[olug] Ipv6 help/pointers

Lou Duchez lou at paprikash.com
Wed Jul 24 21:27:54 UTC 2013


I've been turning IPv6 over and over in my head the past couple weeks, 
and perhaps this will help -- my compare/contrast between IPv4 and IPv6 
(as they might be implemented in a LAN / Router / WAN scenario):

---

IPv4:
addresses are 32 bit
addresses are either private or public
individual computers have private IPs
router has a private IP and a public IP, so it can communicate both with 
local computers and with the Internet
router performs Network Address Translation (NAT) to carry traffic from 
individual computers to the public Internet


IPv6:
addresses are 128 bit
all addresses are public, even on devices behind the router
the first 64 bits are specified by the ISP, and identify both the ISP 
and your Internet connection
the last 64 bits are specified for each device by the end user (probably 
via the router)
128-bit addresses can be thought of as containing both a public 
component (the first 64 bits) and a private component (the last 64 bits)
your ISP won't be providing an IP address so much as a 64-bit network space
router will not perform NAT -- 128-bit addresses contain enough 
information to be routable on both the private and public sides
router will still perform most of its usual functions -- gateway, 
firewall, etc -- it just won't need NAT to perform them

----

With those observations in mind (and a warning -- it could be that I'm 
mistaken on some of them), it sounds like you'll want to set up your 
router to not block any ports to some subnets, but to block ports to 
another subnets.  That is the defining difference between the DMZs and 
LANs you want to set up.


> OK, still confused, so if I was issueed, for example
> 20f1:0428:1D02:0101::/64 and the last 4 host bits need to stay the same,
> how do you subnet into two?
>
> can I do like 20f1:0428:1D02:0101:0001::/63
> and              20f1:0428:1D02:0101:FF01:/63
> ? For some reason IPv6 makes my brain hurt. I have also tried a few
> calculators, and get mixed results.
>
>
> On Wed, Jul 24, 2013 at 3:16 PM, Hurley, Rod <RHurley at tenaska.com> wrote:
>
>> http://www.youtube.com/watch?feature=player_detailpage&v=PiOvdgU5I6I
>>
>> Check this IPV6 subnetting video out.  Simple, but explains what you can
>> change and what you should not mess with.
>>
>> Rod
>>
>>
>> -----Original Message-----
>> From: olug-bounces at olug.org [mailto:olug-bounces at olug.org] On Behalf Of
>> Justin Reiners
>> Sent: Wednesday, July 24, 2013 3:06 PM
>> To: Omaha Linux User Group
>> Subject: [olug] Ipv6 help/pointers
>>
>> I am implementing ipv6 here at work, we were given a /64 from centurylink.
>> everywhere I read online they say not to subnet a /64 . I would like to
>> split it between DMZ and lan  networks. Anyone have any good references for
>> ipv6 subnetting? Can a /64 be split into like a million /63s?
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>> _______________________________________________
>> OLUG mailing list
>> OLUG at olug.org
>> https://lists.olug.org/mailman/listinfo/olug
>>
>
>




More information about the OLUG mailing list