The Importance of Provider Independent IPv6 Addressing

It’s important for people to apply directly to their registry for IPv6 address allocation. You should not get an allocation from your Service Provider.

IPv6 Allocation

When enabling IPv6 addresses for your network, you will need to have a IPv6 allocation. Many people might take the easy route and rely on their service provider to provide addresses. However, an IPv6 allocation from your telco means you might be stuck with that telco because you can’t get the funding for a full migration.

Configuring Firewall Rules

If you have ever migrated a firewall cluster for a large company, you’ll know that you public IPv4 addresses become part of the rules that other companies use. That is, external service providers will identify your Internet addressing and then permit that through their firewall. Especially for web services.

And you never know about them until you migrate your external internet connection to a new provider.

IPv6 Addressing

At this point, there is no plan to offer NAT66, therefore the IPv6 addressing that you are allocated will be used inside your company. That is, servers, desktops, printers, fax machines etc etc etc.

Therefore, you need to own that IPv6 Address. It must belong to your company so that when (and it’s always a matter of when) you change Internet providers, you do not have to change the addressing on your internal network or your firewalls and external services (email, DNS, web proxies etc).

IPv6 Global Prefix

Theoretically, it should be easy to migrate from one provider to another by simply changing the global prefix of your network. The global prefix is the first 64 bits of a standard IPv6 address. If you have a bigger allocation, say a /56, or /48 then that will be your global prefix.

The original designs for IPv6 called for network equipment to easily support configuration changes to the global prefix. However, this isn’t happening. I haven’t seen much commitment from big vendors to make it simple to migrate from one IPv6 provider to another.

Service Providers want to lock you in

Service Providers have two benefits from owning your IPv6 addresses.

  • It makes it harder to move to another provider because your project would need resources to readdress a lot of equipment
  • it uses less routing table memory in their core networks and allows them to delay network infrastructure upgrades.

Therefore it’s a double whammy benefit to your telco to “suggest” to you that they allocate you an IPv6 address. And none for you.

Apply Today

I’ve worked at companies who owned their own /24, /20 or even /16 and never needed to change their public IP addressing in twenty years. That’s real money saved for every ISP migration, and every ISP dual homing strategy.

Therefore, every company should be applying to the ARIN, RIPE, APNIC for their own allocation. Do not accept an IPv6 prefix from your service provider and be ready to migrate from one telco to another. It’s vitally important to ensure the independence of your Internet provider from any one supplier for better pricing, better service and better availability.

Bring on the IPocalypse.

  • http://www.mostlynetworks.com Scott McDermott

    I agree 100%. Having had my /18 pulled out from under me by a an ISP merger, we started renumbering several years ago. We still aren’t done, though the pressure is finally being applied as our old space has started being allocated. We discovered this when a site went down and the simple monitoring system (just pings) didn’t detect the outage, but Solarwinds did. Turned out the IP of that site’s router is now a valid web site, so once the route disappeared from our network they happily responded to our ping…

    We usually change ISPs every 3 years due to our purchasing processes and contract rules. There’s no way we could renumber every 3 years! No one should allow themselves to be locked in or get stuck in a situation like we are in because they accepted IPs from their ISP instead of a direct allocation. Even if you have a small site, it’s not worth the hassle for you or your users.

  • http://blog.jeffreyforman.net Jeffrey Forman

    I think this is spot on. As a subscriber of Comcast Internet here in the US, I’ve been playing around with their 6RD deployment here over the past 5-6 months. My question is, for the lowly ‘one-off’ customer who wants this, how do you see this playing out?

    I imagine it being like calling up Ford motor company headquarters in Detroit and asking to purchase one car from the factory. They are used to dealing with large dealerships and distributors (in our case, service providers like Comcast, Verizon, etc). Will registrars be prepared to handle those technically-inclined consumers who wish to purchase their own IPv6 prefix?

    • http://etherealmind.com Greg Ferro

      Jeffrey

      I’m not sure they haven’t spoken to any of the registries to check out what their details are. But for most medium to large sized companies it shouldn’t be a huge challenge to get a private allocation, sure will cost a bit of money every year but you can offset that money against the cost of any migrations over time. Money very well spent in my opinion

      Greg

  • http://www.3fives.com ccie25655

    This post should have been tagged with “duh”…

    • http://etherealmind.com Greg Ferro

      Chris

      I’ve always wondered why you never write content such as blog posts. Since you seem to have an opinion on everything, and appear to be smarter than everyone else (as per your comment) , but you never actually say anything yourself.

      If you would like to submit some content, I’d be pleased to host on this website so we can all gain something from your knowledge and skills.

      greg

      • http://www.3fives.com ccie25655

        I didn’t say I was smarter than everyone else, I just meant this post was kind of stating the obvious.

        • http://etherealmind.com Greg Ferro

          Lot of people don’t know yet. They don’t have access to the training or resources to learn this type of stuff. I think its important that people know and that’s part of the reason that I blog. It’s helping people out.

          • http://www.3fives.com ccie25655

            I guess.. but provider independent ipv4 is just as important too, for the same reasons.

  • Paulie

    I want to do this!!! But I only have a handful of /48 networks from my provider(s) (4 providers spread over 10 sites), and ARIN will only give minimum assignments for those with /20 needs. I’m a non-profit, I can’t be spending tons on this, nor do I want to lock all my internet to a single provider/technology.

    https://www.arin.net/policy/nrpm.html#four32

    I have a scheme for using ULA internally, but I can’t connect externally then because of my multi-provider issue, even if I could get IPv6 from my providers (let alone do any BGP with them), so multi-homing without NAT66 is going to be a big problem for me.

    If site A wants internet fine, but if B wants it, they default route to site A, except when site A internet is down, then they fail to site C, but different ISP so different IPv6 prefix… Do I really have to have prefixes from every provider on all equipment needing internet access, then how am I to control egress, policy route/ip sla/eem kludges?

  • http://www.free.de Jan-Philipp Warmers

    Hello,
    I’m a member of an small ISP,

    if i remember right, the RIPE won’t allocate us an IPv6 Prefix.

    The RIPE told us that we need to be a LIR.
    and that mean that we need to pay 1300 euro’s per year and 2000 setup fee.

    at the moment we don’t know how to get a IPv6 PI

    PS: we already have a IPv4 PI.

  • Pingback: Internets of Interest:15 Apr 11

  • cc

    If everyone use provider independent address space, wouldn’t that tremendously increase the global routing table? It will definitely cost big problem I think.