Hello, The common recommendations for IPv6 point to point interface numbering are:
/64 /124 /126 /127 /64: Advantages: conforms to IPv6 standard for a LAN link Disadvantages: DOS threats against this design. Looping on a true ptp circuit. Neighbor discovery issues. /124: Advantages: supports multiple routers on each end of the circuit. Conforms to nibble assignment boundary that helps keep address assignments clean and comprehensible. Disadvantages: ancient hardware that barely supports IPv6 may have trouble efficiently handling routes longer than /64. /126: Advantages: equivalent to an IPv4 /30 with exactly the same functionality. Disadvantages: equivalent to an IPv4 /30 with exactly the same functionality. /127: Advantages: saves that extra pair of IP addresses. Disadvantages: complicates configuration just to save two IPv6 addresses. Enhancements: For /124, /126 and /127: allocate all of your addresses for every router in the system from the same /64. Use router ACLs to control entry of packets directed to that /64. Nice clean way to stop hackers from poking at your routers. Regards, Bill Herrin On Tue, Jun 27, 2017 at 4:28 PM, Krunal Shah <[email protected]> wrote: > Hello, > > What subnet mask you are people using for point to point IPs between two > ASes? Specially with IPv6, We have a transit provider who wants us to use > /64 which does not make sense for this purpose. isn’t it recommended to use > /127 as per RFC 6164 like /30 and /31 are common for IPv4. > > I was thinking, if someone is using RFC7404 for point to point IP between > two ASes and establish BGP over link local addresses. This way you have > your own IP space on your router and transit provider does not have to > allocate IP space for point to point interface between two ASes. In > traceroutes you would see only loopback IP address with GUA assigned from > your allocated routable address space. Remotely DDoS to this link isn’t > possible this way. Thoughts? > > > > [Description: cid:[email protected]]<https://primus.ca/> > > > > > > Krunal Shah > Network Analyst, IP & Transport Network Engineering > O: 416-855-1805 > [email protected] > > > > > > [Description: cid:[email protected]]<https://primus.ca/> > [Description: cid:[email protected]] <https://twitter.com/ > Primus4Business> [Description: cid:[email protected]] < > https://www.facebook.com/primusforbusiness> [Description: > cid:[email protected]] <https://www.linkedin.com/ > company/primus-telecommunications-canada-inc-> > > > > ________________________________ > > This electronic message contains information from Primus Management ULC > ("PRIMUS") , which may be legally privileged and confidential. The > information is intended to be for the use of the individual(s) or entity > named above. If you are not the intended recipient, be aware that any > disclosure, copying, distribution or use of the contents of this > information is prohibited. If you have received this electronic message in > error, please notify us by telephone or e-mail (to the number or address > above) immediately. Any views, opinions or advice expressed in this > electronic message are not necessarily the views, opinions or advice of > PRIMUS. It is the responsibility of the recipient to ensure that any > attachments are virus free and PRIMUS bears no responsibility for any loss > or damage arising in any way from the use thereof.The term "PRIMUS" > includes its affiliates. > > ________________________________ > Pour la version en français de ce message, veuillez voir > http://www.primustel.ca/fr/legal/cs.htm > -- William Herrin ................ [email protected] [email protected] Dirtside Systems ......... Web: <http://www.dirtside.com/>
