Moving to IPv6

DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
OK so i have a /48 IPv6 range.

I also have a /19 IPv4 range so in no danger of running out of them soon, but want to move slowly over to the v6 addresses.

I was wondering what is the best way to do it, it seems that the ideas behind how to structure IPv6 in an organisation has changed a few time.

I was thinking i could do this by adverting external IPv6 address and then using duel stack and natting them to internal IPv4 address, and in turn enabling IPv6 internally in stages.

Or enable it as an end to end solution for specific devices and push it out across the network that way.

I am really looking for some case studies of successfully IPv6 implementation to read though and see how people are using it.

Cheers
  • If you can't explain it simply, you don't understand it well enough. Albert Einstein
  • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.

Comments

  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    I supose one big question is should you use IPv6 DHCP for assignment or Stateless Auto-Configuration
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • m3zillam3zilla Member Posts: 172
    DHCP.

    You can't assign things like NTP, domain names, WINS server, etc with stateless auto configuration.
  • DexterParkDexterPark Member Posts: 121
    DevilWAH wrote: »
    I supose one big question is should you use IPv6 DHCP for assignment or Stateless Auto-Configuration

    I can't really give you production advice, as I only run IPv6 in my home lab, but I just use stateless auto-config. Clients can figure out a gateway by themselves so all you really need to do is advertise your prefix, and have DHCP provide the DNS server and Domain:

    !
    ipv6 dhcp pool DHCP_POOL
    dns-server 2001:4860:4860::8888
    domain-name Example.com
    !
    interface FastEthernet0/0
    Description "LAN INTERFACE"
    no ip address
    ipv6 address 2001:AAAA:B:CCC::1/64
    ipv6 enable
    ipv6 nd prefix 2001:AAAA:B:CCC::/64
    ipv6 nd other-config-flag
    ipv6 dhcp server DHCP_POOL
    My advice to anyone looking to advance their career would be to learn DevOps tools and methodologies. Learn how to write code in languages like Python and JavaScript. Not to be a programmer, but a network automation specialist who can do the job of 10 engineers in 1/3 of the time. Create a GitHub account, download PyCharm, play with Ansible, Chef, or Puppet. Automation isn't the future, it's here today and the landscape is changing dramatically.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    m3zilla wrote: »
    DHCP.

    You can't assign things like NTP, domain names, WINS server, etc with stateless auto configuration.

    This is not correct see below

    "The problem with stateless autoconfiguration has up til now been that the client only could recieve IP-related configuration options: address, netmask and default gateway. If you are not a computer or have very thick eye-glasses you will also need DNS in order to use your autoconfigured network interface to surf the Internet. You could use DHCPv6 (or even DHCP) to set the DNS-servers in parallell - but honestly if you need to set up a DHCPv6-server why not use it all the way and go with the stateful assigment method instead?A solution to this problem - with an option in the router advertisement which could carry DNS-server configuration options - was stated in RFC 5006.

    This was experiemental until this RFC got obsoleted by the RFC 6106 which makes this option a standard.

    This is indeed good news and makes the stateless option useful."


    So you dont need DHCP to set option in IPv6 any more :)
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    DexterPark wrote: »
    I can't really give you production advice, as I only run IPv6 in my home lab, but I just use stateless auto-config. Clients can figure out a gateway by themselves so all you really need to do is advertise your prefix, and have DHCP provide the DNS server and Domain:

    !
    ipv6 dhcp pool DHCP_POOL
    dns-server 2001:4860:4860::8888
    domain-name Example.com
    !
    interface FastEthernet0/0
    Description "LAN INTERFACE"
    no ip address
    ipv6 address 2001:AAAA:B:CCC::1/64
    ipv6 enable
    ipv6 nd prefix 2001:AAAA:B:CCC::/64
    ipv6 nd other-config-flag
    ipv6 dhcp server DHCP_POOL

    yep I saw this config before I came across the new RFC to allow options to be set directly from the router with out DHCP, as a lot of people on the net are saying with this, if you are going to set up DHCP to server options, might as well server the address as well and then you have logs of whats on the network and a more central control.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • DexterParkDexterPark Member Posts: 121
    DevilWAH wrote: »
    yep I saw this config before I came across the new RFC to allow options to be set directly from the router with out DHCP, as a lot of people on the net are saying with this, if you are going to set up DHCP to server options, might as well server the address as well and then you have logs of whats on the network and a more central control.


    Makes sense. I never really thought about it that way, guess I'll try it next.
    My advice to anyone looking to advance their career would be to learn DevOps tools and methodologies. Learn how to write code in languages like Python and JavaScript. Not to be a programmer, but a network automation specialist who can do the job of 10 engineers in 1/3 of the time. Create a GitHub account, download PyCharm, play with Ansible, Chef, or Puppet. Automation isn't the future, it's here today and the landscape is changing dramatically.
  • m3zillam3zilla Member Posts: 172
    DevilWAH wrote: »
    This is not correct see below

    "The problem with stateless autoconfiguration has up til now been that the client only could recieve IP-related configuration options: address, netmask and default gateway. If you are not a computer or have very thick eye-glasses you will also need DNS in order to use your autoconfigured network interface to surf the Internet. You could use DHCPv6 (or even DHCP) to set the DNS-servers in parallell - but honestly if you need to set up a DHCPv6-server why not use it all the way and go with the stateful assigment method instead?A solution to this problem - with an option in the router advertisement which could carry DNS-server configuration options - was stated in RFC 5006.

    This was experiemental until this RFC got obsoleted by the RFC 6106 which makes this option a standard.

    This is indeed good news and makes the stateless option useful."


    So you dont need DHCP to set option in IPv6 any more :)

    Maybe I missed something, but my interpretation of that was that it allows you to assign a DNS, and a suffix list. It still doesn't allow you to assign other options like NTP, WINS, or TFTP.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    m3zilla wrote: »
    Maybe I missed something, but my interpretation of that was that it allows you to assign a DNS, and a suffix list. It still doesn't allow you to assign other options like NTP, WINS, or TFTP.

    Indeed it does not, however a lot of people no longer need WINS. And for most usages TFTP is a small nich requirement, (although yes some places may make heavy use of it.) As for NTP in a windows Domain there is no need for it as all clients can sync to the Domain controllers through AD.

    The man in the middle seems to be to use stateless DHCP, rather than statefull.

    Dam at one point not enough flexibility now to much ;) (i joke about to much)
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • m3zillam3zilla Member Posts: 172
    although WINS is old, there still a lot of dependencies on it. When your cisco phones boot up, it needs a tftp server to point it to the config
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    m3zilla wrote: »
    although WINS is old, there still a lot of dependencies on it. When your cisco phones boot up, it needs a tftp server to point it to the config

    We have removed WINs from our network, yes some legacy system do need it, but if you don't have them then you can wave it goodbye. As for phones, it is possible to use DNS to point the phones to a device that can pass them the info for TFTP and other options. Or at least with our Mitel phones you can. so they do a standard DNS request for a set name, that you set up to return for example the address the phone management system which the can connect to and receive code and config.

    For 95%+ of my infrastructure I have no need to set more than IP address, DFGW, and DNS servers. The only thing I do currently used DHCP options for is to push the phones on to a different VLAN, however more and more of site I am using LLDP direct from the switches to do this, so losing it by removing DHCP is not a issue.

    Chances are I will use a mixture of stateless and state-full DHCP as I move to IPv6 and not auto-configuration. More so I can see what is going on on the network rather than for functional reason, as for some of the things we do we have to have logs of Device to IP mappings. And while yes in stateless the MAC address makes up the IP address. Using DHCP would give me a log of mac, host name, user and ip.
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
  • RobertKaucherRobertKaucher Member Posts: 4,299 ■■■■■■■■■■
    Regarding waving WINS good by, don't forget this: Providing Single-Label DNS Name Resolution
    ... GNZ does make it possible for you to provide single-label name resolution of a fixed set of host computers whose names are guaranteed to be both global and unique.
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    in windows server DHCP, it seems if you set up stateless DHCP you can only send a single set of options to all subnets. So all subnets that use the DHCP server have to use the same DNS servers. and you also can't run stateless and statefull on the same server.

    is that right?
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
Sign In or Register to comment.