Thanks for the reply!

I think I may have stated my question in a confusing way.

A IPv6 traceroute from HostA (2001::1:10) to HostB (2001::4:10) will look like this if Global addressing is used:

From HostA:

traceroute HostB:

1     2001::1:1

2     2001::2:2

3     2001::3:2

4     2001::4:10

Where as link-local addressing only will look like this right?  (IPv6 routers do not forward link-local sourced packets?)

From HostA:

traceroute HostB:

1     2001::1:1

2     *     *     *

3     *     *     *

4     2001::4:10

So if you had two criteria:

1.  You do not want to use Global addresses for point-to-point links

2.  You want traceroute to work

Could you use the Unique Local scope and traceroute would look like this:

1     2001::1:1

2     FDXX:XXXX:XXXX:2:2

3     FDXX:XXXX:XXXX:3:2

4     2001::4:10

Does this make more sense or am I totally missing a key point that everyone else understands?

It would work like that for you, yes. And if it is only your organization that will use the link it would work.

But a trace route would not work from another organization. That is what I meant.

If there is any chance you will expand its better to use global unicast addresses.

Sent from Cisco Technical Support iPad App

Thanks Stuart.  My assumption had been focused on intra-enterprise diagnostic tools.

Scott,

Let me break this down into some categories for you.

Address selection:

I believe that best practice is to use Global Unicast Addressing everywhere (coupled with a proper security policy at your edge). ULA was a compromise for Site Local never being properly defined and whilst it can be used in the same way as GUA I don't believe it is worth it. Irrespective of what you use (GUA or ULA), subject to your security and routing policy traceroute will work from both ends (e.g. you tracing out, someone tracing in)

Address masking:

The general rule of thumb is that you allocate /64s to eveything and then mask down to the appropriate mask for the function you are expecting (P.S. Forget everything you learnt about IPv4 address conservation). If you are using /127 masks then in theory every p2p link in your network is either a 0 (::) or a 1 (::1)

e.g.

traceroute HostB:

1     2001:1234:abcd:1::1

2     2001:1234:abcd:2::1

3     2001:1234:abcd:3::1

4     2001::4:10

The only exception to this is loopbacks, you can sequentially allocate /128s from the same /64 block

NOTE: /127 support is recent and may not be supported by some vendors, in this case use /126 masking (same as you would use /30s in IPv4)

If you have a /48 ( a normal enterise allocation) or larger then this should not be an issue ( you have access to 65536 x /64s) the only reason you would consider ULA for infrastructure numbering is because you have a small IPv6 pool. I would still argue you should get more IPv6 addresses than use ULA.

I hope this helps

Cheers

stmillet,

Thanks for your reply.

The Address Selection portion of what you wrote is exactly what I was looking for in terms of scope selection best practice.  It makes sense to me that ULA is sort of an "afterthought" and could create un-needed complexity.  (Is that an accurate understanding?).

The masking component makes sense as well... although I've been struggling with the /127 concept a bit.

One of my biggest reasons for wondering about all of this in the first place was about address hierarchy and summarization.

By that I mean, selecting one of your "last" networks in your assignment might work fine for making lots of /127s but it could have summarization implications.

Thanks for the feedback guys.  It definitely is the guidance I was looking for.