It’s important for people to apply directly to their registry for IPv6 address allocation. You should not get an allocation from your Service Provider.
IPv6 Allocation
When enabling IPv6 addresses for your network, you will need to have a IPv6 allocation. Many people might take the easy route and rely on their service provider to provide addresses. However, an IPv6 allocation from your telco means you might be stuck with that telco because you can’t get the funding for a full migration.
Configuring Firewall Rules
If you have ever migrated a firewall cluster for a large company, you’ll know that you public IPv4 addresses become part of the rules that other companies use. That is, external service providers will identify your Internet addressing and then permit that through their firewall. Especially for web services.
And you never know about them until you migrate your external internet connection to a new provider.
IPv6 Addressing
At this point, there is no plan to offer NAT66, therefore the IPv6 addressing that you are allocated will be used inside your company. That is, servers, desktops, printers, fax machines etc etc etc.
Therefore, you need to own that IPv6 Address. It must belong to your company so that when (and it’s always a matter of when) you change Internet providers, you do not have to change the addressing on your internal network or your firewalls and external services (email, DNS, web proxies etc).
IPv6 Global Prefix
Theoretically, it should be easy to migrate from one provider to another by simply changing the global prefix of your network. The global prefix is the first 64 bits of a standard IPv6 address. If you have a bigger allocation, say a /56, or /48 then that will be your global prefix.
The original designs for IPv6 called for network equipment to easily support configuration changes to the global prefix. However, this isn’t happening. I haven’t seen much commitment from big vendors to make it simple to migrate from one IPv6 provider to another.
Service Providers want to lock you in
Service Providers have two benefits from owning your IPv6 addresses.
- It makes it harder to move to another provider because your project would need resources to readdress a lot of equipment
- it uses less routing table memory in their core networks and allows them to delay network infrastructure upgrades.
Therefore it’s a double whammy benefit to your telco to “suggest” to you that they allocate you an IPv6 address. And none for you.
Apply Today
I’ve worked at companies who owned their own /24, /20 or even /16 and never needed to change their public IP addressing in twenty years. That’s real money saved for every ISP migration, and every ISP dual homing strategy.
Therefore, every company should be applying to the ARIN, RIPE, APNIC for their own allocation. Do not accept an IPv6 prefix from your service provider and be ready to migrate from one telco to another. It’s vitally important to ensure the independence of your Internet provider from any one supplier for better pricing, better service and better availability.
Bring on the IPocalypse.
About Greg Ferro
I agree 100%. Having had my /18 pulled out from under me by a an ISP merger, we started renumbering several years ago. We still aren’t done, though the pressure is finally being applied as our old space has started being allocated. We discovered this when a site went down and the simple monitoring system (just pings) didn’t detect the outage, but Solarwinds did. Turned out the IP of that site’s router is now a valid web site, so once the route disappeared from our network they happily responded to our ping…
We usually change ISPs every 3 years due to our purchasing processes and contract rules. There’s no way we could renumber every 3 years! No one should allow themselves to be locked in or get stuck in a situation like we are in because they accepted IPs from their ISP instead of a direct allocation. Even if you have a small site, it’s not worth the hassle for you or your users.
I think this is spot on. As a subscriber of Comcast Internet here in the US, I’ve been playing around with their 6RD deployment here over the past 5-6 months. My question is, for the lowly ‘one-off’ customer who wants this, how do you see this playing out?
I imagine it being like calling up Ford motor company headquarters in Detroit and asking to purchase one car from the factory. They are used to dealing with large dealerships and distributors (in our case, service providers like Comcast, Verizon, etc). Will registrars be prepared to handle those technically-inclined consumers who wish to purchase their own IPv6 prefix?
Jeffrey
I’m not sure they haven’t spoken to any of the registries to check out what their details are. But for most medium to large sized companies it shouldn’t be a huge challenge to get a private allocation, sure will cost a bit of money every year but you can offset that money against the cost of any migrations over time. Money very well spent in my opinion
Greg
This post should have been tagged with “duh”…
Chris
I’ve always wondered why you never write content such as blog posts. Since you seem to have an opinion on everything, and appear to be smarter than everyone else (as per your comment) , but you never actually say anything yourself.
If you would like to submit some content, I’d be pleased to host on this website so we can all gain something from your knowledge and skills.
greg
I didn’t say I was smarter than everyone else, I just meant this post was kind of stating the obvious.
Lot of people don’t know yet. They don’t have access to the training or resources to learn this type of stuff. I think its important that people know and that’s part of the reason that I blog. It’s helping people out.
I guess.. but provider independent ipv4 is just as important too, for the same reasons.
I want to do this!!! But I only have a handful of /48 networks from my provider(s) (4 providers spread over 10 sites), and ARIN will only give minimum assignments for those with /20 needs. I’m a non-profit, I can’t be spending tons on this, nor do I want to lock all my internet to a single provider/technology.
https://www.arin.net/policy/nrpm.html#four32
I have a scheme for using ULA internally, but I can’t connect externally then because of my multi-provider issue, even if I could get IPv6 from my providers (let alone do any BGP with them), so multi-homing without NAT66 is going to be a big problem for me.
If site A wants internet fine, but if B wants it, they default route to site A, except when site A internet is down, then they fail to site C, but different ISP so different IPv6 prefix… Do I really have to have prefixes from every provider on all equipment needing internet access, then how am I to control egress, policy route/ip sla/eem kludges?
Hello,
I’m a member of an small ISP,
if i remember right, the RIPE won’t allocate us an IPv6 Prefix.
The RIPE told us that we need to be a LIR.
and that mean that we need to pay 1300 euro’s per year and 2000 setup fee.
at the moment we don’t know how to get a IPv6 PI
PS: we already have a IPv4 PI.
http://ripe.net/info/faq/rs/ipv6.html#2
found the info
If everyone use provider independent address space, wouldn’t that tremendously increase the global routing table? It will definitely cost big problem I think.