Anyone here set up public IPv6 addresses on their router?
I have been allocated a /32 (i.e 2001:db8::/32 or 2001:db8:ffff:ffff:ffff:ffff:ffff:ffff) block of IPv6 addresses and want to serve the entire range in /48 (i.e. 2001:db8::/48 or 2001:db8:0000:ffff:ffff:ffff:ffff:ffff) allocations.
First, I would like to reserve a /48 block off the top for administrative purposes and use the rest for customers.
I have looked for the best approach and thought I would post a note here to see if I could get some input. What is the best way to start building out off of the prefix given? I am finding a lot of examples of how to setup a tic with private IPv6 addresses but none using public IPv6 addresses. The addresses were obtained from ARIN. I have set up two name servers with my registered domain name.
There are two models of RPKI at ARIN. Which method would be the best to use? Hosted or Delegated?
My advice is don’t reserve too little for your internal use. We have a /32 and are an ISP, we have half of that allocated to internal stuff and half allocated to customers. The internal stuff is things like management IPs for radios, servers, internal IPs for staff, etc.
If you use all of your IPv6 space except for one /48 for customers, this will give you enough address space to have over 65 thousand customers, each of which would get a /48. Do you really expect to have this many customers?
On the other hand, if you divide up the address space into two, and use half for internal/management and half for customers, you have enough still for 32 thousand customers. If you think having addresses for 32 thousand customers (getting a /48 each) is probably sufficient then that is probably enough space for customers.
The #1 biggest mistake when planning IPv6 space is not being wasteful enough. People are afraid of wasting space and want to conserve it because of experiences with IPv4, but if you adopt that mindset for IPv6, you end up creating an addressing plan that is just really hard to work with and tries too hard to save space for customers at the expense of making it harder for you to work with your address space. Go with a plan that helps you to keep things better organized and makes your firewalls easier to manage.
Yes, /48’s will be reallocated to customers. Got a good grip on the addressing but, need a good approach on routing our core to the public. Which, is an RB3011. We also have a CSS326 switch. Presently at this location we have a Comcast cable line that we can open up to 1G but, it is not symmetrical. It will do until our fiber line order is installed. So, do we tunnel out and if so which tunnel? There is just about zero info out there on IPv6. IPv4 is old hat but, routing v6 is new for me and I am finding getting our presence on the internet a challenge.
It is pretty easy actually, just get a free BGP tunnel from Hurricane Electric tunnelbroker (choose BGP tunnel instead of Regular tunnel when you go to create the tunnel) and set up BGP and start advertising your prefix. You’ll need to submit an LoA when you sign up for the BGP tunnel. The process is pretty quick.