On 1/24/2011 at 5:18 AM, <bmanning@vacation.karoshi.com> wrote: On Mon, Jan 24, 2011 at 02:10:48PM +0100, Marco Hogewoning wrote: While reading up on IPv6, I've seen numerous places that subnets are now all /64.
I have even read that subnets defined as /127 are considered harmful.
RFC3627, with a lot of discussion in the IETF on this. See also https://datatracker.ietf.org/doc/draft-ietf-6man-prefixlen-p2p/
However while implementing IPv6 in our network, I've encountered several of our peering partners using /127 or /126 for point-to-point links.
I personally don't any benefit in using /126 subnets.
What is the Best Current Practice for this - if there is any?
Would you recommend me to use /64, /126 or /127?
What are the pros and cons?
From an operational point of view there is a risk that be using /64 somebody can eat away a lot of memory by either scanning or even changing addresses. This is also described in the draft above...
I would personally recommend to at least always assign the /64, even if you would decide to configure the /127. RFC 3627 has been around long enough that you will keep running into equipment or software that won't like the /127. In which case you can always revert back to /64. This will also allow you to use easy to remember addresses like ::1 and ::2, saving you the headache of a lot of binary counting.
Grtx,
Marco
this results in -very- sparse matrix allocation - which is fine, as long as you believe that you'll never run out/make mistakes. personally, i've use /126 for the past 12 years w/o any problems.
there was never supposed to be a hard split at /64 - it was done as a means to simplify autoconfig.
All of the (mostly religious) arguments about /64 versus any smaller subnets aside, I'm curious about why one would choose /126 over /127 for P-to-P links? Is this some kind of IPv4-think where the all-zeros and all-ones addresses are not usable unicast addresses? This isn't true in IPv6 (of course, it's not strictly true in IPv4 either). Is there another reason? -- Crist Clark Network Security Specialist, Information Systems Globalstar 408 933 4387