[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Choice of address for IPv6 default gateway
- Subject: Choice of address for IPv6 default gateway
- From: mohacsi at niif.hu (Mohacsi Janos)
- Date: Thu, 26 Jan 2012 09:18:21 +0100 (CET)
- In-reply-to: <[email protected]>
- References: <[email protected]>
On Wed, 25 Jan 2012, Daniel STICKNEY wrote:
> I'm having trouble finding authoritative sources on the best common
> practice (if there even is one) for the choice of address for an IPv6
> default gateway in a production server environment (not desktops). For
> example in IPv4 it is common to chose the first or last address in the
> subnet (.1 or .254 for example) as the VIP for VRRP/HSRP. I'm interested
> in input from production environments and or ARIN/RIPE/IANA/etc or top
> vendors.
>
> I've seen some documentation using <prefix>::1 with either a global
> prefix or link-local (fe80::1). Anyone use either of these in production
> and have negative or positive feedback? fe80::1 is seductive because it
> is short and the idea of having the same default gateway configured
> everywhere might be simple. At the same time using the same address all
> around the network seems to invite confusion or problems if two
> interfaces with the address ever ended up in the same broadcast domain.
Up to your taste. Most cases it is recommended to use link-local default
gateway. If you use the same address - even link local - your node should
complain about the duplicate address on the same link. You can rely on the
autoconfigured link-local address for default gateways (and use RA).
>
> What about using RAs to install the default route on the servers? The
> 'priority' option (high/medium/low) easy fits with an architecture using
> an active/standby router setup where the active router is configured
> with the 'high' priority and the standby 'medium'. With the timeout
> values tuned for relatively rapid (~3 seconds) failover this might be
> feasible. Anyone use this in production?
Yes we are using NUD (and using RA to install default gateway) to switch
from primary rotuer to secondary - due to no VRRP support on a particular
platform. But in case of RA usage you should also use RA-guard especially
if you don't have full control on servers connected to your switches.
>
> I note that VRRPv3 (and keepalived) and HSRP both support IPv6. Since we
> use VRRP for IPv4, using it for IPv6 would keep our architecture the
> same, which has merit too.
If you want consistent and more predictable behavoir use VRRP or maybe
HSRP if your vendor supports it.
Best Regards,
Janos Mohacsi