[AusNOG] IPv4 - Free /48 from APNIC
Mark Andrews
marka at isc.org
Tue Mar 5 10:02:53 EST 2013
In message <51352275.9040604 at bowenvale.co.nz>, Don Gould writes:
> On 5/03/2013 12:14 a.m., Paul Brooks wrote:
> > Why is it any different from IPv4? If you are multi-homed like that, then y
> ou would
> > most likely get your own IPv6 net prefix from APNIC. You ask both (all) pro
> viders to
> > advertise your prefix in their routing tables, either statically or by exch
> anging a
> > routing protocol - BGPv6 mot likely.
> > or have I missed something?
> >
> > P.
> >
> Paul the difference between IPv4 and IPv6, in this issue is NAT.
>
> Fail over with v4 is done by simply changing the gateway for the NAT,
> which is a simple rule change.
>
> With v6 we don't have nat, so you have to either have BGP and announce
> your range to your providers or you have to renumber your network if a
> provider fails.
>
> I don't now anything about BGP, so I don't know how to set it up, so
> before I can move forward I need to understand this stuff.
>
> People here have said that enterprise is dragging their feet. Yes we
> are. We just don't know how to do this stuff and we can't set it up
> even if we did.
>
> I've been trying to figure out how to best address this stuff and
> realised that I've got lots of learning to go, and I suspect that there
> are dozens and dozens of others who are in the same boat.
>
> I've also realised that in the enterprise space I have to now be
> thinking in terms of redundancy right to the edge for my little
> customers (1 to 5 computers in the office).
>
> With v4 this is really really simple. Just put in a Mikrotik router
> with a USB port and I can have fail over to 3G data to keep the phones,
> email and light web browsing alive until I can sort out what ever has
> caused the main data service to fail.
>
> I can set up VPN links for services like phones and mail collection that
> will just reconnect automatically when a link fails.
>
> I have no idea how to even design this stuff in a v6 world for a customer.
>
> A year ago I approached both the local TAFE and University to find out
> about networking courses. Great expense and many many many hours to do
> stuff that I know backwards, while v6 is a token gesture (as someone
> else already mentioned).
>
> I guess my point here is that the resources are not actually easy to
> get, we don't quite seem to know what we actually need, the 'schools'
> aren't actually gearing up or geared up to address the education that
> industry like myself (and I know I'm just one small fish of many
> thousands and thousands) actually needs.
>
> D
The single router solution for IPv6 works today. You connect to
two ISPs. You send RA's for both prefixes. If one upstream goes
down you deprecate those prefixes. When the link is restored you
stop deprecating those prefixes. The hosts pick the source address
of the active prefix for new outgoing connections. In terms of
availability this is no different than using NAT with IPv4.
Alternatively you can have one prefix and establish the VPN link
exactly like you did with IPv4 to re-establish connectivity.
The IETF is looking at making the top solution work with multiple
routers. Yes, source + destination based routing is coming to a
net near you.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the AusNOG
mailing list