[CentOS] IP6 Anyone?

Sun Feb 27 15:38:59 UTC 2011
David Sommerseth <dazo at users.sourceforge.net>

On 27/02/11 14:44, Always Learning wrote:
> I was actually wrong. I can 'play' with not 2 but 4 groups of the IP6
> allocation. Golly, what can I do with 64 x 64 x 64 x 64 address
> combinations?  Hire then out?  Have a different IP6 address for every
> hour of the year?

If you got allocated a /48 net from you ISP you will have this setup:
<ISP prefix, 48 bit>:<16bit subnetting>:<64 bit address scope>

This gives you 65536 subnets with 64 bit subnet mask (/64).  An example, 'AA' 
indicates the ISP, 'BB' indicates the subnet:

                  AAAA:AAAA:AAAA:BBBB::/64
  ISP prefix       16 + 16 + 16             = 48 bits
  Your own subnets              + 16        = 64 bits

If you are given a /56 net from you ISP, it will look more like this:
<ISP prefix, 48 bit>:<cont. ISP prefix 8 bit><8 bit subnetting>:<64 bit addr>

This gives you 256 subnets with 64 bit subnet mask.  An example:

                  AAAA:AAAA:AAAA:AABB::/64
  ISP  prefix      16 + 16 + 16 + 8       = 56 bits
  Your own subnets                + 8     = 64 bits

It is really not recommended to segment your own networks in smaller subnets 
than /64 nets.  F.ex. if you want to use radvd for stateless 
auto-configuration, it will expect 64 bit subnets.  It is doable to make 
smaller subnets, but don't do that unless you really know what you're doing.

Using 64bit subnets makes it so easy to handle them.  You know that the first 
64bits of an address is the prefix to your own subnet.  As there are no 
"network address" (like 192.168.0.0), no broadcast address (like 
192.168.0.255), any addresses within a /64 subnet will be a valid IPv6 address 
for that subnet.  And it will be a global IP address in addition.

The rest, is just firewalling and routing.  Which is basically the same as in 
the IPv4 world, just with different address syntax.

 > Put the IP4 address in the last 4 groups?
 > (2001::10.2.2.191)

I recommend you to *not* mix in stuff like this, at least in the very 
beginning.  Run a dual stack IPv4 and IPv6 environment.  It's easier to 
maintain, and they both run fine together in the same physical network segment.

 > That vast surplus of IP6 addresses is just for one server - I have
 > several.

Yes, IPv6 gives every site a lot of more possibilities.  And in IPv6 each NIC 
can have multiple IPv6 addresses, without using aliasing which is needed for 
IPv4.  If you want to allocate 30 IPv6 addresses to one adapter, you may do so 
very easily.  Just use 'ip -6 addr add <ipv6 addr> dev eth0'



kind regards,

David Sommerseth