• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

Few hosts but disproportionately much networking: Is a /48 warranted?

Started by chrise, January 04, 2011, 07:23:18 PM

Previous topic - Next topic

chrise

I currently have the following hosts that I want IPv6 connectivity for:

  • VPS
  • Home server
  • Big laptop
  • Small laptop
  • (Potentially) Other home computers used by other members of the family
  • (Potentially) People visiting me at university

None of the hosts has native IPv6 access.
The VPS has internet access with static IPv4 addresses, and is the only one that I consider it feasible at this time to directly make a tunnel endpoint.
The home server is always on the home network (behind an NAT device that is theoretically under my control, but annoying), as are the other home computers.
When I am at home, both laptops are also on the home network.
When I am at university, the big laptop has (IPv4) internet access via the university network (behind NAT not under my control), and is on a private wireless network along with the small laptop and the computers of any visitors.

Currently, the VPS uses a tunnelbroker.net tunnel, and hosts a VPN. I have thought of the following ways to connect things together for IPv6:

  • Have everything directly connect to the VPN: This only really works for the computers that I directly control and is very inefficient for communication between hosts on the same local network. (Though I guess I could set up separate local connectivity.)
  • Ethernet-bridge everything together: This does not seem very good for either performance or security.
  • Subnets with routing: One for the VPN, one for the home network and one for the wireless at university.
At the moment, I have a single routed /64, and am using subnets, with a /80 prefix for each. This works fine for manually configured hosts, but does not seem like a good thing to do according to the RFCs, and does not look like it will allow automatic configuration (which I would want to use for the other home computers, and for visitors at university).

So, the obvious thing to do seems to be to grab a /48 and give each subnet a /64. However, I am inclined to be miserly, and it seems highly extravagant to allocate a /48 for what might well be as few as 4 hosts and is unlikely to be more than 16 any time soon.

So, I ask:

  • Do people feel that it is reasonable for me to allocate a /48 range?
  • If I allocate one and then later decide I don't want it, will it be possible for me to release it back into the pool for others to use? (Specifically on tunnelbroker.net - but I thought this forum was a better fit for my post overall.)

Recommendations to arrange things in a different manner entirely are also fairly welcome.

cholzhauer

Quote
So, the obvious thing to do seems to be to grab a /48 and give each subnet a /64. However, I am inclined to be miserly, and it seems highly extravagant to allocate a /48 for what might well be as few as 4 hosts and is unlikely to be more than 16 any time soon.

So, I ask:
Do people feel that it is reasonable for me to allocate a /48 range?
If I allocate one and then later decide I don't want it, will it be possible for me to release it back into the pool for others to use? (Specifically on tunnelbroker.net - but I thought this forum was a better fit for my post overall.)

I used to think the same thing...a /48 was a waste of space.  However, through these forums and other things, I have been told this is IPv4 thinking and it does not tie in to IPv6.  A /48 might seem like a waste, but it's the "right" way to do what you want to do. 

As far as I know, the only way to give up your /48 once it's allocated is to remove your account (unless emailing ipv6@he.net would do it)

jrocha

Quote from: chrise on January 04, 2011, 07:23:18 PM
So, I ask:

  • Do people feel that it is reasonable for me to allocate a /48 range?
  • If I allocate one and then later decide I don't want it, will it be possible for me to release it back into the pool for others to use? (Specifically on tunnelbroker.net - but I thought this forum was a better fit for my post overall.)

If you feel you can justify a /48, then you are welcome to request one. If you later decide that you do not need the /48, you can throw it back into the pool by deleting the tunnel. Unfortunately, this will also remove the /64 since you are deleting the entire tunnel. Otherwise, you can email ipv6@he.net and we can manually remove the /48 from your tunnel.

sput

Hi there


A /48 seems overdone, but there is method to this madness;
Right now MAC / ethernet addresses are 6 bytes. It is however expected that future network cards will have 8 byte addresses. So that's 64 bits. This means that if you want to use auto configuration, you need a /64 (64 bits) for a single ethernet segment.
Some people have more then one ethernet. Some have a lot.
This is why you get a /56 (rare) which is 2⁸ = 256 /64's) or a /48 which is 2ยน⁶ = 65536 /64's.

More on IPv6 related numbers here;
http://www.sput.nl/software/cidr-routing.html#ipv6


Regards,
Rob

snarked

How about an option to request a /56 (256 subnets of /64) or a /60 (16 subnets of /64) instead of a /48?

broquea

/64 and /48 subnets are pretty much a fixed aspect of the service. No plans on changing this.

dcottle

I agree with the /48 If you are going to have a few nics you need the /48 to cut into /64s to advertise on each NIC.

With the way IPv6 works with radvd and length of MAC addresses, even ISPs are going to have to assign /48 native to anyone with more than one NIC wanting to advertise the ipv6 tunnel.

No one is going to bother setting up static ipv6 addresses and routes to get around the issue.  It's much easier to advertise the subnet and have everything auto configure.