On 2010-08-16 08:49, Mike wrote:
Hi Folks,
I am needing to renumber some core infrastructure - namely, my nameservers and my resolvers - and I was wondering if the collective wisdom still says heck yes keep this stuff all on seperate subnets away from eachother? Anyone got advice either way? Should I try to give sequential numbers to my resolvers for the benefit of consultants ... like .11, .22 and .33 for my server ips?
Take a IPv4 /24, /28, whatever size you might think you need and an IPv6 /64 and make it your 'service prefix', then anycast this inside your network and do the standard 'bgp daemon on the box, monitor the local service' trick and kill the announcement when the service does not work, presto. As for the actually numbers, just keep them simple. Using port-numbers (53 = DNS, 25 = SMTP etc etc etc) where possible is easy for at least the more technical folks, of course IPv4 only goes up to 255, IPv6 does not have that issue. Greets, Jeroen