Re: Realistic number of hosts for a /64 subnet?
Gert Doering wrote on 10/05/2019 22:16: Just make sure their phones are in the same network segment. No shouting. Then they'll all start complaining on WhatsApp over the wifi network ... waait - I see what you're suggesting here. Brilliantly evil. Nick
Re: Realistic number of hosts for a /64 subnet?
On Fri, May 10, 2019 at 10:29:44AM -0700, Joe Hamelin wrote: > Mark Tinka mentioned: > >Whether a single LAN can scale to the number of devices a /64 can > >maximally support... I don't think so, but I also don't know of anyone > >who has tried. > > Since the MAC address space is 48 bits I would thing that would be the max. 47 bits, as one is reseverved for multiple receivers (broadcast, multicast). Devices with that bit set in their MAC are calling for troubles. But only true for ethernet. IEEE802.15.4 has 64 bit MAC and is used in 6LoWPAN. -- B.Walter http://www.bwct.de Modbus/TCP Ethernet I/O Baugruppen, ARM basierte FreeBSD Rechner uvm.
Re: Realistic number of hosts for a /64 subnet?
Hi, On Fri, May 10, 2019 at 10:14:36PM +0100, Nick Hilliard wrote: > I'm sure 1000 hosts on a network will usually work fine, until someone > does something dumb and takes down the entire segment, at which point > you'll have 1000 people shouting at you. Just make sure their phones are in the same network segment. No shouting. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Re: Realistic number of hosts for a /64 subnet?
Doug Barton wrote on 10/05/2019 05:27: It's been a while since I was configuring subnets, and last time I did the guidance was always no more than 1,000 hosts per subnet/vlan. A lot of that was IPv4 thinking regarding broadcast domains, but generally speaking we kept to it for dual stacked networks, equating an IPv4 /22 with an IPv6 /64. (This was commonly in office environments where we used a subnet per floor to accommodate all of the desktops, printers, phones, tablets, etc.) Is this still how people roll nowadays? Have switches and/or other network gear advanced to the point where subnets larger than 1k hosts are workable? In IPv4 or IPv6? I've done quite a bit of web searching, and can't find anything newer than 2014 that has any kind of intelligent discussion of this topic. the question is less "how many can you fit?", but "how few can you get away with?" and "when things go wrong, how large can you afford your blast radius to be?" If your goal is to connect lots of access devices on an enterprise network, then keep to the physical topology as much as you can, and segment at layer 3 where it is practical to do so. As the NotPetya victim organisations found out, it's a good idea to restrict access between segments to the greatest extent possible (while still maintaining functionality). RFC8273 has some really great ideas, but there's a good deal of overhead associated with configuring it, and I suspect that the loss of functionality (host neighbor discovery, etc) would made it unattractive to most corporate networks. I'm sure 1000 hosts on a network will usually work fine, until someone does something dumb and takes down the entire segment, at which point you'll have 1000 people shouting at you. Nick
Re: Realistic number of hosts for a /64 subnet?
Mark Tinka mentioned: >Whether a single LAN can scale to the number of devices a /64 can >maximally support... I don't think so, but I also don't know of anyone >who has tried. Since the MAC address space is 48 bits I would thing that would be the max. -Joe -- Joe Hamelin, W7COM, Tulalip, WA, +1 (360) 474-7474
Re: Realistic number of hosts for a /64 subnet?
> (The whole reason why /64 semeed a good idea back then was CGA and > "we can make it work with EUI-64 on IEEE-1394 devices!", of which CGA > never truly happened, EUI-64 based on MAC addresses is dying off, and > IEEE-1394 is long gone... I always thought that /64 was a bit silly) Maybe, but this large address space, give you the room for all these ideas (and a lot more like 8+8 etc.). I think the great benefit and the main driver was (and is) the full automated address configuration. Holger
Re: Realistic number of hosts for a /64 subnet?
Hi, On Fri, May 10, 2019 at 01:07:44PM +0200, H.Zuleger wrote: > > (The whole reason why /64 semeed a good idea back then was CGA and > > "we can make it work with EUI-64 on IEEE-1394 devices!", of which CGA > > never truly happened, EUI-64 based on MAC addresses is dying off, and > > IEEE-1394 is long gone... I always thought that /64 was a bit silly) > Maybe, but this large address space, give you the room for all these ideas > (and a lot more like 8+8 etc.). > I think the great benefit and the main driver was (and is) the full automated > address configuration. I've heard lots of "great ideas" in the last 20 years... What is left: - large networks are hard - can we please do p2p instead, routed, wherever possible - autoconfig based on hardware identifiers sucks, can we please do something hash-based (= autoconf in a /96 would quite likely work perfectly fine) - we do not have enough bits *in front* of the /64 mark to do nice things Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279 signature.asc Description: PGP signature
Re: Realistic number of hosts for a /64 subnet?
Hi, On Fri, May 10, 2019 at 08:26:46AM +0200, Mark Tinka wrote: > Whether a single LAN can scale to the number of devices a /64 can > maximally support... I don't think so, but I also don't know of anyone > who has tried. Math says there is no way to do that. Like, store 2^63 ND entries in finite memory... (The whole reason why /64 semeed a good idea back then was CGA and "we can make it work with EUI-64 on IEEE-1394 devices!", of which CGA never truly happened, EUI-64 based on MAC addresses is dying off, and IEEE-1394 is long gone... I always thought that /64 was a bit silly) Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard, Michael Emmer Joseph-Dollinger-Bogen 14Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Re: Realistic number of hosts for a /64 subnet?
> On 10 May 2019, at 06:27, Doug Barton wrote: > > It's been a while since I was configuring subnets, and last time I did the > guidance was always no more than 1,000 hosts per subnet/vlan. A lot of that > was IPv4 thinking regarding broadcast domains, but generally speaking we kept > to it for dual stacked networks, equating an IPv4 /22 with an IPv6 /64. (This > was commonly in office environments where we used a subnet per floor to > accommodate all of the desktops, printers, phones, tablets, etc.) > > Is this still how people roll nowadays? Have switches and/or other network > gear advanced to the point where subnets larger than 1k hosts are workable? > In IPv4 or IPv6? I've done quite a bit of web searching, and can't find > anything newer than 2014 that has any kind of intelligent discussion of this > topic. In the department of "this is how we should have done it". I would make the subnets match the physical topology. That is a set of (virtual) point to point links. That gives one host and one router per link. Which results in a broadcast domain of 2. I wouldn't bother with a shared on-link prefix on the link. Just give the host a set of single addresses. Then you don't have to deal with any of the pesky ND issues, DAD, address resolution and so on. Best regards, Ole
Re: Realistic number of hosts for a /64 subnet?
> On 10 May 2019, at 07:43, Mikael Abrahamsson wrote: > > On Thu, 9 May 2019, Doug Barton wrote: > >> It's been a while since I was configuring subnets, and last time I did the >> guidance was always no more than 1,000 hosts per subnet/vlan. A lot of that >> was IPv4 thinking regarding broadcast domains, but generally speaking we >> kept to it for dual stacked networks, equating an IPv4 /22 with an IPv6 /64. >> (This was commonly in office environments where we used a subnet per floor >> to accommodate all of the desktops, printers, phones, tablets, etc.) >> >> Is this still how people roll nowadays? Have switches and/or other network >> gear advanced to the point where subnets larger than 1k hosts are workable? >> In IPv4 or IPv6? I've done quite a bit of web searching, and can't find >> anything newer than 2014 that has any kind of intelligent discussion of this >> topic. > > It's a good topic to bring up. There has been some work on this in the IETF, > for instance https://tools.ietf.org/html/rfc8273 > > This means there is single broadcast domain and single /64 per customer, > which if properly implemented helps with a lot of the problem space people > like to solve in this area. It however includes moving away from quite a lot > of what you call "IPv4 thinking". > > I however do not operate wifi networks so I have no idea how widely this is > implemented in gear available today. If someone else knows, I would > appreciate if they would share. My former campus WiFi network used VLAN pooling, so where we had many thousands of devices on the same SSID (eduroam) they were put into one of a set of several dual-stack VLANs on associating, and potentially while moving around campus. This reduced potential broadcast/multicast issues, but then meant (for example) that devices physically next to each other were often not in the same VLAN and thus by default not able to discover services each other were running. That was part of my interest in the dnssd work. Tim
