You could try this: If you give a /48 to each site, then assign the sites primary and backup firewalls. Aggregate the /48s into larger blocks by primary firewall. Aggregate the primary firewall bocks into larger backup firewall aggregates. Advertise the firewall-specific aggregates and the less specific backup-firewall set aggregates. Owen On Jul 16, 2012, at 7:04 PM, Lee wrote:
On 7/15/12, John Levine <johnl@iecc.com> wrote:
I feel like I should be able to do something really nice with an absurdly large address space. But lack of imagination or whatever.. I haven't come up with anything that really appeals to me.
Use a fresh IP for every HTTP request, email message, and IM. Just think of how well you can do error management.
hrmm... nope, can't think of a single thing. Then again, I'm on the routing & switching team at work, so things like HTTP requests, email messages, and IM are just different types of user traffic that needs to be routed to me.
Recall the message I was responding to:
There is a HUGE difference between IPv4 and IPv6 thinking. We've all been living in an austerity regime for so long that we've completely forgotten how to leave parsimony behind. Even those of us who worked at companies that were summarily handed a Class B when we mumbled something about "internal subnetting" have a really hard time remembering how to act when we suddenly don't have to answer for every single host address and can design a network to conserve other things (like our brain cells).
I read it as design a network >>addressing scheme<< to conserve other things & was hoping someone could share new ways of looking at it. I feel like I'm stuck in "IPv4 think" with an addressing plan that's basically
Each site gets a /48. Even the ones with less than 200 people. Each subnet is assigned a /64 except for loopbacks & p2p subnets. First 256 subnets in each /48 are reserved for things like loopback addresses, p2p links, switch management subnets, etc. High order 4 bits of the site address are used for the subnet type. So a /52 tells you the site and if it's users, printers, servers, IP phones, or whatever.
Which is *boring*. Nothing novel, no breaking out of "IPv4 think" aside from massively wasting address space. Which brings me back around to my original request for suggestions. What's the new way of looking at designing a network addressing scheme?
Regards, Lee