The second in a collection of blogs all through 2025 highlighting the state of IPv6 throughout the business, finest practices to think about, and the way Cisco helps prospects on their journeys with its services.
IPv6 Is Right here to Keep
As we mentioned in our earlier submit, IPv6 has lastly arrived and is right here to remain, with all measurements and information shortly pointing in the direction of an IPv6-dominant future. So, what do private and non-private sector organizations have to do to arrange for this variation that’s occurring proper below our toes? Clearly coaching and schooling can be mandatory for IT groups, and full stock can be wanted (what property and techniques are both prepared now, could be prepared through future software program replace, or will must be segmented off and/or refreshed over time). However an typically ignored, but highly effective, piece of the puzzle is the acquisition of IPv6 tackle house and its correct allocation.
Greedy the Scale of IPv6 Deal with Area
It’s no secret that IPv6 has a bigger house, however simply how a lot bigger? Now we have moved from 32-bits to 128-bits, however how can we wrap our heads round that? How does 4.3 billion (4,294,967,296) examine to 340 undecillion (340,282,366,920,938,463,463,374,607,431,768,211,456)? An analogy I like to make use of is that this: if all 4.3 billion IPv4 addresses might slot in 1-inch (2.54 cm), then the IPv6 house would cowl twice the size of the observable universe. The numbers are actually astronomical! And it means we’re free of the burden of the constrained considering that IPv4 introduced with it.
Transferring Past IPv4 Constraints
We beforehand cared about maximizing the effectivity of our tackle house, making an attempt to squeeze each final bit out of IPv4 allocation lest something go to waste. We launched applied sciences like VLSM, CIDR, and NAT (mixed with RFC 1918 non-public tackle house) to increase the lifetime of IPv4. (And it ought to be acknowledged these labored splendidly nicely – shopping for us not simply a few years, however a few many years). Nevertheless it’s time to desert this constraint mentality and embrace the liberty that 2128 offers.
Rethinking Subnets
We now not need to rely the variety of hosts on our subnets – we are going to use a /64 prefix for each user-facing subnet. Half of our 128-bit tackle will symbolize the prefix (or “subnet” or “community” as these are sometimes used interchangeably), and half will symbolize the interface identifier (typically referred to as a “host ID”). This will likely appear extremely wasteful, however it’s how the protocol was designed. And as RFC 7421 highlights, many issues begin to break in the event you diverge from /64 boundary. So, whether or not you might have 2 nodes, or 2 trillion (!) nodes on a single /64 subnet, 99.99+% of the addresses house on that subnet will go unused. And whereas surprising to listen to at first, it’s fairly liberating as soon as accepted.
We’re now not below the onus of counting (or predicting) the variety of hosts anticipated to reside on every subnet, and making an attempt to dimension appropriately: not making the subnet too small and being unable to suit all of the hosts, but additionally not making it too large when these potential addresses might be used elsewhere within the community. Now, all subnets will use a /64.
So what number of of those /64 subnets are wanted? Once more, throw away the IPv4 mentality of counting complete numbers. We will use the plentiful tackle house to create an IPv6 addressing plan that can look considerably totally different out of your IPv4 one. In case you are a corporation of any first rate dimension, go to your RIR (Regional Web Registry) – ARIN, RIPE NCC, APNIC, AFRINIC or LACNIC – and get an IPv6 allocation that’s a lot bigger than you suppose you would possibly want. It’s now customary for enterprises to obtain between a /29 and a /32, which give about 4 billion to 32 billion /64 subnets inside them, respectively. That is an thrilling change from the insurance policies of 10+ years in the past!
Benefits of Giant IPv6 Allocations
Whereas this can be very unlikely that you’ll use billions of subnets, these massive allocations present the pliability to begin eager about a hierarchical addressing plan, the place every layer within the hierarchy takes on some significance referring to both possession (campus/department vs. cloud infrastructure vs. colocation facility), geography, purposeful/logical place within the community, or plain subnet numbering (which could be mapped 1:1 to VLANs). Moreover, and really excitingly, every layer could be aligned with one nibble, that’s, 4 bits, or one hexadecimal character.
So somewhat than having an inconsistent mess of subnets, all of various sizes and fragmented throughout the complete community, we are able to now obtain consistency and ease whereas additionally having the ability to embed semantic that means within the tackle itself – nice for each troubleshooting and common operations and one thing that was practically inconceivable in IPv4. This could then additionally result in cleaner and less complicated routing tables and ACLs – a profit for each your networking and safety groups.
Embrace the IPv6 Alternative
Use this transition to IPv6 as a chance to begin contemporary and free yourselves from the shackles of IPv4 constraint. Get a big allocation out of your RIR and begin planning for a greater (addressed) future right this moment!
Share:
