SOHO IPv6 switches
Of course, any ethernet switch is "IPv6 ready." They are just ethernet packets, and the switch doesn't care what's in the packets. Which SOHO class switches are really IPv6 capable? Or is it still necessary to go with the enterprise class switches? IOT devices all want to chat with each other even if there is no upstream IPv6 (Verizon FIOS). IGMPv3 snooping and IPv4 controls keep IPv4 broadcast storms under control. But SOHO-class switches don't seem to have the same capabilities for IPv6. The top two capabilities: 1) MLD snooping and 2) a simple way to keep IPv6 off certain ports (i.e. ancient 10/100 devices, which don't like it. controlling the multicast floods may also help them). What's the goto SOHO-class switch for IPv6?
Sean Donelan wrote on 18/01/2022 11:28:
The top two capabilities: 1) MLD snooping and 2) a simple way to keep IPv6 off certain ports (i.e. ancient 10/100 devices, which don't like it. controlling the multicast floods may also help them).
Most people don't use ipv6 multicast in anger (i.e. anything more than nd / bonjour / etc), so mld snooping isn't that important for small switches. For proper device access control, you also need the ability for the switch to do ND/RA + DHCP snooping / filtering. Otherwise you open yourself to rogue routers and/or address assignment. Nick
On Tue, 18 Jan 2022, Sean Donelan wrote:
What's the goto SOHO-class switch for IPv6?
Zyxel/Netgear/TP-Link all have switches in the 100-200USD range that can do some basic stuff (filter on ethertype, some DHCPv6/RA inspection, SNMP polling via IPv6 etc). I was surprised by what I found (and this was 5-8 years ago), but I never went all-in on testing all of this, but looking at the feature set it actually seemed like they tried to support BCP38/SAVI, so I imagine some of these switches are actually used by ISPs as ETTH equipment. https://www.tp-link.com/us/business-networking/managed-switch/tl-sg3428/v2/ "IPv6 functions such as Dual IPv4/IPv6 Stack, MLD Snooping, IPv6 ACL, DHCPv6 Snooping..." -- Mikael Abrahamsson email: swmike@swm.pp.se
Hi Sean, Cisco SG250? Thanks, -- Marcin Gondek / Drixter http://fido.e-utp.net/ AS56662 ________________________________ Od: NANOG <nanog-bounces+drixter=e-utp.net@nanog.org> w imieniu użytkownika Sean Donelan <sean@donelan.com> Wysłane: wtorek, 18 stycznia 2022 12:28 Do: nanog@nanog.org <nanog@nanog.org> Temat: SOHO IPv6 switches Of course, any ethernet switch is "IPv6 ready." They are just ethernet packets, and the switch doesn't care what's in the packets. Which SOHO class switches are really IPv6 capable? Or is it still necessary to go with the enterprise class switches? IOT devices all want to chat with each other even if there is no upstream IPv6 (Verizon FIOS). IGMPv3 snooping and IPv4 controls keep IPv4 broadcast storms under control. But SOHO-class switches don't seem to have the same capabilities for IPv6. The top two capabilities: 1) MLD snooping and 2) a simple way to keep IPv6 off certain ports (i.e. ancient 10/100 devices, which don't like it. controlling the multicast floods may also help them). What's the goto SOHO-class switch for IPv6?
The Netgear GS108T is my typical go-to "not a dumb switch". 8 ports for about $80. Make sure you get the v3 if you want most of the modern IPv6 L2 features (you also get some very limited L3 capabilities). The v2 lacks most of them and is still readily available on the market. -- Brandon Martin
Brandon Martin <lists.nanog@monmotha.net> writes:
The Netgear GS108T is my typical go-to "not a dumb switch". 8 ports for about $80.
Make sure you get the v3 if you want most of the modern IPv6 L2 features (you also get some very limited L3 capabilities).
Extra bonus with the GS108Tv3, and anything else based on the RTL8380, is that you can run OpenWrt on it. Bjørn
On Tue, 18 Jan 2022, Brandon Martin wrote:
The Netgear GS108T is my typical go-to "not a dumb switch". 8 ports for about $80.
Make sure you get the v3 if you want most of the modern IPv6 L2 features (you also get some very limited L3 capabilities). The v2 lacks most of them and is still readily available on the market.
Thank you for the SOHO switch recommendation. Ordered the netgear GS108Tv3, next-day delivery, and installed it this evening. The IGMP/MLD snooping did its job keeping the excess multicast traffic off the ports with legacy IP gear. The netgear also supports ether.type filters, but I didn't need to use those filters. Filtering the multicast was enough, to keep the port congestion below the legacy 10Mbps (which seemed to be closer to 1 Mbps) breaking point. My newest IPv4 and IPv6 gear is happy. My ancient stuff is happy. And most importantly, I didn't need to spend enterprise-grade bucks or play ebay gear roulette.
participants (6)
-
Bjørn Mork -
Brandon Martin -
Marcin Gondek -
Mikael Abrahamsson -
Nick Hilliard -
Sean Donelan