Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1074
Views
0
Helpful
2
Replies

How to assign ipv6 addresses to internal sites

hmc2500
Level 1
Level 1

‎01-16-2024 10:14 AM - edited ‎01-16-2024 10:41 AM

 

I'm new to ipv6 ip addressing and have a few questions:

What type of ipv6 addresses would a company with global offices in each continent assign? The sites need to send traffic to internet and all other sites within the company (internal).  

I'm assuming a company should receive a range within the range 2000::/3 from their ISP for internet access. 
Should those 2000::/3 addresses only be used on public devices facing the internet such as firewalls etc?

I understand the equivalent of ipv4 private addresses are unique local ipv6 addresses (FD)
How will this work for sites that also need access to the internet? 

I understood there is no NAT in IPv6, so how would traffic from the unique local ipv6 addresses be routed to the internet?

Would you know of a use case for link local ip addresses

 

thanks.

Labels:
0 Helpful
2 Replies 2

M02@rt37
VIP
VIP

‎01-16-2024 12:26 PM

Hello @hmc2500 

Companies with global offices might assign global unicast addresses from the `2000::/3` range for their networks. Each office could be allocated a specific subnet within this global address space.

Yes, the `2000::/3` range is typically used for global unicast addresses. Devices facing the internet, like firewalls, would use these addresses. Internal communication within the company might use a separate range.

Unique local IPv6 addresses can be used for internal communication. For sites needing internet access, a combination of global unicast and ULA addresses can be employed. Routers at the edge of the network can perform address translation if necessary.

Link-local addresses (`fe80::/10`) are used for communication within a single link or subnet. They're typically automatically assigned and are crucial for local network operations, like neighbor discovery. They are not routable beyond the local link.

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

hmc2500
Level 1
Level 1
In response to M02@rt37

‎01-16-2024 09:26 PM - edited ‎01-16-2024 09:48 PM

Companies with global offices might assign global unicast addresses from the `2000::/3` range for their networks. Each office could be allocated a specific subnet within this global address space.

Networks in different regions would not be contiguous right?

 

Yes, the `2000::/3` range is typically used for global unicast addresses. Devices facing the internet, like firewalls, would use these addresses. Internal communication within the company might use a separate range.

So can we assign multiple IPv6 addresses to a single device? A global and ULA (FD) ipv6 address both on 1 interface of a device?

 

Unique local IPv6 addresses can be used for internal communication. For sites needing internet access, a combination of global unicast and ULA addresses can be employed. Routers at the edge of the network can perform address translation if necessary.

So IPv6 is still using NAT just like IPv4? I thought Nat in IPv6 was only used to tunnel through IPv4.

Or are the FD  IPv6 addresses Natted on a firewall to a 2000::/3 global ipv6 address similar to how Natting works with ipv4?

0 Helpful
Customers Also Viewed These Support Documents