By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”
The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 4, 2007.
One fundamental aspect of any IP communications infrastructure is its addressing plan. With its new address architecture and allocation policies, the introduction of IPv6 into a network means that network designers and operators need to reconsider their existing approaches to network addressing. Lack of guidelines on handling this aspect of network design could slow down the deployment and integration of IPv6. This draft aims to provide the information and recommendations relevant to planning the addressing aspects of IPv6 deployments. The draft also provides IPv6 addressing case studies for both an enterprise and an ISP network.
2. Network Level Addressing Design Considerations
2.1. Global Unique Addresses
2.2. Unique Local IPv6 Addresses
2.3. 6Bone Address Space
2.4. Network Level Design Considerations
2.4.1. Sizing the Network Allocation
2.4.2. Address Space Conservation
3. Subnet Prefix Considerations
3.1. Considerations for subnet prefixes shorter then /64
3.2. Considerations for /64 prefixes
3.3. Considerations for subnet prefixes longer then /64
3.3.1. Anycast addresses
3.3.2. Addresses used by Embedded-RP (RFC3956)
3.3.3. ISATAP addresses
3.3.4. /126 addresses
3.3.5. /127 addresses
3.3.6. /128 addresses
4. Allocation of the IID of an IPv6 Address
4.1. Automatic EUI-64 Format Option
4.2. Using Privacy Extensions
4.3. Cryptographically Generated IPv6 Addresses
4.4. Manual/Dynamic Assignment Option
5. Case Studies
5.1. Enterprise Considerations
5.1.1. Obtaining general IPv6 network prefixes
5.1.2. Forming an address (subnet) allocation plan
5.1.3. Other considerations
5.1.4. Node configuration considerations
5.2. Service Provider Considerations
5.2.1. Investigation of objective Requirements for an IPv6 addressing schema of a Service Provider
5.2.2. Exemplary IPv6 address allocation plan for a Service Provider
5.2.3. Additional Remarks
6. IANA Considerations
7. Security Considerations
9.1. Normative References
9.2. Informative References
§ Authors' Addresses
§ Intellectual Property and Copyright Statements
The Internet Protocol Version 6 (IPv6) Addressing Architecture [RFC4291] (Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” February 2006.) defines three main types of addresses: unicast, anycast and multicast. This document focuses on unicast addresses, for which there are currently two principal allocated types: Global Unique Addresses [RFC3587] (Hinden, R., Deering, S., and E. Nordmark, “IPv6 Global Unicast Address Format,” August 2003.) ('globals') and Unique Local IPv6 Addresses [RFC4193] (Hinden, R. and B. Haberman, “Unique Local IPv6 Unicast Addresses,” October 2005.) (ULAs). In addition until recently there has been 'experimental' 6bone address space [RFC2471] (Hinden, R., Fink, R., and J. Postel, “IPv6 Testing Address Allocation,” December 1998.), though its use has been deprecated since June 2006 [RFC3701] (Fink, R. and R. Hinden, “6bone (IPv6 Testing Address Allocation) Phaseout,” March 2004.).
The document covers aspects that should be considered during IPv6 deployment for the design and planning of an addressing scheme for an IPv6 network. The network's IPv6 addressing plan may be for an IPv6-only network, or for a dual-stack infrastructure where some or all devices have addresses in both protocols. These considerations will help an IPv6 network designer to efficiently and prudently assign the IPv6 address space that has been allocated to their organization.
The address assignment considerations are analyzed separately for the two major components of the IPv6 unicast addresses, namely 'Network Level Addressing' (the allocation of subnets) and the 'Subnet Prefix' (address usage within a subnet). Thus the document includes a discussion of aspects of address assignment to nodes and interfaces in an IPv6 network. Finally the document provides two examples of successfully deployed address plans in a service provider (ISP) and an enterprise network.
Parts of this document highlight the differences that an experienced IPv4 network designer should consider when planning an IPv6 deployment, for example:
We do not discuss here how a site or ISP should proceed with acquiring its globally routable IPv6 address prefix. However, one should note that IPv6 networks currently receive their global unicast address allocation from their 'upstream' provider, which may be another ISP, a Local Internet Registry (LIR) or a Regional Internet Registry (RIR). In each case the prefix received is provider assigned (PA). Until very recently there has been no provider independent (PI) address space for IPv6 generally available. However ARIN is now piloting PI address space allocations, subject to customers meeting certain requirements.
We do not discuss PI policy here. The observations and recommendations of this text are largely independent of the PA or PI nature of the address block being used. At this time we assume that most commonly an IPv6 network which changes provider will need to undergo a renumbering process, as described in [RFC4192] (Baker, F., Lear, E., and R. Droms, “Procedures for Renumbering an IPv6 Network without a Flag Day,” September 2005.). A separate document [THINKABOUT] (Chown, T., Thompson, M., Ford, A., and S. Venaas, “Things to think about when Renumbering an IPv6 network (draft-chown-v6ops-renumber-thinkabout-05.txt),” March 2007.) makes recommendations to ease the IPv6 renumbering process.
This document does not discuss implementation aspects related to the transition between the ULA addresses and the now obsoleted site-local addresses. Most implementations know about Site-local addresses even though they are deprecated, and do not know about ULAs - even though they represent current specification. As result transitioning between these types of addresses may cause difficulties.
This section discusses the kind of IPv6 addresses used at the network level for the IPv6 infrastructure. The kind of addresses that can be considered are Global Unique Addresses and ULAs. We also comment here on the recently deprecated 6bone address space.
The most commonly used unicast addresses will be Global Unique Addresses ('globals'). No significant considerations are necessary if the organization has an address space assignment and a single prefix is deployed through a single upstream provider.
However, a multihomed site may deploy addresses from two or more Service Provider assigned IPv6 address ranges. Here, the network Administrator must have awareness on where and how these ranges are used on the multihomed infrastructure environment. The nature of the usage of multiple prefixes may depend on the reason for multihoming (e.g. resilience failover, load balancing, policy-based routing, or multihoming during an IPv6 renumbering event). IPv6 introduces improved support for multi-addressed hosts through the IPv6 default address selection methods described in RFC3484 [RFC3484] (Draves, R., “Default Address Selection for Internet Protocol version 6 (IPv6),” February 2003.). A multihomed host may thus have two addresses, one per prefix (provider), and select source and destination addresses to use as described in that RFC.
ULAs have replaced the originally conceived Site Local addresses in the IPv6 addressing architecture, for reasons described in [RFC3879] (Huitema, C. and B. Carpenter, “Deprecating Site Local Addresses,” September 2004.). ULAs improve on site locals by offering a high probability of the global uniqueness of the prefix used, which can be beneficial in the case of (deliberate or accidental) leakage, or where networks are merged. ULAs are akin to the private address space [RFC1918] (Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and E. Lear, “Address Allocation for Private Internets,” February 1996.) assigned for IPv4 networks, except that in IPv6 networks we may expect to see ULAs used alongside global addresses, with ULAs used internally and globals used externally. Thus use of ULAs does not imply use of NAT for IPv6.
The ULA address range allows network administrators to deploy IPv6 addresses on their network without asking for a globally unique registered IPv6 address range. A ULA prefix is 48 bits, i.e. a /48, the same as the currently recommended allocation for a site from the globally routable IPv6 address space [RFC3177] (IAB and IESG, “IAB/IESG Recommendations on IPv6 Address Allocations to Sites,” September 2001.).
ULAs provide the means to deploy a fixed addressing scheme that is not affected by a change in service provider and the corresponding PA global addresses. Internal operation of the network is thus unaffected during renumbering events. Nevertheless, this type of address must be used with caution.
A site using ULAs may or may not also deploy globals. In an isolated network ULAs may be deployed on their own. In a connected network, that also deploys global addresses, both may be deployed, such that hosts become multiaddressed (one global and one ULA address) and the IPv6 default address selection algorithm will pick the appropriate source and destination addresses to use, e.g. ULAs will be selected where both the source and destination hosts have ULA addresses. Because a ULA and a global site prefix are both /48 length, an administrator can choose to use the same subnetting (and host addressing) plan for both prefixes.
As an example of the problems ULAs may cause, when using IPv6 multicast within the network, the IPv6 default address selection algorithm prefers the ULA address as the source address for the IPv6 multicast streams. This is NOT a valid option when sending an IPv6 multicast stream to the IPv6 Internet for two reasons. For one, these addresses are not globally routable so RPF checks for such traffic will fail outside the internal network. The other reason is that the traffic will likely not cross the network boundary due to multicast domain control and perimeter security policies.
In principle ULAs allow easier network mergers than RFC1918 addresses do for IPv4 because ULA prefixes have a high probability of uniqueness, if the prefix is chosen as described in the RFC.
The usage of ULAs should be carefully considered even when not attached to the IPv6 Internet due to the potential for added complexity when connecting to the Internet at some point in the future.
The 6Bone address space was used before the RIRs started to distribute 'production' IPv6 prefixes. The 6Bone prefixes have a common first 16 bits in the IPv6 Prefix of 3FFE::/16. This address range is deprecated as of 6th June 2006 [RFC3701] (Fink, R. and R. Hinden, “6bone (IPv6 Testing Address Allocation) Phaseout,” March 2004.) and should be avoided on any new IPv6 network deployments. Sites using 6bone address space should renumber to production address space using procedures as defined in [RFC4192] (Baker, F., Lear, E., and R. Droms, “Procedures for Renumbering an IPv6 Network without a Flag Day,” September 2005.).
IPv6 provides network administrators with a significantly larger address space, enabling them to be very creative in how they can define logical and practical address plans. The subnetting of assigned prefixes can be done based on various logical schemes that involve factors such as:
Such logical addressing plans have the potential to simplify network operations and service offerings, and to simplify network management and troubleshooting. A very large network would also have no need to consider using private address space for its infrastructure devices, simplifying network management.
The network designer must however keep in mind several factors when developing these new addressing schemes:
We do not discuss here how a network designer sizes their application for address space. By default a site will receive a /48 prefix [RFC3177] (IAB and IESG, “IAB/IESG Recommendations on IPv6 Address Allocations to Sites,” September 2001.). The default provider allocation via the RIRs is currently a /32 [reference2] (APNIC, ARIN, RIPE NCC, “IPv6 Address Allocation and Assignment Policy (www.ripe.net/ripe/docs/ipv6policy.html),” January 2003.). These allocations are indicators for a first allocation for a network. Different sizes may be obtained based on the anticipated address usage [reference2] (APNIC, ARIN, RIPE NCC, “IPv6 Address Allocation and Assignment Policy (www.ripe.net/ripe/docs/ipv6policy.html),” January 2003.). There are examples of allocations as large as /19 having been made from RIRs to providers at the time of writing.
Despite the large IPv6 address space which enables easier subnetting, it still is important to ensure an efficient use of this resource. Some addressing schemes, while facilitating aggregation and management, could lead to significant numbers of addresses being unused. Address conservation requirements are less stringent in IPv6 but they should still be observed.
The proposed HD [RFC3194] (Durand, A. and C. Huitema, “The H-Density Ratio for Address Assignment Efficiency An Update on the H ratio,” November 2001.) value for IPv6 is 0.94 compared to the current value of 0.96 for IPv4. Note that for IPv6 HD is calculated for sites (i.e. on a basis of /48), instead of based on addresses like with IPv4.
This section analyzes the considerations applied to define the subnet prefix of the IPv6 addresses. The boundaries of the subnet prefix allocation are specified in RFC4291 [RFC4291] (Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” February 2006.). In this document we analyze their practical implications. Based on RFC4291 [RFC4291] (Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” February 2006.) it is legal for any IPv6 unicast address starting with binary address '000' to have a subnet prefix larger than, smaller than or of equal to 64 bits. Each of these three options is discussed in this document.
An allocation of a prefix shorter then 64 bits to a node or interface is bad practice. The shortest subnet prefix that could theoretically be assigned to an interface or node is limited by the size of the network prefix allocated to the organization.
A possible reason for choosing the subnet prefix for an interface shorter then /64 is that it would allow more nodes to be attached to that interface compared to a prescribed length of 64 bits. This however is unnecessary considering that 2^64 provides plenty of node addresses for a well designed IPv6 network. Layer two technologies are unlikely to support such large numbers of nodes within a single link (e.g. Ethernet limited to 48-bits of hosts)
The subnet prefix assignments can be made either by manual configuration, by a stateful Host Configuration Protocol [RFC3315] (Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, “Dynamic Host Configuration Protocol for IPv6 (DHCPv6),” July 2003.) or by a stateful prefix delegation mechanism [RFC3633] (Troan, O. and R. Droms, “IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6,” December 2003.).
Based on RFC3177 [RFC3177] (IAB and IESG, “IAB/IESG Recommendations on IPv6 Address Allocations to Sites,” September 2001.), 64 bits is the prescribed subnet prefix length to allocate to interfaces and nodes.
When using a /64 subnet length, the address assignment for these addresses can be made either by manual configuration, by a stateful Host Configuration Protocol [RFC3315] (Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, “Dynamic Host Configuration Protocol for IPv6 (DHCPv6),” July 2003.) [RFC3736] (Droms, R., “Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6,” April 2004.) or by stateless autoconfiguration [RFC2462] (Thomson, S. and T. Narten, “IPv6 Stateless Address Autoconfiguration,” December 1998.).
Note that RFC3177 strongly prescribes 64 bit subnets for general usage, and that stateless autoconfiguration option is only defined for 64 bit subnets.
Address space conservation is the main motivation for using a subnet prefix length longer than 64 bits.
The address assignment can be made either by manual configuration or by a stateful Host Configuration Protocol [RFC3315] (Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, “Dynamic Host Configuration Protocol for IPv6 (DHCPv6),” July 2003.).
When assigning a subnet prefix of more then 80 bits, according to RFC4291 [RFC4291] (Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” February 2006.) "u" and "g" bits (respectively the 81st and 82nd bit) need to be taken into consideration and should be set correctly. In currently implemented IPv6 protocol stacks, the relevance of the "u" (universal/local) bit and "g" (the individual/group) bit are marginal and typically will not show an issue when configured wrongly, however future implementations may turn out differently.
When using subnet lengths longer then 64 bits, it is important to avoid selecting addresses that may have a predefined use and could confuse IPv6 protocol stacks. The alternate usage may not be a simple unicast address in all cases. The following points should be considered when selecting a subnet length longer then 64 bits.
RFC4291 [RFC4291] (Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” February 2006.) provides a definition for the required Subnet Router Anycast Address as follows:
| n bits | 128-n bits | +--------------------------------------------+----------------+ | subnet prefix | 00000000000000 | +--------------------------------------------+----------------+
It is recommended to avoid allocating this IPv6 address to a device which is not a router. No additional dependencies for the subnet prefix while the EUI-64 and an IID dependencies will be discussed later in this document.
RFC2526 [RFC2526] (Johnson, D. and S. Deering, “Reserved IPv6 Subnet Anycast Addresses,” March 1999.) stated that within each subnet, the highest 128 interface identifier values are reserved for assignment as subnet anycast addresses.
The construction of a reserved subnet anycast address depends on the type of IPv6 addresses used within the subnet, as indicated by the format prefix in the addresses.
The first type of Subnet Anycast addresses have been defined as follows for EUI-64 format:
| 64 bits | 57 bits | 7 bits | +------------------------------+------------------+------------+ | subnet prefix | 1111110111...111 | anycast ID | +------------------------------+------------------+------------+
The anycast address structure implies that it is important to avoid creating a subnet prefix where the bits 65 to 121 are defined as "1111110111...111" (57 bits in total) so that confusion can be avoided.
For other IPv6 address types (that is, with format prefixes other than those listed above), the interface identifier is not in EUI-64 format and may be other than 64 bits in length; these reserved subnet anycast addresses for such address types are constructed as follows:
| n bits | 121-n bits | 7 bits | +------------------------------+------------------+------------+ | subnet prefix | 1111111...111111 | anycast ID | +------------------------------+------------------+------------+ | interface identifier field |
In the case discussed above there is no additional dependency for the subnet prefix with the exception of the EUI-64 and an IID dependency. These will be discussed later in this document.
Embedded-RP [RFC3956] (Savola, P. and B. Haberman, “Embedding the Rendezvous Point (RP) Address in an IPv6 Multicast Address,” November 2004.) reflects the concept of integrating the Rendezvous Point (RP) IPv6 address into the IPv6 multicast group address. Due to this embedding and the fact that the length of the IPv6 address AND the IPv6 multicast address are 128 bits, it is not possible to have the complete IPv6 address of the multicast RP embedded as such.
This resulted in a restriction of 15 possible RP-addresses per prefix that can be used with embedded-RP. The space assigned for the embedded-RP is based on the 4 low order bits, while the remainder of the Interface ID is set to all '0'.
[IPv6-prefix (64 bits)][60 bits all '0'][RIID] Where: [RIID] = 4 bit.
This format implies that when selecting subnet prefixes longer then 64, and the bits beyond the 64th one are none-zero, the subnet can not use embedded-RP.
In addition it is discouraged to assign a matching embedded-RP IPv6 address to a device that is not a real Multicast Rendezvous Point.
ISATAP [RFC4214] (Templin, F., Gleeson, T., Talwar, M., and D. Thaler, “Intra-Site Automatic Tunnel Addressing Protocol (ISATAP),” October 2005.) is an automatic tunneling protocol used to provide IPv6 connectivity over an IPv4 campus or enterprise environment. In order to leverage the underlying IPv4 infrastructure, the IPv6 addresses are constructed in a special format.
An IPv6 ISATAP address has the IPv4 address embedded, based on a predefined structure policy that identifies them as an ISATAP address.
[IPv6 Prefix (64 bits)][0000:5EFE][IPv4 address]
When using subnet prefix length longer then 64 bits it is recommended that that the portion of the IPv6 prefix from bit 65 to the end of the subnet prefix does not match with the well-known ISATAP [0000:5EFE] address portion.
In its actual definition there is no multicast support on ISATAP
The 126 bit subnet prefixes are typically used for point-to-point links similar to the RFC3021 [RFC3021] (Retana, A., White, R., Fuller, V., and D. McPherson, “Using 31-Bit Prefixes on IPv4 Point-to-Point Links,” December 2000.) recommendations for IPv4. The usage of this subnet address length does not lead to any additional considerations other than the ones discussed earlier in this section, particularly those related to the "u" and "g" bits.
The usage of the /127 addresses is not valid and should be strongly discouraged as documented in RFC3627 [RFC3627] (Savola, P., “Use of /127 Prefix Length Between Routers Considered Harmful,” September 2003.).
The 128 bit address prefix may be used in those situations where we know that one, and only one address is sufficient. Example usage would be the off-link loopback address of a network device.
When choosing a 128 bit prefix, it is recommended to take the "u" and "g" bits into consideration and to make sure that there is no overlap with either the following well-known addresses:
In order to have a complete IPv6 address, an interface must be associated a prefix and an Interface Identifier (IID). Section 3 of this document analyzed the prefix selection considerations. This section discusses the elements that should be considered when assigning the IID portion of the IPv6 address.
There are various ways to allocate an IPv6 address to a device or interface. The option with the least amount of caveats for the network administrator is that of EUI-64 [RFC2462] (Thomson, S. and T. Narten, “IPv6 Stateless Address Autoconfiguration,” December 1998.) based addresses. For the manual or dynamic options, the overlap with well known IPv6 addresses should be avoided.
When using this method the network administrator has to allocate a valid 64 bit subnet prefix. The EUI-64 [RFC2462] (Thomson, S. and T. Narten, “IPv6 Stateless Address Autoconfiguration,” December 1998.) allocation procedure can from that moment onward assign the remaining 64 IID bits in a stateless manner. All the considerations for selecting a valid IID have been incorporated in the EUI-64 methodology.
The main purpose of IIDs generated based on RFC3041 [RFC3041] (Narten, T. and R. Draves, “Privacy Extensions for Stateless Address Autoconfiguration in IPv6,” January 2001.) is to provide privacy to the entity using this address. While there are no particular constraints in the usage of these addresses as defined in [RFC3041] (Narten, T. and R. Draves, “Privacy Extensions for Stateless Address Autoconfiguration in IPv6,” January 2001.) there are some implications to be aware of when using privacy addresses as documented in section 4 of RFC3041 [RFC3041] (Narten, T. and R. Draves, “Privacy Extensions for Stateless Address Autoconfiguration in IPv6,” January 2001.):
Cryptographically Generated Addresses (CGAs) are based upon RFC3972 [RFC3972] (Aura, T., “Cryptographically Generated Addresses (CGA),” March 2005.) and provide a method for binding a public signature key to an IPv6 address in the Secure Neighbor Discovery (SEND) protocol [RFC3971] (Arkko, J., Kempf, J., Zill, B., and P. Nikander, “SEcure Neighbor Discovery (SEND),” March 2005.).
The basic idea is to generate the interface identifier (i.e. the rightmost 64 bits) of the IPv6 address by computing a cryptographic hash of the public key. The resulting IPv6 address is called a cryptographically generated address (CGA). The corresponding private key can then be used to sign messages sent from that address.
Implications to be aware of when using CGA addresses are found in section 7 of RFC3972 [RFC3972] (Aura, T., “Cryptographically Generated Addresses (CGA),” March 2005.):
Due to the fact that CGA generated addresses are almost indistinguishable from a privacy address and has similar properties for many purposes, the same considerations as with privacy addresses are also valid for CGA generated addresses.
This section discusses those IID allocations that are not implemented through stateless address configuration (Section 4.1). They are applicable regardless of the prefix length used on the link. It is out of scope for this section to discuss the various assignment methods (e.g. manual configuration, DHCPv6, etc).
In this situation the actual allocation is done by human intervention and consideration needs to be given to the complete IPv6 address so that it does not result in overlaps with any of the well known IPv6 addresses:
When using an address assigned by human intervention it is recommended to choose IPv6 addresses which are not obvious to guess and/or avoid any IPv6 addresses that embed IPv4 addresses used in the current infrastructure. Following these two recommendations will make it more difficult for malicious third parties to guess targets for attack, and thus reduce security threats to a certain extent.
In this section we consider a case study of a campus network that is deploying IPv6 in parallel with existing IPv4 protocols in a dual-stack environment. The specific example is the University of Southampton (UK), focusing on a large department within that network. The deployment currently spans around 1,000 hosts and over 1,500 users.
In the case of a campus network, the site will typically take its connectivity from its National Research and Education Network (NREN). Southampton connects to JANET, the UK academic network, via its local regional network LeNSE. JANET currently has a /32 allocation from RIPE of 2001:630::/32. The current recommended practice is for sites to receive a /48 allocation, and on this basis Southampton has received such a prefix for its own use, specifically 2001:630:d0::/48. The regional network also uses its own allocation from the NREN provider.
No ULA addressing is used on site. The campus is not multihomed (JANET is the sole provider), nor does it expect to change service provider, and thus does not plan to use ULAs for the (perceived) benefit of easing network renumbering. Indeed, the campus has renumbered following the aforementioned renumbering procedure [RFC4192] (Baker, F., Lear, E., and R. Droms, “Procedures for Renumbering an IPv6 Network without a Flag Day,” September 2005.) on two occasions, and this has proven adequate (with provisos documented in [THINKABOUT] (Chown, T., Thompson, M., Ford, A., and S. Venaas, “Things to think about when Renumbering an IPv6 network (draft-chown-v6ops-renumber-thinkabout-05.txt),” March 2007.). We also do not see any need to deploy ULAs for in or out of band network management; there are enough IPv6 prefixes available in the site allocation for the infrastructure. In some cases, use of private IP address space in IPv4 creates problems, so we believe that the availability of ample global IPv6 address space for infrastructure may be a benefit for many sites.
No 6bone addressing is used on site any more. We note that since the 6bone phaseout of June 2006 [RFC3701] (Fink, R. and R. Hinden, “6bone (IPv6 Testing Address Allocation) Phaseout,” March 2004.) most transit ISPs have begun filtering attempted use of such prefixes.
Southampton does participate in global and organization scope IPv6 multicast networks. Multicast address allocations are not discussed here as they are not in scope for the document. We note that IPv6 has advantages for multicast group address allocation. In IPv4 a site needs to use techniques like GLOP to pick a globally unique multicast group to use. This is problematic if the site does not use BGP and have an ASN. In IPv6 unicast-prefix-based IPv6 multicast addresses empower a site to pick a globally unique group address based on its unicast own site or link prefix. Embedded RP is also in use, is seen as a potential advantage for IPv6 and multicast, and has been tested successfully across providers between sites (including paths to/from the US and UK).
The campus has a /16 prefix for IPv4 use; in principle 256 subnets of 256 addresses. In reality the subnetting is muddier, because of concerns of IPv4 address conservation; subnets are sized to the hosts within them, e.g. a /26 IPv4 prefix is used if a subnet has 35 hosts in it. While this is efficient, it increases management burden when physical deployments change, and IPv4 subnets require resizing (up or down), even with DHCP in use.
The /48 IPv6 prefix is considerably larger than the IPv4 allocation already in place at the site. It is loosely equivalent to a 'Class A' IPv4 prefix in that it has 2^16 (over 65,000) subnets, but has an effectively unlimited subnet address size (2^64) compared to 256 in the IPv4 equivalent. The increased subnet size means that /64 IPv6 prefixes can be used on all subnets, without any requirement to resize them at a later date. The increased subnet volume allows subnets to be allocated more generously to schools and departments in the campus. While address conservation is still important, it is no longer an impediment on network management. Rather, address (subnet) allocation is more about embracing the available address space and planning for future expansion.
In a dual-stack network, we chose to deploy our IP subnets congruently for IPv4 and IPv6. This is because the systems are still in the same administrative domains and the same geography. We do not expect to have IPv6-only subnets in production use for a while yet, outside our test beds and our early Mobile IPv6 trials. With congruent addressing, our firewall policies are also aligned for IPv4 and IPv6 traffic at our site border.
The subnet allocation plan required a division of the address space per school or department. Here a /56 was allocated to the school level of the university; there are around 30 schools currently. A /56 of IPv6 address space equates to 256 /64 size subnet allocations. Further /56 allocations were made for central IT infrastructure, for the network infrastructure and the server side systems.
The network uses a Demilitarized Zone (DMZ) topology for some level of protection of 'public' systems. Again, this topology is congruent with the IPv4 network.
There are no specific transition methods deployed internally to the campus; everything is using the conventional dual-stack approach. There is no use of ISATAP [RFC4214] (Templin, F., Gleeson, T., Talwar, M., and D. Thaler, “Intra-Site Automatic Tunnel Addressing Protocol (ISATAP),” October 2005.) for example.
For the Mobile IPv6 early trails, we have allocated one prefix for Home Agent (HA) use. We have not yet considered in detail how Mobile IPv6 usage may grow, and whether more or even every subnet will require HA support.
The university operates a tunnel broker [RFC3053] (Durand, A., Fasano, P., Guardini, I., and D. Lento, “IPv6 Tunnel Broker,” January 2001.) service on behalf of UKERNA for JANET sites. This uses separate address space from JANET, not our university site allocation.
We currently use stateless autoconfiguration on most subnets for IPv6 hosts. There is no DHCPv6 service deployed yet, beyond tests of early code releases. We plan to deploy DHCPv6 for address assignment when robust client and server code is available (at the time of writing the potential for this looks good, e.g. via the ISC implementation). We also are seeking a common integrated DHCP/DNS management platform, even if the servers themselves are not co-located, including integrated DHCPv4 and DHCPv6 server configuration, as discussed in [RFC4477] (Chown, T., Venaas, S., and C. Strauf, “Dynamic Host Configuration Protocol (DHCP): IPv4 and IPv6 Dual-Stack Issues,” May 2006.). Currently we add client statelessly autoconfigured addresses to the DNS manually, though dynamic DNS is an option. Our administrators would prefer the use of DHCP because they believe it gives them more management control.
Regarding the implications of the larger IPv6 subnet address space on scanning attacks [reference1] (Chown, T., “IPv6 Implications for TCP/UDP Port Scanning (draft-ietf-v6ops-scanning-implications-00.txt),” June 2006.), we note that all our hosts are dual-stack, and thus are potentially exposed over both protocols anyway. We publish all addresses in DNS, and do not operate a two faced DNS.
We have internal usage of RFC3041 privacy addresses [RFC3041] (Narten, T. and R. Draves, “Privacy Extensions for Stateless Address Autoconfiguration in IPv6,” January 2001.) currently (certain platforms currently ship with it on by default), but may wish to administratively disable this (perhaps via DHCP) to ease management complexity. However, we need to determine the feasibility of this on all systems, e.g. for guests on wireless LAN or other user-maintained systems. Network management and monitoring should be simpler without RFC3041 in operation, in terms of identifying which physical hosts are using which addresses. We note that RFC3041 is only an issue for outbound connections, and that there is potential to assign privacy addresses via DHCPv6.
We manually configure server addresses to avoid address changes on a change of network adaptor. With IPv6 you can choose to pick ::53 for a DNS server, or can pick 'random' addresses for obfuscation, though that's not an issue for publicly advertised addresses (dns, mx, web, etc).
In this section an IPv6 addressing schema is sketched that could serve as an example for an Internet Service Provider.
Sub-section 5.2.1 starts with some thoughts regarding objective requirements of such an addressing schema and deriving a few general thumb rules that have to be kept in mind when designing an ISP IPv6 addressing plan.
Sub-section 5.2.2 illustrates these findings of 5.2.1 with an exemplary IPv6 addressing schema for an MPLS-based ISP offering Internet Services as well as Network Access services to millions of customers.
The first step of the IPv6 addressing plan design for a Service provider should identify all technical, operational, political and business requirements that have to be satisfied by the services supported by this addressing schema.
According to the different technical constraints and business models as well as the different weights of these requirements (from the point of view of the corresponding Service Provider) it is very likely that different addressing schemas will be developed and deployed by different ISPs. Nevertheless the addressing schema of sub-section 5.2.2 is one possible example.
For this document it is assumed that our exemplary ISP has to fulfil several roles for its customers as there are:
In their role as LIR the Service Providers have to care about the policy constraints of the RIRs and the standards of the IETF regarding IPv6 addressing. In this context, the following basic requirements and recommendations have to be taken into account and should be satisfied by the IPv6 address allocation plan of a Service Provider:
From ISP perspective the following basic requirements could be identified:
As already done for the LIR and the ISP roles of the SP it is also necessary to identify requirements that come from its Network Access Provider role. Some of the basic requirements are:
These few requirements are only part of all the requirements a Service Provider has to investigate and keep in mind during the definition phase of its addressing architecture. Each SP will most likely add more constraints to this list.
As outcome of the above investigation of requirements regarding an ISP IPv6 addressing plane the following design "thumb rules" should be derived:
In this example, the Service Provider is assumed to operate an MPLS based backbone and implements 6PE to provide IPv6 backbone transport between the different locations (POPs) of a fully dual-stacked network access and aggregation area.
Besides that it is assumed that the Service Provider:
This addressing schema should illustrate how the /20 IPv6 prefix of the SP can be used to address the SP-own infrastructure and to delegate IPv6 prefixes to its customers following the above mentioned requirements and thumb rules as far as possible.
The below figure summarizes the device types in an SP network and the typical network design. The network hierarchy of the SP has to be taken into account for the design of an IPv6 addressing schema and defines its basic shape and the levels of aggregation.
+------------------------------------------------------------------+ | LSRs of the MPLS Backbone of the SP | +------------------------------------------------------------------+ | | | | | | | | | | +-----+ +-----+ +--------+ +--------+ +--------+ | LER | | LER | | LER-BB | | LER-BB | | LER-BB | +-----+ +-----+ +--------+ +--------+ +--------+ | | | | | | / | | | | | | | | | / | | | | | | | +------+ +------+ +------+ | | | | | | |BB-RAR| |BB-RAR| | AG | | | | | | | +------+ +------+ +------+ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | +-----+ +-----+ +-----+ +-----+ | | | | | | | | | RAR | | RAR | | RAR | | RAR | | | | | | | | | +-----+ +-----+ +-----+ +-----+ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | +-------------------------------------------------------------------+ | Customer networks | +-------------------------------------------------------------------+ Figure: Exemplary Service Provider Network LSR ... Label Switch Router LER ... Label Edge Router LER-BB ... Broadband Label Edge Router RAR ... Remote Access Router BB-RAR ... Broadband Remote Access Router AG ... Aggregation Router
Basic design decisions for the exemplary Service Provider IPv6 address plan regarding customer prefixes take into consideration:
SP’s "big" customers receive their prefix from the /24 IPv6 address aggregate that has been reserved for their "big" customers. A customer is considered as "big" customer if it has a very complex network infrastructure and/or huge IPv6 address needs (e.g. because of very large customer numbers) and/or several uplinks to different POPs of the SP network.
The assigned IPv6 address prefixes can have a prefix length in the range 32-48 and for each assignment a 300% future growing zone is marked as "reserved" for this customer. This means that for instance with a delegation of a /34 to a customer the /32 that contains this /34 is reserved for the customer for future usage.
The prefixes for the "big" customers can be chosen from the corresponding "big customer" pool by either using an equidistant algorithm or using mechanisms similar to the Sparse Allocation Algorithm (SAA) [reference2] (APNIC, ARIN, RIPE NCC, “IPv6 Address Allocation and Assignment Policy (www.ripe.net/ripe/docs/ipv6policy.html),” January 2003.).
All customers that are not "big" customers are considered as "common" customers. They represent the majority of customers hence they receive a /48 out of the IPv6 customer address pool of the LER where they are directly connected or aggregated.
Again a 300% future growing IPv6 address range is reserved for each customer, so that a "common" customer receives a /48 allocation but has a /46 reserved.
In the network access scenarios where the customer is directly connected to the LER the customer prefix is directly taken out of the customer IPv6 address aggregate (e.g. /38) of the corresponding LER.
In all other cases (e.g. the customer is attached to a RAR that is themselves aggregated to an AG or to a LER) at least 2 different approaches are possible.
1) Mapping of Aggregation Network Hierarchy into Customer IPv6 Addressing Schema. The aggregation network hierarchy could be mapped into the design of the customer prefix pools of each network level in order to achieve a maximal aggregation at the LER level as well as at the intermediate levels. (Example: Customer - /48, RAR - /38, AG - /32, LER-BB - /30). At each network level an adequate growing zone should be reserved. (Note: This approach requires of course some "fine tuning" of the addressing schema based on a very good knowledge of the Service Provider network topology including actual growing ranges and rates.)
When the IPv6 customer address pool of a LER (or another device of the aggregation network - AG or RAR) is exhausted, the related LER (or AG or RAR) prefix is shortened by 1 or 2 bits (e.g. from /38 to /37 or /36) so that the originally reserved growing zone can be used for further IPv6 address allocations to customers. In the case where the growing zone is exhausted as well a new prefix range from the corresponding pool of the next higher hierarchy level can be requested.
2) "Flat" Customer IPv6 Addressing Schema. The other option is to allocate all the customer prefixes directly out of the customer IPv6 address pool of the LER where the customers are attached and aggregated and ignore the intermediate aggregation network infrastructure. This approach leads of course to a higher amount of customer routes at LER and aggregation network level but takes a great amount of complexity out of the addressing schema. Nevertheless the aggregation of the customer prefixes to one prefix at LER level is realized as required above.
If the actual observed growing rates show that the reserved growing zones are not needed than these growing areas can be freed and used for assignments for prefix pools to other devices at the same level of the network hierarchy.
For the IPv6 addressing of SPs own network infrastructure a /32 (or /40) from the "big" customers address pool can be chosen.
This SP infrastructure prefix is used to code the network infrastructure of the SP by assigning a /48 to every POP/location and using for instance a /56 for coding the corresponding router within this POP. Each SP internal link behind a router interface could be coded using a /64 prefix. (Note: While it is suggested to chose a /48 for addressing the POP/location of the SP network it is left to each SP to decide what prefix length to assign to the routers and links within this POP.)
The IIDs of the router interfaces may be generated by using EUI-64 or through plain manual configuration e.g. for coding additional network or operational information into the IID.
It is assumed that a 300% growing zones for each level of network hierarchy and additional prefixes may be assigned to POPs and/or routers if needed.
Loopback interfaces of routers may be chosen from the first /64 of the /56 router prefix (in the example above).
(Note: The /32 prefix that has been chosen for addressing SPs own IPv6 network infrastructure gives enough place to code additional functionalities like security levels or private and test infrastructure although such approaches haven't been considered in more detail for the above described SP until now.)
Point-to-point links to customers (e.g. PPP links, dedicated line etc.) may be addressed using /126 prefixes out of the first /64 of the access routers that could be reserved for this reason.
From the actual view point of SP there is no compelling reason why ULAs should be used from a SP. Look at section 2.2.
ULAs could be used inside the SP network in order to have an additional "site-local scoped" IPv6 address for SPs own infrastructure for instance for network management reasons and maybe also in order to have an addressing schema that couldn't be reached from outside the SP network.
In the case when ULAs are used it is possible to map the proposed internal IPv6 addressing of SPs own network infrastructure as described in 188.8.131.52 above directly to the ULA addressing schema by substituting the /48 POP prefix with a /48 ULA site prefix.
IPv6 Multicast-related addressing issues are out of the scope of this document.
POP (or better LER) Multi-homing of customers with the same SP can be realized within the proposed IPv6 addressing schema of the SP by assigning multiple LER-dependent prefixes to this customer (i.e. considering each customer location as a single-standing customer) or by choosing a customer prefix out of the pool of "big" customers. The second solution has the disadvantage that in every LER where the customer is attached this prefix will appear inside the IGP routing table requiring an explicit MPLS label.
An equal effect happens when a customer changes its point of attachment to another POP/LER since in this case the customer prefix could not be aggregated into the LER prefix and needs to be advertised more specific in the IGP.
(Note: The described negative POP/LER Multi-homing effects to the addressing architecture in the SP access network are not tackled by implementing the Shim6 Site Multi-homing approach since this approach targets only on a mechanism for dealing with multiple prefixes in end systems — the SP will nevertheless have unaggregated customer prefixes in its internal routing tables.)
The proposed IPv6 addressing schema for a SP needs some slight enhancements / modifications for the later phases of IPv6 integration, for instance in the case when the whole MPLS backbone infrastructure (LDP, IGP etc.) is realized over IPv6 transport an addressing of the LSRs is needed. Other changes may be necessary as well but should not be explained at this point.
There are no extra IANA consideration for this document.
This IPv6 addressing document does not have any direct impact on Internet infrastructure security.
Constructive feedback and contributions have been received from Stig Venaas, Pekka Savola, John Spence, Patrick Grossetete, Carlos Garcia Braschi, Brain Carpenter and Mark Smith.
|[RFC1918]||Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot, G., and E. Lear, “Address Allocation for Private Internets,” BCP 5, RFC 1918, February 1996 (TXT).|
|[RFC2462]||Thomson, S. and T. Narten, “IPv6 Stateless Address Autoconfiguration,” RFC 2462, December 1998 (TXT, HTML, XML).|
|[RFC2471]||Hinden, R., Fink, R., and J. Postel, “IPv6 Testing Address Allocation,” RFC 2471, December 1998 (TXT, HTML, XML).|
|[RFC2526]||Johnson, D. and S. Deering, “Reserved IPv6 Subnet Anycast Addresses,” RFC 2526, March 1999 (TXT).|
|[RFC3021]||Retana, A., White, R., Fuller, V., and D. McPherson, “Using 31-Bit Prefixes on IPv4 Point-to-Point Links,” RFC 3021, December 2000 (TXT).|
|[RFC3041]||Narten, T. and R. Draves, “Privacy Extensions for Stateless Address Autoconfiguration in IPv6,” RFC 3041, January 2001 (TXT).|
|[RFC3053]||Durand, A., Fasano, P., Guardini, I., and D. Lento, “IPv6 Tunnel Broker,” RFC 3053, January 2001 (TXT).|
|[RFC3177]||IAB and IESG, “IAB/IESG Recommendations on IPv6 Address Allocations to Sites,” RFC 3177, September 2001 (TXT).|
|[RFC3194]||Durand, A. and C. Huitema, “The H-Density Ratio for Address Assignment Efficiency An Update on the H ratio,” RFC 3194, November 2001 (TXT).|
|[RFC3315]||Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C., and M. Carney, “Dynamic Host Configuration Protocol for IPv6 (DHCPv6),” RFC 3315, July 2003 (TXT).|
|[RFC3484]||Draves, R., “Default Address Selection for Internet Protocol version 6 (IPv6),” RFC 3484, February 2003 (TXT).|
|[RFC3531]||Blanchet, M., “A Flexible Method for Managing the Assignment of Bits of an IPv6 Address Block,” RFC 3531, April 2003 (TXT).|
|[RFC3587]||Hinden, R., Deering, S., and E. Nordmark, “IPv6 Global Unicast Address Format,” RFC 3587, August 2003 (TXT).|
|[RFC3627]||Savola, P., “Use of /127 Prefix Length Between Routers Considered Harmful,” RFC 3627, September 2003 (TXT).|
|[RFC3633]||Troan, O. and R. Droms, “IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6,” RFC 3633, December 2003 (TXT).|
|[RFC3701]||Fink, R. and R. Hinden, “6bone (IPv6 Testing Address Allocation) Phaseout,” RFC 3701, March 2004 (TXT).|
|[RFC3736]||Droms, R., “Stateless Dynamic Host Configuration Protocol (DHCP) Service for IPv6,” RFC 3736, April 2004 (TXT).|
|[RFC3879]||Huitema, C. and B. Carpenter, “Deprecating Site Local Addresses,” RFC 3879, September 2004 (TXT).|
|[RFC3956]||Savola, P. and B. Haberman, “Embedding the Rendezvous Point (RP) Address in an IPv6 Multicast Address,” RFC 3956, November 2004 (TXT).|
|[RFC3971]||Arkko, J., Kempf, J., Zill, B., and P. Nikander, “SEcure Neighbor Discovery (SEND),” RFC 3971, March 2005 (TXT).|
|[RFC3972]||Aura, T., “Cryptographically Generated Addresses (CGA),” RFC 3972, March 2005 (TXT).|
|[RFC4192]||Baker, F., Lear, E., and R. Droms, “Procedures for Renumbering an IPv6 Network without a Flag Day,” RFC 4192, September 2005 (TXT).|
|[RFC4193]||Hinden, R. and B. Haberman, “Unique Local IPv6 Unicast Addresses,” RFC 4193, October 2005 (TXT).|
|[RFC4214]||Templin, F., Gleeson, T., Talwar, M., and D. Thaler, “Intra-Site Automatic Tunnel Addressing Protocol (ISATAP),” RFC 4214, October 2005 (TXT).|
|[RFC4291]||Hinden, R. and S. Deering, “IP Version 6 Addressing Architecture,” RFC 4291, February 2006 (TXT).|
|[RFC4477]||Chown, T., Venaas, S., and C. Strauf, “Dynamic Host Configuration Protocol (DHCP): IPv4 and IPv6 Dual-Stack Issues,” RFC 4477, May 2006 (TXT).|
|[reference1]||Chown, T., “IPv6 Implications for TCP/UDP Port Scanning (draft-ietf-v6ops-scanning-implications-00.txt),” June 2006.|
|[reference2]||APNIC, ARIN, RIPE NCC, “IPv6 Address Allocation and Assignment Policy (www.ripe.net/ripe/docs/ipv6policy.html),” January 2003.|
|[THINKABOUT]||Chown, T., Thompson, M., Ford, A., and S. Venaas, “Things to think about when Renumbering an IPv6 network (draft-chown-v6ops-renumber-thinkabout-05.txt),” March 2007.|
|Gunter Van de Velde|
|De Kleetlaan 6a|
|Phone:||+32 2704 5473|
|7025-6 Kit Creek Road|
|Research Triangle Park, North Carolina PO Box 14987|
|Phone:||+1 919 392-3723|
|University of Southampton|
|Southampton, SO17 1BJ|
|Phone:||+44 23 8059 3257|
|T-Systems Enterprise Services GmbH|
|Goslarer Ufer 35|
|Phone:||+49 30 3497 3124|
|T-Systems Enterprise Services GmbH|
|Goslarer Ufer 35|
|Phone:||+49 30 3497 3164|
Copyright © The IETF Trust (2006).
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an “AS IS” basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at firstname.lastname@example.org.