Preparing an IPv6 Addressing Plan Manual - RedIRIS
12.07.2015 Views
Share Embed Flag

Preparing an IPv6 Addressing Plan Manual - RedIRIS

Preparing an IPv6 Addressing Plan Manual - RedIRIS

Preparing an IPv6 Addressing Plan Manual - RedIRIS

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
  • No tags were found...
rediris.es

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

4.5Optional Secondary SubnetsThe remaining bits c<strong>an</strong> be used for numbering secondary subnetworks withinthe selected addressing pl<strong>an</strong>. If the primary subnets are location-based, multiplenetworks c<strong>an</strong> be addressed by location, whereas if the primary subnets are use typebased,multiple student networks or server networks c<strong>an</strong> be addressed, for example.The remaining bits c<strong>an</strong> also be used to combine subnets by location <strong>an</strong>d use type.If the subnet is location-based, as in example 1, <strong>an</strong>d we create a use type-basedsecondary subnet, as in example 2, the result is as follows:2001:db8:1234: L L L G G G G B B B B B B B B B ::/64In this addressing pl<strong>an</strong>, there is space for eight locations, each with 16 use types.Within each use type, there are yet <strong>an</strong>other 512 (2 9 due to 9 available bits)secondary subnetworks available.This combination of primary <strong>an</strong>d secondary subnets uses location-based primarysubnets. This will make it easier to optimise routing tables, but it will complicate thedesign of the security policy. This is because firewall policies c<strong>an</strong> only be applied onthe basis of the first numbers of <strong>an</strong> address, while in this example the location is atthe start of the address, not the use type.To facilitate the design process for the security policy, the combination c<strong>an</strong> bereversed by making the primary subnet use type-based, as in example 2, <strong>an</strong>d thesecondary subnets location-based, as in example 1. The result is then as follows:2001:db8:1234: G G G G L L L B B B B B B B B B ::/64In this example, the use type is at the start of the address, making it easier to applyfirewall policies per use type. Since the use type is typically more relev<strong>an</strong>t forsecurity policies th<strong>an</strong> the location, we recommend using this system.4.6ControlWe c<strong>an</strong> check whether the addressing pl<strong>an</strong> we have created meets our requirementsby counting the number of bits remaining after creation of the primary <strong>an</strong>dsecondary subnets. If, for example, after the creation of use type-based primarysubnets containing location-based secondary subnets we also require multiplestudent networks at each location, there will have to be enough bits left to createthese.In the example in section 4.5 there are 9 bits remaining, which results in 512 (2 9 )possible values per use type per location. This will usually be more th<strong>an</strong> enough.4.7LeewayIf the number of remaining bits is not quite sufficient, this c<strong>an</strong> be compensated for inthe assignment of the primary <strong>an</strong>d secondary subnets.13<strong>Preparing</strong> <strong>an</strong> <strong>IPv6</strong> <strong>Addressing</strong> Pl<strong>an</strong>

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!