Date: Tue, 17 May 2011 17:43:13 +0900 (JST) From: Hiroki Sato <hrs@FreeBSD.org> To: spork@bway.net Cc: freebsd-net@FreeBSD.org Subject: Re: IPv6 alias masks/masks for routed aliases Message-ID: <20110517.174313.868674729938461030.hrs@allbsd.org> In-Reply-To: <alpine.OSX.2.00.1105170300090.1983@hotlap.nat.fasttrackmonkey.com> References: <alpine.OSX.2.00.1105170300090.1983@hotlap.nat.fasttrackmonkey.com>
next in thread | previous in thread | raw e-mail | index | archive | help
----Security_Multipart(Tue_May_17_17_43_13_2011_264)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Charles Sprickman <spork@bway.net> wrote in <alpine.OSX.2.00.1105170300090.1983@hotlap.nat.fasttrackmonkey.com>: sp> First, the easy one. For IPv6 aliases, what is the proper subnet? Normally it is a /64. See also Section 2.5.4 in RFC 4291. sp> And the second one, which is also probably easy. We're going to move sp> at some point from a bunch of subnets on the same wire to having our sp> own router that gets our blocks routed to it. At that point I'd like sp> to move to routing individual IPs (or small subnets) to each host sp> behind the router. sp> sp> For example, say we have the following routed to our router: sp> sp> 10.1.0.0/27 sp> 10.2.0.0/27 sp> 10.3.0.0/27 sp> sp> All the hosts behind our router are in 10.1.0.0/27. I want to send sp> some IPs from 10.2.0.0/27 and 10.3.0.0/27 to a host at 10.1.0.2, so I sp> do the equivalent of "ip route 10.2.0.0 255.255.255.248 10.1.0.2" sp> (cisco speak) on the router box. How should the aliases on 10.1.0.2 sp> be defined? Should they all have /32 masks? Should the first get a sp> /29 and the rest a /32? sp> sp> Is this even a valid config? In reality, we have way more subnets, sp> totally non-contiguous, varying masks. With VRRP on the provider's sp> side, we immediately lose 2 IPs from each subnet in our current setup, sp> plus the network and broadcast IPs. I'm hoping that in a routed setup sp> I can regain not only the VRRP IPs but the top and bottom of each sp> subnet... Considering the scarcity of IPs these days, that would be a sp> big help. Well, I could not understand what you are trying... Is 10.1.0.2 located on 10.1.0.0/27 and acting as another nexthop router? If you want to split three subnets on a single wire into three subnets on three wires, simply configuring three /27 addresses to each interface on the router works. If you want to route a part of the traffic from specific addresses to a specific host, you can add a specific route for the address range. -- Hiroki ----Security_Multipart(Tue_May_17_17_43_13_2011_264)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iEYEABECAAYFAk3SNSEACgkQTyzT2CeTzy13YwCeL++0lPWWuDi3aCQBWiyg9O31 7rQAoLqt0tweIZpRLw+JFwMWsK1G4jPU =L1ZE -----END PGP SIGNATURE----- ----Security_Multipart(Tue_May_17_17_43_13_2011_264)----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110517.174313.868674729938461030.hrs>