbers of nodes within
a single link (e.g. Ethernet limited to 48-bits of hosts)
The subnet prefix assignments can be made
either by manual configuration, by a stateful Host
Configuration Protocol or by a stateful prefix
delegation mechanism .
Based on RFC3177 , 64 bits is the prescribed
subnet prefix length to allocate to interfaces and nodes.
When using a /64 subnet length, the address assignment for these
addresses can be made either by manual configuration, by a
stateful Host Configuration Protocol or by stateless autoconfiguration .
Note that RFC3177 strongly prescribes 64 bit subnets for general usage, and
that stateless autoconfiguration option is only defined for 64 bit subnets.
Address space conservation is the main motivation for using a subnet prefix
length longer than 64 bits.
The address assignment can be made either by manual
configuration or by a stateful Host Configuration Protocol .
When assigning a subnet prefix of more then 80 bits, according to
RFC4291 "u" and "g" bits (respectively the 81st and 82nd bit) need to
be taken into consideration and should be set correctly. In currently
implemented IPv6 protocol stacks, the relevance of the "u"
(universal/local) bit and "g" (the individual/group) bit are marginal
and typically will not show an issue when configured wrongly, however
future implementations may turn out differently.
When using subnet lengths longer then 64 bits, it is important to
avoid selecting addresses that may have a predefined use and could
confuse IPv6 protocol stacks. The alternate usage may not be
a simple unicast address in all cases. The following points should be
considered when selecting a subnet length longer then 64 bits.
RFC4291 provides a definition for the
required Subnet Router Anycast Address as follows:
It is recommended to avoid allocating this IPv6 address to a device
which is not a router. No additional dependencies for the subnet prefix
while the EUI-64 and an IID dependencies will be
discussed later in this document.
RFC2526 stated that within each subnet, the
highest 128 interface identifier values are reserved for assignment
as subnet anycast addresses.
The construction of a reserved subnet anycast address depends on the
type of IPv6 addresses used within the subnet, as indicated by the
format prefix in the addresses.
The first type of Subnet Anycast addresses have been defined
as follows for EUI-64 format:
The anycast address structure implies that it is important to avoid
creating a subnet prefix where the bits 65 to 121 are
defined as "1111110111...111" (57 bits in total) so that confusion can be
avoided.
For other IPv6 address types (that is, with format prefixes other
than those listed above), the interface identifier is not in EUI-64
format and may be other than 64 bits in length; these reserved subnet
anycast addresses for such address types are constructed as follows:
In the case discussed above there is no additional dependency for
the subnet prefix with the exception of the EUI-64 and an IID dependency.
These will be discussed later in this document.
Embedded-RP reflects the concept of
integrating the Rendezvous Point
(RP) IPv6 address into the IPv6 multicast group address. Due to this
embedding and the fact that the length of the IPv6 address AND the IPv6 multicast
address are 128 bits, it is not possible to have the complete IPv6 address of
the multicast RP embedded as such.
This resulted in a restriction of 15 possible RP-addresses per
prefix that can be used with embedded-RP. The space assigned for the embedded-RP
is based on the 4 low order bits, while the remainder of the
Interface ID is set to all '0'.
This format implies that when selecting subnet
prefixes longer then 64, and the bits beyond the 64th one are none-zero,
the subnet can not use embedded-RP.
In addition it is discouraged to assign a matching embedded-RP IPv6 address
to a device that is not a real Multicast Rendezvous Point.
ISATAP is an automatic tunneling protocol used to provide IPv6
connectivity over an IPv4 campus or enterprise environment. In order to leverage
the underlying IPv4 infrastructure, the IPv6 addresses are constructed in a special format.
An IPv6 ISATAP address has the IPv4 address embedded, based
on a predefined structure policy that identifies them as an ISATAP
address.
When using subnet prefix length longer then 64 bits it is recommended
that that the portion of the IPv6 prefix from bit 65 to the end of
the subnet prefix does not match with the well-known ISATAP [0000:5EFE]
address portion.
In its actual definition there is no multicast support on ISATAP
The 126 bit subnet prefixes are typically used for point-to-point links similar to
the RFC3021 recommendations for IPv4.
The usage of this subnet address length does not lead to any additional considerations
other than the ones discussed earlier in this section, particularly those related
to the "u" and "g" bits.
The usage of the /127 addresses is not valid and should
be strongly discouraged as documented in RFC3627 .
The 128 bit address prefix may be used in those situations where we
know that one, and only one address is sufficient. Example usage
would be the off-link loopback address of a network device.
When choosing a 128 bit prefix, it is recommended to
take the "u" and "g" bits into consideration and to make sure that
there is no overlap with either the following well-known addresses:
Subnet Router Anycast Address
Reserved Subnet Anycast Address
Addresses used by Embedded-RP
ISATAP Addresses
In order to have a complete IPv6 address, an interface must be associated
a prefix and an Interface Identifier (IID). Section 3 of this document analyzed
the prefix selection considerations. This section discusses the elements that should
be considered when assigning the IID portion of the IPv6 address.
There are various ways to allocate an IPv6 address to a device or interface.
The option with the least amount of caveats for the network
administrator is that of EUI-64 based addresses. For the manual or
dynamic options, the overlap with well known IPv6 addresses should be
avoided.
When using this method the network administrator has to allocate a
valid 64 bit subnet prefix. The EUI-64 allocation procedure
can from that moment onward assign
the remaining 64 IID bits in a stateless manner. All the considerations for selecting a
valid IID have been incorporated in the EUI-64 methodology.
The main purpose of IIDs generated based on RFC3041
is to provide privacy to the entity using this
address. While there are no particular constraints in the usage of
these addresses as defined in there are
some implications to be aware of when using privacy addresses as documented in
section 4 of RFC3041 :
The privacy extension algorithm may complicate flexibility
in future transport protocols
These addresses may add complexity to the operational management
and troubleshooting of the infrastructure (i.e. which address
belongs to which real host)
A reverse DNS lookup check may be broken when using privacy extensions
Cryptographically Generated Addresses (CGAs) are based upon
RFC3972 and provide a method for binding a public signature key
to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol .
The basic idea is to generate
the interface identifier (i.e. the rightmost 64 bits) of the IPv6
address by computing a cryptographic hash of the public key. The
resulting IPv6 address is called a cryptographically generated
address (CGA). The corresponding private key can then be used to
sign messages sent from that address.
Implications to be aware of when using CGA addresses are found in
section 7 of RFC3972 :When using CGA addresses the values of the "u" and "g" bits are ignored
however it does not add any security or implementation implications
There is no mechanism for proving that an address is not a CGA
When it is discovered that a node has been compromised, a new signature
key and a new CGA should be generated
Due to the fact that CGA generated addresses are almost indistinguishable
from a privacy address and has similar properties for many purposes,
the same considerations as with privacy
addresses are also valid for CGA generated addresses.
This section discusses those IID allocations that are not implemented through
stateless address configuration (Section 4.1). They are applicable regardless of the prefix
length used on the link. It is out of scope for this section to
discuss the various assignment methods (e.g. manual configuration,
DHCPv6, etc).
In this situation the actual allocation is done by human intervention
and consideration needs to be given to the complete IPv6 address so that it does not
result in overlaps with any of the well known IPv6 addresses:
Subnet Router Anycast Address
Reserved Subnet Anycast Address
Addresses used by Embedded-RP
ISATAP Addresses
When using an address assigned by human intervention it is recommended to
choose IPv6 addresses which are not obvious to guess and/or avoid any IPv6 addresses
that embed IPv4 addresses used in the current infrastructure. Following these two
recommendations will make it more difficult for malicious third parties
to guess targets for attack, and thus reduce security threats to a certain extent.
In this section we consider a case study of a campus network that
is deploying IPv6 in parallel with existing IPv4 protocols in a
dual-stack environment. The specific example is the University of
Southampton (UK), focusing on a large department within that network.
The deployment currently spans around 1,000 hosts and over 1,500 users.
In the case of a campus network, the site will typically take its
connectivity from its National Research and Education Network (NREN).
Southampton connects to JANET, the UK academic network, via its
local regional network LeNSE. JANET
currently has a /32 allocation from RIPE of 2001:630::/32. The
current recommended practice is for sites to receive a /48 allocation,
and on this basis Southampton has received such a prefix for its
own use, specifically 2001:630:d0::/48. The regional network also
uses its own allocation from the NREN provider.
No ULA addressing is used on site. The campus is not multihomed (JANET
is the sole provider), nor does it expect to
change service provider, and thus does not plan to use ULAs for the
(perceived) benefit of easing network renumbering. Indeed, the
campus has renumbered following the aforementioned renumbering
procedure on two
occasions, and this has proven adequate (with provisos documented
in . We also do not see any need to deploy
ULAs for in or out of band network management; there are enough IPv6
prefixes available in the site allocation for the infrastructure.
In some cases, use of private IP address space in IPv4 creates problems,
so we believe that the availability of ample global IPv6 address space
for infrastructure may be a benefit for many sites.
No 6bone addressing is used on site any more.
We note that since the 6bone phaseout of June 2006
most transit ISPs have begun filtering attempted use of such prefixes.
Southampton does participate in global and organization scope IPv6
multicast networks. Multicast address allocations are not discussed
here as they are not in scope for the document. We note that IPv6
has advantages for multicast group address allocation. In IPv4 a
site needs to use techniques like GLOP to pick a globally unique
multicast group to use. This is problematic if the site does not use
BGP and have an ASN. In IPv6 unicast-prefix-based IPv6 multicast
addresses empower a site to pick a globally
unique group address based on its unicast own site or link prefix.
Embedded RP is also in use, is seen as a potential advantage for IPv6
and multicast, and has been tested successfully across providers between
sites (including paths to/from the US and UK).
The campus has a /16 prefix for
IPv4 use; in principle 256 subnets of 256 addresses. In reality the
subnetting is muddier, because of concerns of IPv4 address conservation;
subnets are sized to the hosts within them, e.g. a /26 IPv4 prefix is
used if a subnet has 35 hosts in it. While this is efficient, it
increases management burden when physical deployments change, and
IPv4 subnets require resizing (up or down), even with DHCP in use.
The /48 IPv6 prefix is considerably larger than the IPv4 allocation
already in place at the site. It is loosely equivalent to a 'Class A'
IPv4 prefix in that it has 2^16 (over 65,000) subnets, but has an
effectively unlimited subnet address size (2^64) compared to 256 in
the IPv4 equivalent. The increased subnet size means that /64 IPv6
prefixes can be used on all subnets, without any requirement to
resize them at a later date. The increased subnet volume allows
subnets to be allocated more generously to schools and departments in
the campus. While address conservation is still important, it is
no longer an impediment on network management. Rather, address (subnet)
allocation is more about embracing the available address space and
planning for future expansion.
In a dual-stack network, we chose to deploy our IP subnets congruently
for IPv4 and IPv6. This is because the systems are still in the same
administrative domains and the same geography. We do not expect to
have IPv6-only subnets in production use for a while yet, outside
our test beds and our early Mobile IPv6 trials. With congruent
addressing, our firewall policies are also aligned for IPv4 and IPv6
traffic at our site border.
The subnet allocation plan required a division of the address space
per school or department. Here a /56 was allocated to the school
level of the university; there are around 30 schools currently.
A /56 of IPv6 address space equates to 256 /64 size subnet allocations.
Further /56 allocations were made for central IT infrastructure, for
the network infrastructure and the server side systems.
The network uses a Demilitarized Zone (DMZ) topology for some level
of protection of 'public' systems. Again, this topology is congruent
with the IPv4 network.
There are no specific transition methods deployed internally to the
campus; everything is using the conventional dual-stack approach.
There is no use of ISATAP for example.
For the Mobile IPv6 early trails, we have allocated one prefix for
Home Agent (HA) use. We have not yet considered in detail
how Mobile IPv6 usage
may grow, and whether more or even every subnet will require HA
support.
The university operates a tunnel broker
service on behalf of UKERNA for JANET sites.
This uses separate address space from JANET, not our university site
allocation.
We currently use stateless autoconfiguration on most subnets for
IPv6 hosts. There is no DHCPv6 service deployed yet, beyond tests
of early code releases. We plan to deploy DHCPv6 for address
assignment when robust client and server code is available (at the
time of writing the potential for this looks good, e.g. via the ISC
implementation).
We also are seeking a common integrated DHCP/DNS
management platform, even if the servers themselves are not co-located,
including integrated DHCPv4 and DHCPv6 server configuration, as
discussed in .
Currently we add client statelessly autoconfigured
addresses to the DNS manually, though dynamic DNS is an option.
Our administrators would prefer the
use of DHCP because they believe it gives them more management control.
Regarding the implications of the larger IPv6 subnet address space on
scanning attacks , we note that all our hosts
are dual-stack, and thus are potentially exposed over both protocols
anyway. We publish all addresses in DNS, and do not operate a two faced
DNS.
We have internal usage of RFC3041 privacy addresses
currently (certain platforms currently
ship with it on by default), but
may wish to administratively disable this (perhaps via DHCP) to ease
management complexity. However, we
need to determine the feasibility of this on all systems, e.g. for
guests on wireless LAN or other user-maintained systems. Network
management and monitoring should be
simpler without RFC3041 in operation, in terms of identifying which
physical hosts are using which addresses. We note that RFC3041 is only an
issue for outbound connections, and that there is potential to assign
privacy addresses via DHCPv6.
We manually configure server addresses to avoid address changes on
a change of network adaptor. With IPv6 you can choose to pick ::53
for a DNS server, or can pick 'random' addresses for obfuscation,
though that's not an issue for publicly advertised addresses (dns, mx,
web, etc).
In this section an IPv6 addressing schema is sketched that could
serve as an example for an Internet Service Provider.
Sub-section 5.2.1 starts with some thoughts regarding objective
requirements of such an addressing schema and deriving a few general
thumb rules that have to be kept in mind when designing an ISP IPv6
addressing plan.
Sub-section 5.2.2 illustrates these findings of 5.2.1 with an
exemplary IPv6 addressing schema for an MPLS-based ISP offering Internet
Services as well as Network Access services to millions of customers.
The first step of the IPv6 addressing plan design for a Service
provider should identify all technical, operational, political and
business requirements that have to be satisfied by the services supported
by this addressing schema.
According to the different technical constraints and business models
as well as the different weights of these requirements (from the point
of view of the corresponding Service Provider) it is very likely that
different addressing schemas will be developed and deployed by different
ISPs. Nevertheless the addressing schema of sub-section 5.2.2 is one
possible example.
For this document it is assumed that our exemplary ISP has to fulfil
several roles for its customers as there are:Local Internet RegistryNetwork Access ProviderInternet Service ProviderIn their role as LIR the Service Providers have to care about the policy
constraints of the RIRs and the standards of the IETF regarding IPv6
addressing. In this context, the following basic requirements and recommendations
have to be taken into account and should be satisfied by the IPv6 address
allocation plan of a Service Provider:
As recommended in RFC 3177 [7] and in several RIR policies "Common" customers sites
(normally private customers) should receive a /48 prefix from the aggregate of the Service
Provider. (Note: The addressing plan must be flexible enough and take into account the
possible change of the minimum allocation size for end users currently under definition
by the RIRs.)
"Big customers" (like big enterprises, governmental agencies etc.) may receive
shorter prefixes according to their needs when this need could be documented and
justified to the RIR.
The IPv6 address allocation schema has to be able to meet the HD-ratio of 0.94 as it
is defined for IPv6. This requirement corresponds to the demand for an efficient usage
of the IPv6 address aggregate by the Service Provider. (Note: A HD-ratio of 0.94 means
an effective usage of about 31% of a /20 of the Service Provider on the basis of /48
assignments.)
All assignments to customers have to be documented and stored into a database that
can also be queried by the RIR.
The LIR has to make available means for supporting the reverse DNS mapping of
the customer prefixes.
From ISP perspective the following basic requirements could be identified:
The IPv6 address allocation schema must be able to realize a
maximal aggregation of all IPv6 address delegations to customers
into the address aggregate of the Service Provider. Only this
provider aggregate will be routed and injected into the global
routing table (DFZ). This strong aggregation keeps the routing
tables of the DFZ small and eases filtering and access control
very much.
The IPv6 addressing schema of the SP should contain maximal flexibility since the
infrastructure of the SP will change over the time with new customers, transport
technologies and business cases. The requirement of maximal flexibility is
contrary to the requirements of strong IPv6 address aggregation and efficient
address usage, but at this point each SP has to decide which of these requirements
to prioritize.
Keeping the multilevel network hierarchy of an ISP in mind, due to addressing
efficiency reasons not all hierarchy levels can and should be mapped into the
IPv6 addressing schema of an ISP. Sometimes it is much better to implement "flat"
addressing for the ISP network than to loose big chunks of the IPv6 address
aggregate in addressing each level of network hierarchy. Besides that a decoupling
of provider network addressing and customer addressing is recommended.
(Note: A strong aggregation e.g. on POP, aggregation router or LER
level limits the numbers of customer routes that are visible within
the ISP network but brings also down the efficiency of the IPv6
addressing schema. That's why each ISP has to decide how many
internal aggregation levels he wants to deploy.)
As already done for the LIR and the ISP roles of the SP it is also
necessary to identify requirements that come from its Network Access
Provider role. Some of the basic requirements are:
The IPv6 addressing schema of the SP must be flexible enough to
adapt changes that are injected from the customer side. This
covers changes to addressing architecture or routing topology
that are triggered from for instance the raising needs of the
customers regarding IPv6 addresses as well as changes that come from
topological modifications (e.g. when the customer moves from one
point of network attachment (POP) to another).
For each IPv6 address assignment to customers a "buffer zone" must be reserved
that allows the customer to grow in its addressing range without renumbering or
assignment of additional prefixes.
The IPv6 addressing schema of the SP must deal with multiple-attachments of a
single customer to the SP network infrastructure (i.e. multi-homed network
access with the same SP).
These few requirements are only part of all the requirements a Service
Provider has to investigate and keep in mind during the definition phase
of its addressing architecture. Each SP will most likely add more constraints
to this list.
As outcome of the above investigation of requirements regarding an ISP
IPv6 addressing plane the following design "thumb rules" should be derived:
No "One size fits all"
Each ISP must develop its own IPv6 address allocation schema depending
on its concrete business needs. It is not practicable to design one
addressing plan that fits all ISPs (Small / big, Routed / MPLS-based,
access / transit, LIR / No-LIR, ...).
The levels of IPv6 address aggregation within the ISP addressing
schema should strongly correspond to the implemented network structure
and their number should be minimized because of efficiency reasons.
It is assumed that the SPs own infrastructure will be addressed in a
fairly flat way whereas the part of the customer addressing architecture
should contain several levels of aggregation.
Keep the number of IPv6 customer routes inside your network as small
as necessary. A totally flat customer IPv6 addressing architecture without any
intermediate aggregation level will lead to lots of customer routes
inside the SP network. A fair trade-off between address aggregation
levels (and hence the size of the internal routing table of the SP)
and address conservation of the addressing architecture has to be found.
The ISP IPv6 addressing schema should provide maximal flexibility.
This has to be realized for supporting different sizes of customer IPv6
address aggregates ("big" customers vs. "small" customers) as well as
to allow future growing rates (e.g. of customer aggregates) and
possible topological or infrastructural changes.
A limited number of aggregation levels and sizes of customer aggregates
will ease the management of the addressing schema. This has to be
weighed against the previous "thumb rule" - flexibility.
In this example, the Service Provider is assumed to operate an MPLS based
backbone and implements 6PE to provide IPv6 backbone transport between the different
locations (POPs) of a fully dual-stacked network access and aggregation area.
Besides that it is assumed that the Service Provider:has received a /20 from its RIRoperates its own LIRhas to address its own IPv6 infrastructuredelegates prefixes from this aggregate to its customersThis addressing schema should illustrate how the /20 IPv6 prefix of the SP
can be used to address the SP-own infrastructure and to delegate IPv6 prefixes
to its customers following the above mentioned requirements and thumb rules as
far as possible.
The below figure summarizes the device types in an SP network and the typical
network design. The network hierarchy of the SP has to be taken into account for
the design of an IPv6 addressing schema and defines its basic shape and the levels
of aggregation.
Basic design decisions for the exemplary Service Provider IPv6 address
plan regarding customer prefixes take into consideration:
The prefixes assigned to all customers behind the same LER (e.g. LER or
LER-BB) are aggregated under one prefix. This ensures that the number of
labels that have to be used for 6PE is limited and hence provides a strong MPLS
label conservation.
The /20 prefix of the SP is separated into 3 different pools that are
used to allocate IPv6 prefixes to the customers of the SP:
A pool (e.g. /24) for satisfying the addressing needs of real "big"
customers (as defined in 5.2.2.1 sub-section A.) that need IPv6 prefixes
larger than /48 (e.g. /32). These customers are assumed to be connected to
several POPs of the access network, so that this customer prefix will be
visible in each of these POPs.
A pool (e.g. /24) for the LERs with direct customer connections (e.g.
dedicated line access) and without an additional aggregation area between
the customer and the LER. (These LERs are mostly connected to a limited
number of customers because of the limited number of interfaces/ports.)
A larger pool (e.g. 14*/24) for LERs (e.g. LER-BB) that serve a high
number of customers that are normally connected via some kind of aggregation
network (e.g. DSL customers behind a BB-RAR or Dial-In customers behind a RAR).
The IPv6 address delegation within each Pool (end customer delegation
or also the aggregates that are dedicated to the LERs itself) should be
chosen with an additional buffer zone of 300% for future growth.
SP’s "big" customers receive their prefix from the /24 IPv6 address
aggregate that has been reserved for their "big" customers. A customer
is considered as "big" customer if it has a very complex network infrastructure
and/or huge IPv6 address needs (e.g. because of very large customer numbers) and/or
several uplinks to different POPs of the SP network.
The assigned IPv6 address prefixes can have a prefix length in the range
32-48 and for each assignment a 300% future growing zone is marked as "reserved"
for this customer. This means that for instance with a delegation of a /34 to
a customer the /32 that contains this /34 is reserved for the customer for future usage.
The prefixes for the "big" customers can be chosen from the corresponding
"big customer" pool by either using an equidistant algorithm or using mechanisms
similar to the Sparse Allocation Algorithm (SAA) .
All customers that are not "big" customers are considered
as "common" customers. They represent the majority of customers
hence they receive a /48 out of the IPv6 customer address pool of
the LER where they are directly connected or aggregated.
Again a 300% future growing IPv6 address range is reserved for
each customer, so that a "common" customer receives a /48 allocation
but has a /46 reserved.
In the network access scenarios where the customer is directly
connected to the LER the customer prefix is directly taken out of the
customer IPv6 address aggregate (e.g. /38) of the corresponding LER.
In all other cases (e.g. the customer is attached to a RAR that
is themselves aggregated to an AG or to a LER) at least 2 different
approaches are possible.
1) Mapping of Aggregation Network Hierarchy into Customer IPv6
Addressing Schema. The aggregation network hierarchy could be mapped
into the design of the customer prefix pools of each network level
in order to achieve a maximal aggregation at the LER level as well as
at the intermediate levels. (Example: Customer - /48, RAR - /38, AG - /32,
LER-BB - /30). At each network level an adequate growing zone should be
reserved. (Note: This approach requires of course some "fine tuning" of
the addressing schema based on a very good knowledge of the Service
Provider network topology including actual growing ranges and rates.)
When the IPv6 customer address pool of a LER (or another device of the
aggregation network - AG or RAR) is exhausted, the related LER (or AG or
RAR) prefix is shortened by 1 or 2 bits (e.g. from /38 to /37 or /36) so
that the originally reserved growing zone can be used for further IPv6
address allocations to customers. In the case where the growing zone is
exhausted as well a new prefix range from the corresponding pool of the
next higher hierarchy level can be requested.
2) "Flat" Customer IPv6 Addressing Schema. The other option is to
allocate all the customer prefixes directly out of the customer IPv6
address pool of the LER where the customers are attached and aggregated
and ignore the intermediate aggregation network infrastructure. This
approach leads of course to a higher amount of customer routes at LER
and aggregation network level but takes a great amount of complexity
out of the addressing schema. Nevertheless the aggregation of the
customer prefixes to one prefix at LER level is realized as required above.
If the actual observed growing rates show that the reserved growing
zones are not needed than these growing areas can be freed and used for
assignments for prefix pools to other devices at the same level of the
network hierarchy.
For the IPv6 addressing of SPs own network infrastructure a /32 (or /40)
from the "big" customers address pool can be chosen.
This SP infrastructure prefix is used to code the network infrastructure
of the SP by assigning a /48 to every POP/location and using for instance a /56
for coding the corresponding router within this POP. Each SP internal link
behind a router interface could be coded using a /64 prefix. (Note: While it
is suggested to chose a /48 for addressing the POP/location of the SP network
it is left to each SP to decide what prefix length to assign to the routers
and links within this POP.)
The IIDs of the router interfaces may be generated by using EUI-64 or
through plain manual configuration e.g. for coding additional network or
operational information into the IID.
It is assumed that a 300% growing zones for each level of network hierarchy
and additional prefixes may be assigned to POPs and/or routers if needed.
Loopback interfaces of routers may be chosen from the first /64 of the /56
router prefix (in the example above).
(Note: The /32 prefix that has been chosen for addressing SPs own IPv6
network infrastructure gives enough place to code additional functionalities
like security levels or private and test infrastructure although such
approaches haven't been considered in more detail for the above described
SP until now.)
Point-to-point links to customers (e.g. PPP links, dedicated line etc.) may
be addressed using /126 prefixes out of the first /64 of the access routers
that could be reserved for this reason.
From the actual view point of SP there is no compelling reason why ULAs
should be used from a SP. Look at section 2.2.
ULAs could be used inside the SP network in order to have an additional
"site-local scoped" IPv6 address for SPs own infrastructure for instance for
network management reasons and maybe also in order to have an addressing schema
that couldn't be reached from outside the SP network.
In the case when ULAs are used it is possible to map the proposed internal
IPv6 addressing of SPs own network infrastructure as described in 5.2.2.2 above
directly to the ULA addressing schema by substituting the /48 POP prefix with a
/48 ULA site prefix.
IPv6 Multicast-related addressing issues are out of the scope of this document.
POP (or better LER) Multi-homing of customers with the same SP can be realized
within the proposed IPv6 addressing schema of the SP by assigning multiple LER-dependent
prefixes to this customer (i.e. considering each customer location as a single-standing
customer) or by choosing a customer prefix out of the pool of "big" customers. The second
solution has the disadvantage that in every LER where the customer is attached this
prefix will appear inside the IGP routing table requiring an explicit MPLS label.
An equal effect happens when a customer changes its point of attachment to another
POP/LER since in this case the customer prefix could not be aggregated into the LER
prefix and needs to be advertised more specific in the IGP.
(Note: The described negative POP/LER Multi-homing effects to the addressing
architecture in the SP access network are not tackled by implementing the Shim6 Site
Multi-homing approach since this approach targets only on a mechanism for dealing
with multiple prefixes in end systems — the SP will nevertheless have unaggregated
customer prefixes in its internal routing tables.)
The proposed IPv6 addressing schema for a SP needs some slight enhancements /
modifications for the later phases of IPv6 integration, for instance in the case
when the whole MPLS backbone infrastructure (LDP, IGP etc.) is realized over
IPv6 transport an addressing of the LSRs is needed. Other changes may be necessary
as well but should not be explained at this point.
There are no extra IANA consideration for this document.
This IPv6 addressing document does not have any direct impact on Internet
infrastructure security.
Constructive feedback and contributions have been received from Stig Venaas, Pekka Savola, John Spence,
Patrick Grossetete, Carlos Garcia Braschi, Brain Carpenter and Mark Smith.
&rfc1918;
&rfc2462;
&rfc2471;
&rfc2526;
&rfc3021;
&rfc3041;
&rfc3053;
&rfc3177;
&rfc3194;
&rfc3315;
&rfc3484;
&rfc3531;
&rfc3587;
&rfc3627;
&rfc3633;
&rfc3701;
&rfc3736;
&rfc3879;
&rfc3956;
&rfc3971;
&rfc3972;
&rfc4192;
&rfc4193;
&rfc4214;
&rfc4291;
&rfc4477;
&THINKABOUT;
http://www.ripe.net/ripe/docs/ipv6policy.html
IPv6 Implications for TCP/UDP Port Scanning (draft-ietf-v6ops-scanning-implications-00.txt)IPv6 Address Allocation and Assignment Policy (www.ripe.net/ripe/docs/ipv6policy.html)Things to think about when Renumbering an IPv6 network (draft-chown-v6ops-renumber-thinkabout-05.txt)