Why is the /64 prefix limited to /127 ?
Shadow Hawkins on Friday, 23 July 2004 19:42:29
How come it that Sixxs is limiting the /64 prefix to a /127? It is a huge waste of IP addresses. a /64 would be more than enough for most uses, but as it is now we are forces to request a /48 subnet if we want anything more than just one machine connected?
Why is the /64 prefix limited to /127 ?
Jeroen Massar on Monday, 26 July 2004 13:36:49 How come it that Sixxs is limiting the /64 prefix to a /127? It is a huge waste of IP addresses.
A tunnel is a link, thus it gets a /64 as per IETF recommendation and also it might be that the prefix becomes a native link or gets multiple devices attached.
We are only routing one /128 from the /64 to the tunnel endpoint (your side) as you only have one device there anyway, the ::2 which is the endpoint.
As a tunnel can't have more than two endpoints, what is the problem?
Also this is really not a waste of IP addresses, this is policy and when this policy fails, which it might, you never know, then there are 7 other tries to do it correctly.
a /64 would be more than enough for most uses, but as it is now we are forces to request a /48 subnet if we want anything more than just one machine connected?
Each link gets a /64, thus you have a tunnel and then when you have your own network, which you route yourself behind that tunnel you need probably one or more /64's, thus as per recommendations from amongst others IETF, RIPE etc we thus route a /48 to the tunnel endpoint.
This also allows you, when you change your ISP to just renumber the first 48 bits and you are done as every ISP should give /48 subnets.
Welcome to the wonderful world of IPv6 ;)
Why is the /64 prefix limited to /127 ?
Shadow Hawkins on Monday, 26 July 2004 23:50:37
Yes I realise the that the tunnel link is given a /64 prefix. My question was rather of the nature why the endpoint would not be able to use the other addresses in that prefix but the ::1 and ::2? I tried to do a traceroute from another host to ::3 and it seemed as the Sixxs endpoint did not know where to route it. Shouldn't that traffic have gone to the tunnel endpoint, or only to your side of it?
If you are using them for other tunnels then that is fine and ok, otherwise it would be a shame to loose those addresses in that /64 prefix.
Do not take me wrong. I am NOT complaining about the service from Sixxs, but mearly giving a suggestion. :)
Thank you for your response.
Why is the /64 prefix limited to /127 ?
Jeroen Massar on Wednesday, 28 July 2004 09:05:37
The POP routes everything that does not exist in the prefixes delegated to them to their loopback, thus traceroutes should end there, or how you mean it, stay at the side of the POP, otherwise mail info@sixxs.net and pass them there so we can look into it.
They are not used for other tunnels, every tunnel gets a seperate /64.
You don't "loose" addresses because you can use only ::1 (the POP) and ::2 (the endpoint). You do notice that it is a link and that there are 2^64 addresses in that prefix, you are always going to 'loose' some. Now if you had 2 routers on the tunnel then maybe you would have an argument that you want to use say ::3, but you don't because otherwise it wouldn't be a point to point tunnel anymore.
Technically we could just use RA's over the tunnel and then let people use EUI-64 to assign themselves a tunnelendpoint, the problem here though is that we can't easily figure out the tunnelendpoint thus we can't monitor latency. Pinging ff02::1 could be an option but that won't technically for a number of
reasons and would make administrativia a mess.
Another thing we could do is give out /64 subnets for the few of you that have only one network behind your tunnel endpoint, but as we expect people to have more than one (a wired one and a wireless one at least) we give out a /48 just in case. This is RIPE policy btw.
Simple conclusion: as stated in the FAQ, if you need to connect more than one host then request a subnet.
And which suggestion are you giving?
Why is the /64 prefix limited to /127 ?
Shadow Hawkins on Wednesday, 28 July 2004 21:58:42
The suggestion was to assign the whole /64 prefix to be usable for the user. But I do understand the recomendations/policies.
I was only thinking about the state of the IPv4 which has 4 billion theoretical addresses where only a fraction is usable because of the way they are used. It doesn't perhaps really matter as the address space of IPv6 is so hugely much larger.
Why is the /64 prefix limited to /127 ?
Jeroen Massar on Thursday, 29 July 2004 09:12:09 The suggestion was to assign the whole /64 prefix to be usable for the user. But I do understand the recomendations/policies.
How could we do that? It is a point to point link, thus only 2 endpoints exist.
How can you use the rest of the prefix then? Or are you going to route a part of the /64 to another machine? That defies the whole purpose of the /64 per link and /48 per site idea.
I was only thinking about the state of the IPv4 which has 4 billion theoretical addresses where only a fraction is usable because of the way they are used.
IPv6 cusses like IPv4; IPv6 just doesn't give a **** like IPv4
IPv6 dresses like IPv4; walks, talks and acts like IPv4
And is the next best thing but not quite IPv4!
Also see the Presentations section, especially the Steve Deerings IPv6 Masterclass presentation at the bottom.
Posting is only allowed when you are logged in. |