cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3457
Views
0
Helpful
2
Replies
Ashwin Kotha
Beginner

IPv6 LAN and WAN configuration

Our organization just received a /64 public IPv6 subnet allocated from ISP on dual stack (existing public ipv4 ) and below is the information (modified IPv6 address) they provided us.

Allocated IPv6 address Range: 2001:1111:2222:3333::2 - 2001:1111:2222:3333:FFFF:FFFF:FFFF:FFFF/64

ISP Default Gateway: 2001:1111:2222:3333::1

The problem is when I configure 2001:1111:2222:3333::2/64 on WAN facing interface I could ping the default gateway but this leaves me no option of using the rest of the IPv6 address in our LAN which needs to get to internet because subnet is already used on WAN. If I change and breakdown this into smaller subnets and configure 2001:1111:2222:3333::2/127 on the WAN interface I could still reach the gateway but the internal LAN subnets cant reach even after configuring a default route (::/0 next-hop 2001:1111:2222:3333::1) - I am ssuming because of wrong subnet on the WAN. Does this mean I cannot use the rest of /64 for my internal hosts ? What is the point of getting /64 from ISP ? Any experts please advice what I am missing here.

1 ACCEPTED SOLUTION

Accepted Solutions
Jose Quesada
Beginner

An /64 is the longest prefix recommended for LAN subnets. This is in order to allow automatic IP configuration of hosts and other features that can only work with /64 subnets. This is a design limitation of IPv6 that cannot be changed.

Now, if you want, you can break down the /64 into smaller subnets, but you will be forced to manually configure each and every host of your network, given that as noted before, an /64 is the longest prefix allowed for automatic IP configuration.

I suspect, that is the issue that you are having right now, that hosts are not able to automatically configure themselves with an IPv6 address, given that the RA's are not being sent due to the prefix is longer than /64.

You might want to talk to your ISP and ask them for an /60 prefix, that will allow you to break it down into a few additional /64 subnets. ISPs that provide an /64 are thinking of a home subnet that requires no further segmentation and for which a single LAN will suffice.

Thanks!

Jose.

View solution in original post

2 REPLIES 2
Jose Quesada
Beginner

An /64 is the longest prefix recommended for LAN subnets. This is in order to allow automatic IP configuration of hosts and other features that can only work with /64 subnets. This is a design limitation of IPv6 that cannot be changed.

Now, if you want, you can break down the /64 into smaller subnets, but you will be forced to manually configure each and every host of your network, given that as noted before, an /64 is the longest prefix allowed for automatic IP configuration.

I suspect, that is the issue that you are having right now, that hosts are not able to automatically configure themselves with an IPv6 address, given that the RA's are not being sent due to the prefix is longer than /64.

You might want to talk to your ISP and ask them for an /60 prefix, that will allow you to break it down into a few additional /64 subnets. ISPs that provide an /64 are thinking of a home subnet that requires no further segmentation and for which a single LAN will suffice.

Thanks!

Jose.

View solution in original post

Hi Jose,

Thanks for your time. I am still failing to understand why ISP has configured the /64 on the LAN given our request was for Dual-stack to work on the same interface. and you are absolutely right that RA's will not be sent because of the subnet used on WAN. I am trying to get hold of ISP to change the subnet > /64 (something like /96 would help us). Thanks for your inputs.