draft-ietf-v6ops-design-choices-03.txt   draft-ietf-v6ops-design-choices-04.txt 
V6OPS Working Group P. Matthews V6OPS Working Group P. Matthews
Internet-Draft Alcatel-Lucent Internet-Draft Alcatel-Lucent
Intended status: Informational V. Kuarsingh Intended status: Informational V. Kuarsingh
Expires: March 22, 2015 Dyn Expires: August 22, 2015 Dyn
September 18, 2014 February 18, 2015
Design Choices for IPv6 Networks Some Design Choices for IPv6 Networks
draft-ietf-v6ops-design-choices-03 draft-ietf-v6ops-design-choices-04
Abstract Abstract
This document presents advice on the design choices that arise when This document presents advice on certain routing-related design
designing IPv6 networks (both dual-stack and IPv6-only). The choices that arise when designing IPv6 networks (both dual-stack and
intended audience is someone designing an IPv6 network who is IPv6-only). The intended audience is someone designing an IPv6
knowledgeable about best current practices around IPv4 network network who is knowledgeable about best current practices around IPv4
design, and wishes to learn the corresponding practices for IPv6. network design, and wishes to learn the corresponding practices for
IPv6.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on March 22, 2015. This Internet-Draft will expire on August 22, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Design Choices . . . . . . . . . . . . . . . . . . . . . . . 3 2. Design Choices . . . . . . . . . . . . . . . . . . . . . . . 3
2.1. Links . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1. Interfaces . . . . . . . . . . . . . . . . . . . . . . . 3
2.1.1. Mix IPv4 and IPv6 on the Same Link? . . . . . . . . . 3 2.1.1. Mix IPv4 and IPv6 on the Same Layer-3 Interface? . . 3
2.1.2. Links with Only Link-Local Addresses? . . . . . . . . 4 2.1.2. Interfaces with Only Link-Local Addresses? . . . . . 4
2.2. Static Routes . . . . . . . . . . . . . . . . . . . . . . 6 2.2. Static Routes . . . . . . . . . . . . . . . . . . . . . . 6
2.2.1. Link-Local Next-Hop in a Static Route? . . . . . . . 6 2.2.1. Link-Local Next-Hop in a Static Route? . . . . . . . 6
2.3. IGPs . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.3. IGPs . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.3.1. IGP Choice . . . . . . . . . . . . . . . . . . . . . 6 2.3.1. IGP Choice . . . . . . . . . . . . . . . . . . . . . 7
2.4. BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.4. BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.4.1. BGP Sessions for Unlabeled Routes . . . . . . . . . . 10 2.4.1. Which Transport for Which Routes? . . . . . . . . . . 8
2.4.2. BGP sessions for Labeled or VPN Routes . . . . . . . 11 2.4.1.1. BGP Sessions for Unlabeled Routes . . . . . . . . 10
2.4.3. eBGP Endpoints: Global or Link-Local Addresses? . . . 11 2.4.1.2. BGP sessions for Labeled or VPN Routes . . . . . 11
2.4.2. eBGP Endpoints: Global or Link-Local Addresses? . . . 11
3. General Observations . . . . . . . . . . . . . . . . . . . . 12 3. General Observations . . . . . . . . . . . . . . . . . . . . 12
3.1. Use of Link-Local Addresses . . . . . . . . . . . . . . . 12 3.1. Use of Link-Local Addresses . . . . . . . . . . . . . . . 12
3.2. Separation of IPv4 and IPv6 . . . . . . . . . . . . . . . 13 3.2. Separation of IPv4 and IPv6 . . . . . . . . . . . . . . . 13
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14
5. Security Considerations . . . . . . . . . . . . . . . . . . . 14 5. Security Considerations . . . . . . . . . . . . . . . . . . . 14
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 14 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 14
7. Informative References . . . . . . . . . . . . . . . . . . . 14 7. Informative References . . . . . . . . . . . . . . . . . . . 15
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 16 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 17
1. Introduction 1. Introduction
This document presents advice on the design choices that arise when This document discusses certain choices that arise when designing a
designing IPv6 networks (both dual-stack and IPv6-only). The IPv6-only or dual-stack network. The focus is on routing-related
intended audience is someone designing an IPv6 network who is design choices that do not usually come up when designing an
knowledgeable about best current practices around IPv4 network IPv4-only network. The document presents each choice and the
design, and wishes to learn the corresponding practices for IPv6. alternatives, and then discusses the pros and cons of the
alternatives in detail. Where consensus currently exists around the
The focus of the document is on design choices where there are best practice, this is documented; otherwise the document simply
differences between IPv4 and IPv6, either in the range of possible summarizes the current state of the discussion. Thus this document
alternatives (e.g. the extra possibilities introduced by link-local serves to both document the reasoning behind best current practices
addresses in IPv6) or the recommended alternative. The document for IPv6, and to allow a designer to make an informed choice where no
presents the alternatives and discusses the pros and cons in detail. such consensus exists.
Where consensus currently exists around the best practice, this is
documented; otherwise the document simply summarizes the current
state of the discussion. Thus this document serves to both to
document the reasoning behind best current practices for IPv6, and to
allow a designer to make an intelligent choice where no such
consensus exists.
This document does not present advice on strategies for adding IPv6 This document does not present advice on strategies for adding IPv6
to a network, nor does it discuss transition mechanisms. For advice to a network, nor does it discuss transition mechanisms. For advice
in these areas, see [RFC6180] for general advice, [RFC6782] for in these areas, see [RFC6180] for general advice, [RFC6782] for
wireline service providers, [RFC6342] for mobile network providers, wireline service providers, [RFC6342] for mobile network providers,
[RFC5963] for exchange point operators, [RFC6883] for content [RFC5963] for exchange point operators, [RFC6883] for content
providers, and both [RFC4852] and providers, and both [RFC4852] and [RFC7381] for enterprises. Nor
[I-D.ietf-v6ops-enterprise-incremental-ipv6] for enterprises. Nor does this document discuss the particulars of creating an IPv6
does the document cover the ins and outs of creating an IPv6 addressing plan; for advice in this area, see [RFC5375] or
addressing plan; for advice in this area, see [RFC5375]. [v6-addressing-plan]. The use of ULAs instead of globally-routed
addresses is also not discussed; for this the reader is referred to
This document focuses on unicast network design only. It does not [I-D.ietf-v6ops-ula-usage-recommendations].
cover multicast, nor supporting infrastructure such as DNS.
The current version is still work in progress, and it is expected Finally, this document focuses on unicast routing design only and
that the presentation and discussion of additional design choices does not cover multicast or the issues involved in running MPLS over
will be added as the document matures. IPv6 transport.
2. Design Choices 2. Design Choices
This section consists of a list of specific design choices a network Each subsection below presents a design choice and discusses the pros
designer faces when designing an IPv6-only or dual-stack network, and cons of the various options. If there is consensus in the
along with guidance and advice to the designer when making a choice. industry for a particular option, then the consensus position is
noted.
2.1. Links 2.1. Interfaces
2.1.1. Mix IPv4 and IPv6 on the Same Link? 2.1.1. Mix IPv4 and IPv6 on the Same Layer-3 Interface?
Should IPv4 and IPv6 traffic be logically separated on a link? That If a network is going to carry both IPv4 and IPv6 traffic, as many
is: networks do today, then a fundamental question arises: Should an
operator mix IPv4 and IPv6 traffic or keep them separated? More
specifically, should the design:
a. Mix IPv4 and IPv6 traffic on the same layer 2 connection, OR a. Mix IPv4 and IPv6 traffic on the same layer-3 interface, OR
b. Separate IPv4 and IPv6 by using separate physical or logical b. Separate IPv4 and IPv6 by using separate interfaces (e.g., two
links (e.g., two physical links or two VLANs on the same link)? physical links or two VLANs on the same link)?
Option (a) implies a single layer 3 interface at each end with both Option (a) implies a single layer-3 interface at each end of the
IPv4 and IPv6 addresses; while option (b) implies two layer 3 connection with both IPv4 and IPv6 addresses; while option (b)
interfaces, one for IPv4 addresses and one with IPv6 addresses. implies two layer-3 interfaces at each end, one for IPv4 addresses
and one with IPv6 addresses.
The advantages of option (a) include: The advantages of option (a) include:
o Requires only half as many layer 3 interfaces as option (b), thus o Requires only half as many layer 3 interfaces as option (b), thus
providing better scaling; providing better scaling;
o May require fewer physical ports, thus saving money; o May require fewer physical ports, thus saving money;
o Can make the QoS implementation much easier (for example, rate- o Can make the QoS implementation much easier (for example, rate-
limiting the combined IPv4 and IPv6 traffic to or from a limiting the combined IPv4 and IPv6 traffic to or from a
customer); customer);
o Works well in practice, as any increase in IPv6 traffic is usually o Works well in practice, as any increase in IPv6 traffic is usually
counter-balanced by a corresponding decrease in IPv4 traffic to or counter-balanced by a corresponding decrease in IPv4 traffic to or
from the same host (ignoring the common pattern of an overall from the same host (ignoring the common pattern of an overall
increase in Internet usage); increase in Internet usage);
o And is generally conceptually simpler. o And is generally conceptually simpler.
skipping to change at page 4, line 15 skipping to change at page 4, line 12
limiting the combined IPv4 and IPv6 traffic to or from a limiting the combined IPv4 and IPv6 traffic to or from a
customer); customer);
o Works well in practice, as any increase in IPv6 traffic is usually o Works well in practice, as any increase in IPv6 traffic is usually
counter-balanced by a corresponding decrease in IPv4 traffic to or counter-balanced by a corresponding decrease in IPv4 traffic to or
from the same host (ignoring the common pattern of an overall from the same host (ignoring the common pattern of an overall
increase in Internet usage); increase in Internet usage);
o And is generally conceptually simpler. o And is generally conceptually simpler.
For these reasons, there is a pretty strong consensus in the operator For these reasons, there is a relatively strong consensus in the
community that option (a) is the preferred way to go. Most networks operator community that option (a) is the preferred way to go. Most
today use option (a) wherever possible. networks today use option (a) wherever possible.
However, there can be times when option (b) is the pragmatic choice. However, there can be times when option (b) is the pragmatic choice.
Most commonly, option (b) is used to work around limitations in Most commonly, option (b) is used to work around limitations in
network equipment. One big example is the generally poor level of network equipment. One big example is the generally poor level of
support today for individual statistics on IPv4 traffic vs IPv6 support today for individual statistics on IPv4 traffic vs IPv6
traffic when option (a) is used. Other, device-specific, limitations traffic when option (a) is used. Other, device-specific, limitations
exist as well. It is expected that these limitations will go away as exist as well. It is expected that these limitations will go away as
support for IPv6 matures, making option (b) less and less attractive support for IPv6 matures, making option (b) less and less attractive
until the day that IPv4 is finally turned off. until the day that IPv4 is finally turned off.
2.1.2. Links with Only Link-Local Addresses? 2.1.2. Interfaces with Only Link-Local Addresses?
Should the link: As noted in the introduction, this document does not cover the ins
and outs around creating an IPv6 addressing plan. However, there is
one fundamental question in this area that often arises: Should the
interface:
a. Use only link-local addresses ("unnumbered"), OR a. Use only link-local addresses ("unnumbered"), OR
b. Have global or unique-local addresses assigned in addition to b. Have global (or unique-local) addresses assigned in addition to
link-locals? link-locals?
There are two advantages of unnumbered links. The first advantage is There are two advantages of unnumbered interfaces. The first
ease of configuration. In a network with a large number of advantage is ease of configuration. In a network with a large number
unnumbered links, the operator can just enable an IGP on each router, of unnumbered interfaces, the operator can just enable an IGP on each
without going through the tedious process of assigning and tracking router, without going through the tedious process of assigning and
the addresses for each link. The second advantage is security. tracking the addresses for each interface. The second advantage is
Since link-local addresses are unroutable, the associated interfaces security. Since packets with link-local destination addresses should
cannot be attacked from an off-link device. This implies less effort not be routed, it is very difficult to attack the associated
around maintaining security ACLs. interfaces from an off-link device. This implies less effort around
maintaining security ACLs.
Countering this advantage are various disadvantages to unnumbered Countering this advantage are various disadvantages to unnumbered
links in IPv6: interfaces in IPv6:
o It is not possible to ping an interface that has only a link-local o It is not possible to ping an interface that has only a link-local
address from a device that is not directly attached to the link. address from a device that is not directly attached to the link.
Thus, to troubleshoot, one must typically log into a device that Thus, to troubleshoot, one must typically log into a device that
is directly attached to the device in question, and execute the is directly attached to the device in question, and execute the
ping from there. ping from there.
o A traceroute passing over the unnumbered link will return the o A traceroute passing over the unnumbered link will return the
loopback or system address of the router, rather than the address loopback or system address of the router, rather than the address
of the interface itself. of the interface itself.
skipping to change at page 5, line 45 skipping to change at page 5, line 45
It should be noted that it is quite possible for the same link-local It should be noted that it is quite possible for the same link-local
address to be assigned to multiple interfaces. This can happen address to be assigned to multiple interfaces. This can happen
because the MAC address is duplicated (due to manufacturing process because the MAC address is duplicated (due to manufacturing process
defaults or the use of virtualization), because a device deliberately defaults or the use of virtualization), because a device deliberately
re-uses automatically-assigned link-local addresses on different re-uses automatically-assigned link-local addresses on different
links, or because an operator manually assigns the same easy-to-type links, or because an operator manually assigns the same easy-to-type
link-local address to multiple interfaces. All these are allowed in link-local address to multiple interfaces. All these are allowed in
IPv6 as long as the addresses are used on different links. IPv6 as long as the addresses are used on different links.
For more discussion on the pros and cons, see For more discussion on the pros and cons, see [RFC7404]. See also
[I-D.ietf-opsec-lla-only]. See also [RFC5375] for IPv6 unicast [RFC5375] for IPv6 unicast address assignment considerations.
address assignment considerations.
Today, most operators use numbered links (option b). Today, most operators use numbered interfaces (option b).
2.2. Static Routes 2.2. Static Routes
2.2.1. Link-Local Next-Hop in a Static Route? 2.2.1. Link-Local Next-Hop in a Static Route?
What form of next-hop address should one use in a static route? For the most part, the use of static routes in IPv6 parallels their
use in IPv4. There is, however, one exception, which revolves around
the choice of next-hop address in the static route. Specifically,
should an operator:
a. Use the far-end's link-local address as the next-hop address, OR a. Use the far-end's link-local address as the next-hop address, OR
b. Use the far-end's GUA/ULA address as the next-hop address? b. Use the far-end's GUA/ULA address as the next-hop address?
Recall that the IPv6 specs for OSPF [RFC5340] and ISIS [RFC5308] Recall that the IPv6 specs for OSPF [RFC5340] and ISIS [RFC5308]
dictate that they always use link-locals for next-hop addresses. For dictate that they always use link-locals for next-hop addresses. For
static routes, [RFC4861] section 8 says: static routes, [RFC4861] section 8 says:
A router MUST be able to determine the link-local address for each A router MUST be able to determine the link-local address for each
skipping to change at page 6, line 45 skipping to change at page 7, line 4
cases, the above text from RFC 4861 notwithstanding, either a GUA or cases, the above text from RFC 4861 notwithstanding, either a GUA or
ULA must be used. ULA must be used.
Furthermore, many network operators are concerned about the Furthermore, many network operators are concerned about the
dependency of the default link-local address on an underlying MAC dependency of the default link-local address on an underlying MAC
address, as described in the previous section. address, as described in the previous section.
Today most operators use GUAs as next-hop addresses. Today most operators use GUAs as next-hop addresses.
2.3. IGPs 2.3. IGPs
2.3.1. IGP Choice 2.3.1. IGP Choice
One of the main decisions for an IPv6 implementer is the choice of One of the main decisions for an IPv6 implementer is the choice of
IGP (Interior Gateway Protocol) within the network. The primary IGP (Interior Gateway Protocol) within the network. The primary
choices are the IETF protocols of RIP [RFC2080], OSPF [RFC2328] options are OSPF [RFC2328] [RFC5340] or IS-IS [RFC5120] [RFC5308],
[RFC5340] and IS-IS [RFC5120] [RFC5308], though some operators may though some operators may consider RIP [RFC2080] or non-standardized
consider non-IETF protocols. Here we limit our discussion to the protocols. Here we limit our discussion to the pros and cons of OSPF
pros and cons of OSPF vs. IS-IS. vs. IS-IS.
Considering just OSPF vs. IS-IS, the discussion in this section The discussion in this section revolves around the options in the
revolves around the options in the table below: table below:
+--------+--------+---------+---------+------------+----------------+ +--------+--------+---------+---------+------------+----------------+
| Option | IGP | IGP for | Known | Hard | Similar | | Option | IGP | IGP for | Known | Hard | Similar |
| | for | IPv6 | to work | separation | configuration | | | for | IPv6 | to work | separation | configuration |
| | IPv4 | | well | | possible | | | IPv4 | | well | | possible |
+--------+--------+---------+---------+------------+----------------+ +--------+--------+---------+---------+------------+----------------+
| | | | | | | | | | | | | |
+--------+--------+---------+---------+------------+----------------+ +--------+--------+---------+---------+------------+----------------+
| a | IS-IS | IS-IS | YES | - | YES | | a | IS-IS | IS-IS | YES | - | YES |
+--------+--------+---------+---------+------------+----------------+ +--------+--------+---------+---------+------------+----------------+
skipping to change at page 7, line 42 skipping to change at page 7, line 48
+--------+--------+---------+---------+------------+----------------+ +--------+--------+---------+---------+------------+----------------+
Three of the options above are marked as "Known to work well". These Three of the options above are marked as "Known to work well". These
options have seen significant deployments and are generally options have seen significant deployments and are generally
considered to be good choices. The other options represent valid considered to be good choices. The other options represent valid
choices, but have not seen widespread use, so it is hard to offer choices, but have not seen widespread use, so it is hard to offer
comments on how well they work. In particular, options (e) and (f) comments on how well they work. In particular, options (e) and (f)
use OSPFv3 to route IPv4 [RFC5838], which is still rather new and use OSPFv3 to route IPv4 [RFC5838], which is still rather new and
untested. untested.
A number of options are marked "Gives hard separation". These A number of options are marked "Hard separation". These options use
options use a different IGP for IPv4 vs IPv6. With these options, a a different IGP for IPv4 vs IPv6. With these options, a problem with
problem with routing IPv6 is unlikely to affect IPv4 or visa-versa. routing IPv6 is unlikely to affect IPv4 or visa-versa.
Three options are marked "Similar configuration possible". This Three options are marked "Similar configuration possible". This
means it is possible (but not required) to use very similar IGP means it is possible (but not required) to use very similar IGP
configuration for IPv4 and IPv6: for example, the same area configuration for IPv4 and IPv6: for example, the same area
boundaries, area numbering, link costing, etc. If you are happy with boundaries, area numbering, link costing, etc. If you are happy with
your IPv4 IGP design, then this will likely be a consideration. By your IPv4 IGP design, then this will likely be a consideration. By
contrast, the options that uses IS-IS for one IP version and OSPF for contrast, the options that use IS-IS for one IP version and OSPF for
the other version will require quite different configuration, and the other version will require considerably different configuration,
will also require the operations staff to become familiar with the and will also require the operations staff to become familiar with
difference between the two protocols. the difference between the two protocols.
With option (a), there is an additional choice of whether to run IS- With option (a), there is an additional choice of whether to run IS-
IS in single-topology mode (where IPv4 and IPv6 share a single IS in single-topology mode (where IPv4 and IPv6 share a single
topology and a single set of link costs[RFC5308]) or multi-topology topology and a single set of link costs[RFC5308]) or multi-topology
mode (where IPv4 and IPv6 have separate topologies and potentially mode (where IPv4 and IPv6 have separate topologies and potentially
different link costs[RFC5120]). A big problem with single-topology different link costs[RFC5120]). A big problem with single-topology
mode is that it cannot easily accommodate devices that support mode is that it cannot easily accommodate devices that support
IPv4-only or IPv6-only. Thus, today there is general agreement that IPv4-only or IPv6-only. Thus, today there is general agreement that
multi-topology is the right choice as this gives the greatest multi-topology is the right choice as this gives the greatest
flexibility in network design. flexibility in network design.
It should be noted that a number of ISPs have run OSPF as their IPv4 It should be noted that a number of ISPs have run OSPF as their IPv4
IGP for quite a few years, but have selected IS-IS as their IPv6 IGP. IGP for quite a few years, but have selected IS-IS as their IPv6 IGP.
However, there are very few (none?) that have made the reverse However, there are very few (none?) that have made the reverse
choice. This is, in part, because routers generally support more choice. This is, in part, because routers generally support more
nodes in an IS-IS area than in the corresponding OSPF area, and nodes in an IS-IS area than in the corresponding OSPF area, and
because IS-IS is seen as more secure because it runs at layer 2. because IS-IS is seen as more secure because it runs at layer 2.
2.4. BGP 2.4. BGP
The discussion in this section revolves around the following table. 2.4.1. Which Transport for Which Routes?
+----------------+-----------+-------------------+ BGP these days is multi-protocol. It can carry routes from many
| Route Family | Transport | Comments | different families, and it can do this when the BGP session, or more
+----------------+-----------+-------------------+ accurately the underlying TCP connection, runs over either IPv4 or
| | | | IPv6 (here referred to as either "IPv4 transport" or "IPv6
+----------------+-----------+-------------------+ transport"). Given this flexibility, one of the biggest questions
| Unlabeled IPv4 | IPv4 | Works well | when deploying BGP in a dual-stack network is the question of which
+----------------+-----------+-------------------+ routes should be carried over sessions using IPv4 transport and which
| Unlabeled IPv4 | IPv6 | Next-hop issues | should be carried over sessions using IPv6 transport.
+----------------+-----------+-------------------+
| Unlabeled IPv6 | IPv4 | Next-hop issues |
+----------------+-----------+-------------------+
| Unlabeled IPv6 | IPv6 | Works well |
+----------------+-----------+-------------------+
| | | |
+----------------+-----------+-------------------+
| Labeled IPv4 | IPv4 | Works well |
+----------------+-----------+-------------------+
| Labeled IPv4 | IPv6 | Next-hop issues |
+----------------+-----------+-------------------+
| Labeled IPv6 | IPv4 | (6PE) Works well |
+----------------+-----------+-------------------+
| Labeled IPv6 | IPv6 | ??? |
+----------------+-----------+-------------------+
| | | |
+----------------+-----------+-------------------+
| VPN IPv4 | IPv4 | Works well |
+----------------+-----------+-------------------+
| VPN IPv4 | IPv6 | Next-hop issues |
+----------------+-----------+-------------------+
| VPN IPv6 | IPv4 | (6VPE) Works well |
+----------------+-----------+-------------------+
| VPN IPv6 | IPv6 | ??? |
+----------------+-----------+-------------------+
The first column lists various route families, where "unlabeled" To answer this question, consider the following table:
means SAFI 1, "labeled" means SAFI 4, and "VPN" means SAFI 128. The
second column lists the protocol used to transport the BGP session, +----------------+-----------+----------------------+
frequently specified by giving either an IPv4 or IPv6 address in the | Route Family | Transport | Comments |
"neighbor" statement. +----------------+-----------+----------------------+
| | | |
+----------------+-----------+----------------------+
| Unlabeled IPv4 | IPv4 | Works well |
+----------------+-----------+----------------------+
| Unlabeled IPv4 | IPv6 | Next-hop issues |
+----------------+-----------+----------------------+
| Unlabeled IPv6 | IPv4 | Next-hop issues |
+----------------+-----------+----------------------+
| Unlabeled IPv6 | IPv6 | Works well |
+----------------+-----------+----------------------+
| | | |
+----------------+-----------+----------------------+
| Labeled IPv4 | IPv4 | Works well |
+----------------+-----------+----------------------+
| Labeled IPv4 | IPv6 | Next-hop issues |
+----------------+-----------+----------------------+
| Labeled IPv6 | IPv4 | (6PE) Works well |
+----------------+-----------+----------------------+
| Labeled IPv6 | IPv6 | Needs MPLS over IPv6 |
+----------------+-----------+----------------------+
| | | |
+----------------+-----------+----------------------+
| VPN IPv4 | IPv4 | Works well |
+----------------+-----------+----------------------+
| VPN IPv4 | IPv6 | Next-hop issues |
+----------------+-----------+----------------------+
| VPN IPv6 | IPv4 | (6VPE) Works well |
+----------------+-----------+----------------------+
| VPN IPv6 | IPv6 | Needs MPLS over IPv6 |
+----------------+-----------+----------------------+
The first column in this table lists various route families, where
"unlabeled" means SAFI 1, "labeled" means the routes carry an MPLS
label (SAFI 4, see [RFC3107]), and "VPN" means the routes are
normally associated with a layer-3 VPN (SAFI 128, see [RFC4364] ).
The second column lists the protocol used to transport the BGP
session, frequently specified by giving either an IPv4 or IPv6
address in the "neighbor" statement.
The third column comments on the combination in the first two The third column comments on the combination in the first two
columns: columns:
o For combinations marked "Works well", these combinations are o For combinations marked "Works well", these combinations are
widely supported and are generally recommended. widely supported and are generally recommended.
o For combinations marked "Next-hop issues", these combinations are o For combinations marked "Next-hop issues", these combinations are
less-widely supported and when supported, often have next-hop less-widely supported and when supported, often have next-hop
issues. That is, the next-hop address is typically a v4-mapped issues. That is, the next-hop address is typically a v4-mapped
IPv6 address, which is based on some IPv4 address on the sending IPv6 address, which is based on some IPv4 address on the sending
router. This v4-mapped IPv6 address is often not reachable by router. This v4-mapped IPv6 address is often not reachable by
default using IPv6 routing. One common solution to this problem default using IPv6 routing. One common solution to this problem
is to use routing policy to change the next-hop to a different is to use routing policy to change the next-hop to a different
IPv6 address. IPv6 address.
o For combinations marked as "???", it is believed that these o For combinations marked as "Needs MPLS over IPv6", these require
combinations will not be supported until MPLS over IPv6 becomes MPLS over IPv6 for full support, though special policy
available. [Need to Confirm]. configuration may allow them to be used with MPLS over IPv4.
Also, it is important to note that changing the set of address Also, it is important to note that changing the set of address
families being carried over a BGP session requires the BGP session to families being carried over a BGP session requires the BGP session to
be reset (unless something like [I-D.ietf-idr-dynamic-cap] or be reset (unless something like [I-D.ietf-idr-dynamic-cap] or
[I-D.ietf-idr-bgp-multisession] is in use). This is generally more [I-D.ietf-idr-bgp-multisession] is in use). This is generally more
of an issue with eBGP sessions than iBGP sessions: for iBGP sessions of an issue with eBGP sessions than iBGP sessions: for iBGP sessions
it is common practice for a router to have to two iBGP sessions, one it is common practice for a router to have two iBGP sessions, one to
to each member of a route reflector pair, and so one can change the each member of a route reflector pair, so one can change the set of
set of address families on first one session and then the other. address families on first one of the sessions and then the other.
The following subsections discuss specific scenarios in more detail. The following subsections discuss specific scenarios in more detail.
2.4.1. BGP Sessions for Unlabeled Routes 2.4.1.1. BGP Sessions for Unlabeled Routes
Unlabeled routes are commonly carried on eBGP sessions, as well as on Unlabeled routes are commonly carried on eBGP sessions, as well as on
iBGP sessions in networks where Internet traffic is carried unlabeled iBGP sessions in networks where Internet traffic is carried unlabeled
across the network. In these scenarios, operators today most across the network. In these scenarios, operators today most
commonly use two BGP sessions: one session is transported over IPv4 commonly use two BGP sessions: one session is transported over IPv4
and carries the unlabeled IPv4 routes, while the second session is and carries the unlabeled IPv4 routes, while the second session is
transported over IPv6 and carries the unlabeled IPv6 routes. transported over IPv6 and carries the unlabeled IPv6 routes.
There are several reasons for this choice: There are several reasons for this choice:
o It gives a clean separation between IPv4 and IPv6. o It gives a clean separation between IPv4 and IPv6. This can be
especially useful when first deploying IPv6 and troubleshooting
resulting problems.
o This avoids the next-hop problem described in note 1 above. o This avoids the next-hop problem described in note 1 above.
o The status of the routes follows the status of the underlying o The status of the routes follows the status of the underlying
transport. If, for example, the IPv6 data path between the two transport. If, for example, the IPv6 data path between the two
BGP speakers fails, then the IPv6 session between the two speakers BGP speakers fails, then the IPv6 session between the two speakers
will fail and the IPv6 routes will be withdrawn, which will allow will fail and the IPv6 routes will be withdrawn, which will allow
the traffic to be re-routed elsewhere. By contrast, if the IPv6 the traffic to be re-routed elsewhere. By contrast, if the IPv6
routes were transported over IPv4, then the failure of the IPv6 routes were transported over IPv4, then the failure of the IPv6
data path might leave a working IPv4 data path, so the BGP session data path might leave a working IPv4 data path, so the BGP session
would remain up and the IPv6 routes would not be withdrawn, and would remain up and the IPv6 routes would not be withdrawn, and
thus the IPv6 traffic would be sent into a black hole. thus the IPv6 traffic would be sent into a black hole.
o It avoids resetting the BGP session when adding IPv6 to an o It avoids resetting the BGP session when adding IPv6 to an
existing session, or when removing IPv4 from an existing session. existing session, or when removing IPv4 from an existing session.
2.4.2. BGP sessions for Labeled or VPN Routes 2.4.1.2. BGP sessions for Labeled or VPN Routes
In these scenarios, it is most common today to carry both the IPv4 In these scenarios, it is most common today to carry both the IPv4
and IPv6 routes over sessions transported over IPv4. This can be and IPv6 routes over sessions transported over IPv4. This can be
done with either: (a) one session carrying both route families, or done with either: (a) one session carrying both route families, or
(b) two sessions, one for each family. (b) two sessions, one for each family.
Using a single session is usually appropriate for an iBGP session Using a single session is usually appropriate for an iBGP session
going to a route reflector handling both route families. Using a going to a route reflector handling both route families. Using a
single session here usually means that the BGP session will reset single session here usually means that the BGP session will reset
when changing the set of address families, but as noted above, this when changing the set of address families, but as noted above, this
is usually not a problem when redundant route reflectors are is usually not a problem when redundant route reflectors are
involved. involved.
In eBGP situations, two sessions are usually more appropriate. In eBGP situations, two sessions are usually more appropriate.
2.4.3. eBGP Endpoints: Global or Link-Local Addresses? 2.4.2. eBGP Endpoints: Global or Link-Local Addresses?
When running eBGP over IPv6, there are two options for the addresses When running eBGP over IPv6, there are two options for the addresses
to use at each end of the eBGP session (or more properly, the to use at each end of the eBGP session (or more properly, the
underlying TCP session): underlying TCP session):
a. Use link-local addresses for the eBGP session, OR a. Use link-local addresses for the eBGP session, OR
b. Use global addresses for the eBGP session. b. Use global addresses for the eBGP session.
Note that the choice here is the addresses to use for the eBGP Note that the choice here is the addresses to use for the eBGP
sessions, and not whether the link itself has global (or unique- sessions, and not whether the link itself has global (or unique-
local) addresses. In particular, it is quite possible for the eBGP local) addresses. In particular, it is quite possible for the eBGP
session to use link-local addresses even when the link has global session to use link-local addresses even when the link has global
addresses. addresses.
The big attraction for option (a) is security: an eBGP session using The big attraction for option (a) is security: an eBGP session using
link-local addresses is impossible to attack from a device that is link-local addresses is extremely difficult to attack from a device
off-link. This provides very strong protection against TCP RST and that is off-link. This provides very strong protection against TCP
similar attacks. Though there are other ways to get an equivalent RST and similar attacks. Though there are other ways to get an
level of security (e.g. GTSM [RFC5082], MD5 [RFC5925], or ACLs), equivalent level of security (e.g. GTSM [RFC5082], MD5 [RFC5925], or
these other ways require additional configuration which can be ACLs), these other ways require additional configuration which can be
forgotten or potentially mis-configured. forgotten or potentially mis-configured.
However, there are a number of small disadvantages to using link- However, there are a number of small disadvantages to using link-
local addresses: local addresses:
o Using link-local addresses only works for single-hop eBGP o Using link-local addresses only works for single-hop eBGP
sessions; it does not work for multi-hop sessions. sessions; it does not work for multi-hop sessions.
o One must use "next-hop self" at both endpoints, otherwise re- o One must use "next-hop self" at both endpoints, otherwise re-
advertising routes learned via eBGP into iBGP will not work. advertising routes learned via eBGP into iBGP will not work.
skipping to change at page 12, line 20 skipping to change at page 12, line 23
o Operators and their tools are used to referring to eBGP sessions o Operators and their tools are used to referring to eBGP sessions
by address only, something that is not possible with link-local by address only, something that is not possible with link-local
addresses. addresses.
o If one is configuring parallel eBGP sessions for IPv4 and IPv6 o If one is configuring parallel eBGP sessions for IPv4 and IPv6
routes, then using link-local addresses for the IPv6 session routes, then using link-local addresses for the IPv6 session
introduces extra operational differences between the two sessions introduces extra operational differences between the two sessions
which could otherwise be avoided. which could otherwise be avoided.
o On some products, an eBGP session using a link-local address is o On some products, an eBGP session using a link-local address is
more complex to configure than a session that use a global more complex to configure than a session that uses a global
address. address.
o If hardware or other issues cause one to move the cable to a o If hardware or other issues cause one to move the cable to a
different local interface, then reconfiguration is required at different local interface, then reconfiguration is required at
both ends: at the local end because the interface has changed (and both ends: at the local end because the interface has changed (and
with link-local addresses, the interface must always be specified with link-local addresses, the interface must always be specified
along with the address), and at the remote end because the link- along with the address), and at the remote end because the link-
local address has likely changed. (Contrast this with using local address has likely changed. (Contrast this with using
global addresses, where less re-configuration is required at the global addresses, where less re-configuration is required at the
local end, and no reconfiguration is required at the remote end). local end, and no reconfiguration is required at the remote end).
o Finally, a strict interpretation of RFC 2545 can be seen as o Finally, a strict application of [RFC2545] forbids running eBGP
forbidding running eBGP between link-local addresses, as RFC 2545 between link-local addresses, as [RFC2545] requires the BGP next-
requires the BGP next-hop field to contain at least a global hop field to contain at least a global address.
address.
For these reasons, most operators today choose to have their eBGP For these reasons, most operators today choose to have their eBGP
sessions use global addresses. sessions use global addresses.
3. General Observations 3. General Observations
There are two themes that run though many of the design choices in There are two themes that run though many of the design choices in
this document. This section presents some general discussion on this document. This section presents some general discussion on
these two themes. these two themes.
3.1. Use of Link-Local Addresses 3.1. Use of Link-Local Addresses
The proper use of link-local addresses is a common theme in the IPv6 The proper use of link-local addresses is a common theme in the IPv6
network design choices. Link-layer addresses are, of course, always network design choices. Link-layer addresses are, of course, always
present in an IPv6 network, but current network design practice present in an IPv6 network, but current network design practice
mostly ignores them, despite efforts such as mostly ignores them, despite efforts such as [RFC7404].
[I-D.ietf-opsec-lla-only].
There are three main reasons for this current practice: There are three main reasons for this current practice:
o Network operators are concerned about the volatility of link-local o Network operators are concerned about the volatility of link-local
addresses based on MAC addresses, despite the fact that this addresses based on MAC addresses, despite the fact that this
concern can be overcome by manually-configuring link-local concern can be overcome by manually-configuring link-local
addresses; addresses;
o It is impossible to ping a link-local address from a device that o It is very difficult to impossible to ping a link-local address
is not on the same subnet. This is a troubleshooting from a device that is not on the same subnet. This is a
disadvantage, though it can also be viewed as a security troubleshooting disadvantage, though it can also be viewed as a
advantage. security advantage.
o Most operators are currently running networks that carry both IPv4 o Most operators are currently running networks that carry both IPv4
and IPv6 traffic, and wish to harmonize their IPv4 and IPv6 design and IPv6 traffic, and wish to harmonize their IPv4 and IPv6 design
and operational practices where possible. and operational practices where possible.
3.2. Separation of IPv4 and IPv6 3.2. Separation of IPv4 and IPv6
Currently, most operators are running or planning to run networks Currently, most operators are running or planning to run networks
that carry both IPv4 and IPv6 traffic. Hence the question: To what that carry both IPv4 and IPv6 traffic. Hence the question: To what
degree should IPv4 and IPv6 be kept separate? As can be seen above, degree should IPv4 and IPv6 be kept separate? As can be seen above,
skipping to change at page 14, line 11 skipping to change at page 14, line 11
between the control and data plane for each IP protocol version: if between the control and data plane for each IP protocol version: if
the data plane fails for some reason, then often the control plane the data plane fails for some reason, then often the control plane
will too. will too.
4. IANA Considerations 4. IANA Considerations
This document makes no requests of IANA. This document makes no requests of IANA.
5. Security Considerations 5. Security Considerations
(TBD) This document introduces no new security considerations that are not
already documented elsewhere.
The following is a brief list of pointers to documents related to the
topics covered above that the reader may wish to review for security
considerations.
For general IPv6 security, [RFC4942] provides guidance on security
considerations around IPv6 transition and coexistence.
For OSPFv3, the base protocol specification [RFC5340] has a short
security considerations section which notes that the fundamental
mechanism for protecting OSPFv3 from attacks is the mechanism
described in [RFC4552].
For IS-IS, [RFC5308] notes that ISIS for IPv6 raises no new security
considerations over ISIS for IPv4 over those documented in [ISO10589]
and [RFC5304].
For BGP, [RFC2545] notes that BGP for IPv6 raises no new security
considerations over those present in BGP for IPv4. However, there
has been much discussion of BGP security recently, and the interested
reader is referred to the documents of the IETF's SIDR working group.
6. Acknowledgements 6. Acknowledgements
Many, many people in the V6OPS working group provided comments and Many, many people in the V6OPS working group provided comments and
suggestions that made their way into this document. A partial list suggestions that made their way into this document. A partial list
includes: Rajiv Asati, Fred Baker, Michael Behringer, Marc Blanchet, includes: Rajiv Asati, Fred Baker, Michael Behringer, Marc Blanchet,
Ron Bonica, Randy Bush, Cameron Byrne, Brian Carpenter, KK Ron Bonica, Randy Bush, Cameron Byrne, Brian Carpenter, KK
Chittimaneni, Tim Chown, Lorenzo Colitti, Gert Doering, Bill Fenner, Chittimaneni, Tim Chown, Lorenzo Colitti, Gert Doering, Francis
Kedar K Gaonkar, Chris Grundemann, Steinar Haug, Ray Hunter, Joel Dupont, Bill Fenner, Kedar K Gaonkar, Chris Grundemann, Steinar Haug,
Jaeggli, Victor Kuarsingh, Ivan Pepelnjak, Alexandru Petrescu, Rob Ray Hunter, Joel Jaeggli, Victor Kuarsingh, Jen Linkova, Ivan
Shakir, Mark Smith, Jean-Francois Tremblay, Tina Tsou, Dan York, and Pepelnjak, Alexandru Petrescu, Rob Shakir, Mark Smith, Jean-Francois
Tremblay, Dave Thaler, Tina Tsou, Eric Vyncke, Dan York, and
Xuxiaohu. Xuxiaohu.
The authors would also like to thank Pradeep Jain and Alastair The authors would also like to thank Pradeep Jain and Alastair
Johnson for helpful comments on a very preliminary version of this Johnson for helpful comments on a very preliminary version of this
document. document.
7. Informative References 7. Informative References
[I-D.ietf-idr-bgp-multisession] [I-D.ietf-idr-bgp-multisession]
Scudder, J., Appanna, C., and I. Varlashkin, "Multisession Scudder, J., Appanna, C., and I. Varlashkin, "Multisession
BGP", draft-ietf-idr-bgp-multisession-07 (work in BGP", draft-ietf-idr-bgp-multisession-07 (work in
progress), September 2012. progress), September 2012.
[I-D.ietf-idr-dynamic-cap] [I-D.ietf-idr-dynamic-cap]
Ramachandra, S. and E. Chen, "Dynamic Capability for BGP- Ramachandra, S. and E. Chen, "Dynamic Capability for BGP-
4", draft-ietf-idr-dynamic-cap-14 (work in progress), 4", draft-ietf-idr-dynamic-cap-14 (work in progress),
December 2011. December 2011.
[I-D.ietf-opsec-lla-only] [I-D.ietf-v6ops-ula-usage-recommendations]
Behringer, M. and E. Vyncke, "Using Only Link-Local Liu, B. and S. Jiang, "Considerations For Using Unique
Addressing Inside an IPv6 Network", draft-ietf-opsec-lla- Local Addresses", draft-ietf-v6ops-ula-usage-
only-10 (work in progress), July 2014. recommendations-04 (work in progress), October 2014.
[I-D.ietf-v6ops-enterprise-incremental-ipv6] [ISO10589]
Chittimaneni, K., Chown, T., Howard, L., Kuarsingh, V., International Standards Organization, "Intermediate system
Pouffary, Y., and E. Vyncke, "Enterprise IPv6 Deployment to Intermediate system intra-domain routeing information
Guidelines", draft-ietf-v6ops-enterprise-incremental- exchange protocol for use in conjunction with the protocol
ipv6-06 (work in progress), July 2014. for providing the connectionless-mode Network Service (ISO
8473)", International Standard 10589:2002, Nov 2002.
[RFC2080] Malkin, G. and R. Minnear, "RIPng for IPv6", RFC 2080, [RFC2080] Malkin, G. and R. Minnear, "RIPng for IPv6", RFC 2080,
January 1997. January 1997.
[RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998. [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328, April 1998.
[RFC2545] Marques, P. and F. Dupont, "Use of BGP-4 Multiprotocol
Extensions for IPv6 Inter-Domain Routing", RFC 2545, March
1999.
[RFC3107] Rekhter, Y. and E. Rosen, "Carrying Label Information in
BGP-4", RFC 3107, May 2001.
[RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, February 2006.
[RFC4472] Durand, A., Ihren, J., and P. Savola, "Operational [RFC4472] Durand, A., Ihren, J., and P. Savola, "Operational
Considerations and Issues with IPv6 DNS", RFC 4472, April Considerations and Issues with IPv6 DNS", RFC 4472, April
2006. 2006.
[RFC4552] Gupta, M. and N. Melam, "Authentication/Confidentiality
for OSPFv3", RFC 4552, June 2006.
[RFC4852] Bound, J., Pouffary, Y., Klynsma, S., Chown, T., and D. [RFC4852] Bound, J., Pouffary, Y., Klynsma, S., Chown, T., and D.
Green, "IPv6 Enterprise Network Analysis - IP Layer 3 Green, "IPv6 Enterprise Network Analysis - IP Layer 3
Focus", RFC 4852, April 2007. Focus", RFC 4852, April 2007.
[RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
"Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
September 2007. September 2007.
[RFC4942] Davies, E., Krishnan, S., and P. Savola, "IPv6 Transition/
Co-existence Security Considerations", RFC 4942, September
2007.
[RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., and C. [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., and C.
Pignataro, "The Generalized TTL Security Mechanism Pignataro, "The Generalized TTL Security Mechanism
(GTSM)", RFC 5082, October 2007. (GTSM)", RFC 5082, October 2007.
[RFC5120] Przygienda, T., Shen, N., and N. Sheth, "M-ISIS: Multi [RFC5120] Przygienda, T., Shen, N., and N. Sheth, "M-ISIS: Multi
Topology (MT) Routing in Intermediate System to Topology (MT) Routing in Intermediate System to
Intermediate Systems (IS-ISs)", RFC 5120, February 2008. Intermediate Systems (IS-ISs)", RFC 5120, February 2008.
[RFC5304] Li, T. and R. Atkinson, "IS-IS Cryptographic
Authentication", RFC 5304, October 2008.
[RFC5308] Hopps, C., "Routing IPv6 with IS-IS", RFC 5308, October [RFC5308] Hopps, C., "Routing IPv6 with IS-IS", RFC 5308, October
2008. 2008.
[RFC5340] Coltun, R., Ferguson, D., Moy, J., and A. Lindem, "OSPF [RFC5340] Coltun, R., Ferguson, D., Moy, J., and A. Lindem, "OSPF
for IPv6", RFC 5340, July 2008. for IPv6", RFC 5340, July 2008.
[RFC5375] Van de Velde, G., Popoviciu, C., Chown, T., Bonness, O., [RFC5375] Van de Velde, G., Popoviciu, C., Chown, T., Bonness, O.,
and C. Hahn, "IPv6 Unicast Address Assignment and C. Hahn, "IPv6 Unicast Address Assignment
Considerations", RFC 5375, December 2008. Considerations", RFC 5375, December 2008.
skipping to change at page 16, line 15 skipping to change at page 17, line 15
[RFC6342] Koodli, R., "Mobile Networks Considerations for IPv6 [RFC6342] Koodli, R., "Mobile Networks Considerations for IPv6
Deployment", RFC 6342, August 2011. Deployment", RFC 6342, August 2011.
[RFC6782] Kuarsingh, V. and L. Howard, "Wireline Incremental IPv6", [RFC6782] Kuarsingh, V. and L. Howard, "Wireline Incremental IPv6",
RFC 6782, November 2012. RFC 6782, November 2012.
[RFC6883] Carpenter, B. and S. Jiang, "IPv6 Guidance for Internet [RFC6883] Carpenter, B. and S. Jiang, "IPv6 Guidance for Internet
Content Providers and Application Service Providers", RFC Content Providers and Application Service Providers", RFC
6883, March 2013. 6883, March 2013.
[RFC7381] Chittimaneni, K., Chown, T., Howard, L., Kuarsingh, V.,
Pouffary, Y., and E. Vyncke, "Enterprise IPv6 Deployment
Guidelines", RFC 7381, October 2014.
[RFC7404] Behringer, M. and E. Vyncke, "Using Only Link-Local
Addressing inside an IPv6 Network", RFC 7404, November
2014.
[v6-addressing-plan]
SurfNet, "Preparing an IPv6 Address Plan", 2013,
<http://www.ripe.net/lir-services/training/material/
IPv6-for-LIRs-Training-Course/
Preparing-an-IPv6-Addressing-Plan.pdf>.
Authors' Addresses Authors' Addresses
Philip Matthews Philip Matthews
Alcatel-Lucent Alcatel-Lucent
600 March Road 600 March Road
Ottawa, Ontario K2K 2E6 Ottawa, Ontario K2K 2E6
Canada Canada
Phone: +1 613-784-3139 Phone: +1 613-784-3139
Email: philip_matthews@magma.ca Email: philip_matthews@magma.ca
 End of changes. 57 change blocks. 
173 lines changed or deleted 249 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/