Hello, The common recommendations for IPv6 point to point interface numbering are: /64 /124 /126 /127 /64: Advantages: conforms to IPv6 standard for a LAN link Disadvantages: DOS threats against this design. Looping on a true ptp circuit. Neighbor discovery issues. /124: Advantages: supports multiple routers on each end of the circuit. Conforms to nibble assignment boundary that helps keep address assignments clean and comprehensible. Disadvantages: ancient hardware that barely supports IPv6 may have trouble efficiently handling routes longer than /64. /126: Advantages: equivalent to an IPv4 /30 with exactly the same functionality. Disadvantages: equivalent to an IPv4 /30 with exactly the same functionality. /127: Advantages: saves that extra pair of IP addresses. Disadvantages: complicates configuration just to save two IPv6 addresses. Enhancements: For /124, /126 and /127: allocate all of your addresses for every router in the system from the same /64. Use router ACLs to control entry of packets directed to that /64. Nice clean way to stop hackers from poking at your routers. Regards, Bill Herrin On Tue, Jun 27, 2017 at 4:28 PM, Krunal Shah <KShah@primustel.ca> wrote:
Hello,
What subnet mask you are people using for point to point IPs between two ASes? Specially with IPv6, We have a transit provider who wants us to use /64 which does not make sense for this purpose. isn’t it recommended to use /127 as per RFC 6164 like /30 and /31 are common for IPv4.
I was thinking, if someone is using RFC7404 for point to point IP between two ASes and establish BGP over link local addresses. This way you have your own IP space on your router and transit provider does not have to allocate IP space for point to point interface between two ASes. In traceroutes you would see only loopback IP address with GUA assigned from your allocated routable address space. Remotely DDoS to this link isn’t possible this way. Thoughts?
[Description: cid:image010.png@01D1ECB6.5D17D120]<https://primus.ca/>
Krunal Shah Network Analyst, IP & Transport Network Engineering O: 416-855-1805 kshah@primustel.ca
[Description: cid:image011.png@01D1ECB6.5D17D120]<https://primus.ca/> [Description: cid:image012.png@01D1ECB6.5D17D120] <https://twitter.com/ Primus4Business> [Description: cid:image013.png@01D1ECB6.5D17D120] < https://www.facebook.com/primusforbusiness> [Description: cid:image014.png@01D1ECB6.5D17D120] <https://www.linkedin.com/ company/primus-telecommunications-canada-inc->
________________________________
This electronic message contains information from Primus Management ULC ("PRIMUS") , which may be legally privileged and confidential. The information is intended to be for the use of the individual(s) or entity named above. If you are not the intended recipient, be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic message in error, please notify us by telephone or e-mail (to the number or address above) immediately. Any views, opinions or advice expressed in this electronic message are not necessarily the views, opinions or advice of PRIMUS. It is the responsibility of the recipient to ensure that any attachments are virus free and PRIMUS bears no responsibility for any loss or damage arising in any way from the use thereof.The term "PRIMUS" includes its affiliates.
________________________________ Pour la version en français de ce message, veuillez voir http://www.primustel.ca/fr/legal/cs.htm
-- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>