Scribd
Upload
150 views

IPv6 Subnetting

1) The document discusses IPv6 subnetting and provides a case study of how to allocate an IPv6 /48 address block across a mid-sized company. 2) It breaks the address space into sites and sub-sites based on geographic regions and cities, assigning /52 and /56 prefixes. 3) Within each sub-site, subnets are defined using /64 prefixes and examples are given of how specific services are addressed.

Uploaded by

Emily Owen
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
150 views

IPv6 Subnetting

1) The document discusses IPv6 subnetting and provides a case study of how to allocate an IPv6 /48 address block across a mid-sized company. 2) It breaks the address space into sites and sub-sites based on geographic regions and cities, assigning /52 and /56 prefixes. 3) Within each sub-site, subnets are defined using /64 prefixes and examples are given of how specific services are addressed.

Uploaded by

Emily Owen
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 8

IPv6 Subnetting - Overview and Case Study

The sheer number of bits in an IPv6 address can make IPv6 subnetting intimidating at best. With the
addition of a new addressing scheme it's easy to get lost trying to break up your brand new /48 address
across your enterprise.

The New Boss, Same as the Old Boss


Subnetting with IPv6 is not drastically different than subnetting with IPv4, we just need to keep a few
things in mind:
1.) Each character in an IPv6 address represents 4 bits (a nibble).
Since 0xF is 1111 in binary, it's easy to fall back into an IPv4 habit and forget that 0x11 is actually 0001
0001 in binary.
2.) Each IPv6 set represent 16 bits (4 characters at 4 bits each).
Keeping this in mind can make breaking up subnets a bit easier.
3.) Once it's in binary nothing changes!
It's easy to get lost in so many binary digits but the math is all the same. Each subnet bit is one fewer
host bit and vice versa.

Setting the Ground Rules


The leading practice is to receive at least a /48 prefix from an ISP. This leaves you with 2^80 bits to
manipulate (128 bit address - 48 bits that can't be changed = 80 bits to use). More bits than the entire
IPv4 address space!
According to RFC4291 the current recommended smallest prefix is a /64. With so many addresses in
IPv6 there isn't the same need for address conservation as there is in IPv4. You can assign a /64 to a
point-to-point link and not feel guilty. The only exception to this is the recommendation from ARIN to use
a /128 on loopback addresses.
This gives us one block of hex digits, or 16-bits, to use for subnetting. One block might not sound like
much, but 16-bits is half of the entire IPv4 address space.

Defining the Site ID


In order to allow for proper route aggregation and summarization you should define Site IDs that you
can use at each location (be that an office, data center or geographic region).
This is where we need to define at least a Site ID, and possibly a sub-Site ID.
If we are assigned 2001:db8:1234:0000:/48 from our provider, as mentioned, we have the "0000" to
manipulate for site, sub-site and subnet IDs.
How you should break this down depends greatly on your business needs, but the easiest way may be
to break things down along the nibble boundary. This can give us a few options:

Option A:
4 Sites, 4 sub-sites (at each site), 4096 subnets (at each sub-site): first 2 bits for the site, next two bits
for the sub-site (first nibble), next three nibbles for subnets (2^12).
Option B:
16 sites, 16 sub-sites (at each site), 256 subnets (at each sub-site):
First nibble for the site, second for the sub-site and the last two for the subnet.
Option C:
16 sites, 256 sub-sites (at each site), 16 subnets (at each sub-site):
The first nibble for the site, the second and third for the sub-site and the final nibbles for the subnet.

IPv6 Subnetting Case Study


We have a mid-sized company with offices and data centers across the United States. As part of our
long term planning we have applied for an IPv6 address and were assigned 2001:db8:abcd::/48. We
now need to allocate this across our enterprise.
We have branches in most states, so we've decided to use Option B, giving us 16 sites, 16 sub-sites
and 256 subnets per site.

We've decided that a "site" will be a geographic region of the country and a sub-site will be a city within
the geographic region. Here is the breakdown we are using for our sites:

(c/o US Department of Justice and Wikipedia)

Site Addresses
The sites that we are rolling IPv6 to are in:
San Francisco (Site 9)
Seattle (Site 9)
Omaha (Site 8)
Newark (Site 3)
New York City (Site 2)
Boston (Site 1)
At this point we can assign site and sub-site prefixes.
Each region will match the number on the map:
Site 0

- 2001:db8:abcd:0000::/52 (for future use)

Site 1

- 2001:db8:abcd:1000::/52

Site 2

- 2001:db8:abcd:2000::/52

Site 3

- 2001:db8:abcd:3000::/52

...
Site 8

- 2001:db8:abcd:8000::/52

Site 9

- 2001:db8:abcd:9000::/52

Site 10 - 2001:db8:abcd:a000::/52 (for future use)


Site 11 - 2001:db8:abcd:b000::/52 (for future use)
Site 12 - 2001:db8:abcd:c000::/52 (for future use)

...
These are /52s, because we have 48 bits from the provider and then the next 4 for the site.

Sub-Site Addresses
Next we can assign our sub-sites:

Site 1
---Future Use - 2001:db8:abcd:1000::/56
Boston - 2001:db8:abcd:1100::/56
Future Use - 2001:db8:abcd:1200::/56
...
Future Use - 2001:db8:abcd:1a00::/56
Future Use - 2001:db8:abcd:1b00::/56
...

Site 2
----New York City - 2001:db8:abcd:2000::/56
...

Site 3
---Future Use - 2001:db8:abcd:3000::/56
...
Newark - 2001:db8:abcd:3f00::/56

Site 8
---Omaha - 2001:db8:abcd:8000::/56

Site 9
----

San Francisco - 2001:db8:abcd:9100::/56


Seattle - 2001:db8:abcd:9200::/56

Just like the site, the sub-site uses 4 more bits, moving our prefix length from a /52 to a /56.

Subnet Addresses
Within each site we can now assign our subnets. We will use our Newark site as an example.
Firewall Outside: 2001:db8:abcd:3f00::/64
Web servers : 2001: db8: abcd: 3f01 :: / 64
Database Servers: 2001:db8:abcd:3f02::/64
....
Mail Servers: 2001:db8:abcd:3f0d::/64
....
Management: 2001:db8:abcd:3fee::/64
Loopbacks : 2001: DB8: ABCD: 3fff :: / 64

We are defining the next two nibbles for the subnet so our mask moves from a /56 sub-site up to a /64
subnet prefix. Newark's subnets can use 2001:db8:abcd:3f00 through 2001:db8:abcd:3fff:: for subnet
addresses.
Within each subnet we can provide 2^64 addresses, as we still have 64 bits to use.
For example, within the MailServers vlan we will start all addresses with 2001:db8:abcd:3f0d:: and the
last 64-bits are for the host.

We've assigned the following addresses


mail gateway: 2001:db8:abcd:3f0d::1/64
mail01: 2001:db8:abcd:3f0d:0000:0000:0000:0002/64
mail02: 2001:db8:abcd:3f0d::ab00/64
mail03: 2001:db8:abcd:3f0d:abcd:ef12::1/64

Routing
With IPv6 not relying on IPv4 anymore we finally address the poor addressing schemes we've all had in
place for years. By defining sites and sub-sites, with plenty of room for growth we can do some pretty
heavy duty aggregation.
Each of our sub-sites will advertise their /56 prefix up to an aggregation router.
Each aggregation router will be connected to the IPv6 Internet and announce both our enterprise wide /
48 and the site /52. This provides redundant connectivity via the internet and allows the internet to use
longest match to reach the site directly.

Final Thoughts
Of course you'll want to do what works best for your organization and aligns with your business goals
and requirements. There are no requirements regarding the site and sub-site or even how these are
broken down. These are provided to help you get a better grasp on how do assign IPv6 addresses.
Don't forget, when you get stuck you can always call TAC!

You might also like