Re: Residential subscribers: numbered or unnumbered?
Many thanks to everyone who replied, even though most people were telling me about PPPoE rather than IPoE. I am not all that familiar with PPPoE (need to educate myself!!), but I can see how many of the issues I mentioned go away with it. - Philip On 2014-03-25, at 13:29 , Philip Matthews wrote: > Folks: > > Until recently, I was under the impression that most people were using > numbered v6 links to residential subscribers, allocating the WAN address > using DHCPv6. However, recently two people have told me about a number of > providers that are doing unnumbered instead. > > So for anyone who has deployed or is planning to deploy residential IPv6, I > am curious to know which way you are going, and more importantly why you > selected that approach? My interest is primarily in IPoE, but I don't mind > hearing about PPPoE as well. > > The arguments I know or have heard for going numbered are: > * Have a WAN address that one can ping remotely to verify connectivity (here > I am assuming using DHCPv6 to assign a specific IID like ::1) > * Want to use TR-069 > > The arguments I can think of for going unnumbered are: > * Greater security > * Plan to ping the loopback address on the CPE > > > Additional questions for those who have chosen the unnumbered approach or are > using SLAAC to number the WAN address. > * What are you doing wrt having an address to ping to confirm the CPE is > reachable? > * For those doing unnumbered, do all CPEs implement the same algorithm for > selecting the loopback address according to WAA-7 in RFC 7084? If not, how do > you handle this? For example, do you only select CPEs that implement the same > algorithm? Do you just try the likely candidates until one works? Or > something else? > > > - Philip
Windows 7 Prefix Policy Quirks
Hello, I'm trying to implement consistent client prefix policies and also adhere to RFC 6724. Windows 8/8.1 come this way by default. However, Windows Vista/7 follow the older RFC 3484 rules. To update Windows Vista/7 I came up with a simple script. The issue is, I can't get Windows 7 to take the policy for the deprecated site-local prefix (fec0::/10): netsh int ipv6 add prefixpolicy fec0::/10 1 11 netsh int ipv6 show pre (.) 1 11 fe00::/10 >From experimentation, it seems to ignore anything after the first 8 bits. The only way I can get it to accept fec0 is if I enter "fec0::/16" which obviously isn't what I want. It's almost like the prefix policies have to be a multiple of 8 bits. I could have sworn this worked before but for the life of me I can't get it to work now. I had a few other people try it to see if I'm doing something silly but same results. Has anyone else run into this? Any suggestions? Thanks, --Jim
Re: Residential subscribers: numbered or unnumbered?
hey, What were your reasons for selecting this option? - one prefix per customer, don't need to track separate wan and PD prefixes - hope that we can advertise default-route (pointing to virtual link-local address) with dhcpv6 in the future and can get rid of RA on the wan - certain scaling aspects on the susbcriber management platforms we are using -- tarko
Re: Residential subscribers: numbered or unnumbered?
On Tue, 25 Mar 2014, Philip Matthews wrote: What were your reasons for selecting this option? I see a few up-sides. You get clean /56 handoff to customer, and you don't need to have any of the customer GUA addresses on the ISP router, meaning control plane protection is easier. You also lessen amount of table entries you need for uRPF. Downside: People actually need CPE, they can't connect a computer directly (at least not without turning on Internet Connection Sharing or alike). -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: Residential subscribers: numbered or unnumbered?
Hi, On Tue, Mar 25, 2014 at 10:28:06PM -0400, Philip Matthews wrote: > Are these PPPoE or IPoE deployments? PPPoE for the large-scale DSL deployments in DE. "Cable" for the large-scale cable deployments :-) (As far as I know, cable has a shared /64 on the WAN side). > And more importantly, any insights as to WHY they went this route? Were the > other options considered? No idea about the reasoning behind. *Our* small-scale deployment truly doesn't count, as everything is fully managed and fixed-config on the CPE (so neither SLAAC nor DHCPv6 involved), mostly due to "when we set this up, DHCPv6 didn't exist in IOS" and we never came around to rebuilding the plattform... > For IPoE with RA/SLAAC, I am curious to know how the provider learns of an > address on the CPE for pings or whatever? Or do they just not care? I have no idea how TR69 management works (will the CPE just call in?), but besides that, in those large-scale deployments I know about, the ISP couldn't care less - most CPEs are unmanaged. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AGVorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 pgpWqtbItmpkp.pgp Description: PGP signature
