[j-nsp] Overlapping ipv6 address space?
Aaron Daubman
daubman at gmail.com
Tue Jul 10 13:33:18 EDT 2007
Jeroen,
Some further replies / questions:
> > I'm curious as to why the following did not throw an overlapping
> > address error when committed:
>
> Why should it? It is just a more specific route.
>
> According to what you say you would not be able to route a /48 to one
> direction and a piece of it to another interface...
>
> One tend to do things like:
> ::/0 $upstream
> 2001:db8::/32 $downstream
>
> Which is also 'overlapping', but why would it error or even warn about
> that? it is what what you want it to do isn't it?
RFC 4291, "IPv6 Addressing Architecture", states:
...
In this document, fields in addresses are given a specific name, for
example, "subnet". When this name is used with the term "ID" for
identifier after the name (e.g., "subnet ID"), it refers to the
contents of the named field. When it is used with the term "prefix"
(e.g., "subnet prefix"), it refers to all of the address from the
left up to and including this field.
...
Currently, IPv6 continues the IPv4 model in that a subnet prefix is
associated with one link. Multiple subnet prefixes may be assigned
to the same link.
So, for example, take the subnets 2001:db8:1::10/48 and
2001:db8:1::20/64. From the definition in the first paragraph above,
wouldn't the subnet prefix for both subnets be "2001:db8:1::", and
wouldn't that subsequently violate the statement in the second
paragraph that "a subnet prefix is associated with _one_ link"?
Also, overlapping routes and overlapping interface addresses are very
different (in my mind, at least...). In the case of overlapping
interface subnets, what happens when hosts are assigned addresses from
the more specific range but are connected to the less-specifically
subnetted interface? This would be a legal but non-working setup. In
the case of overlapping static routes, one is explicitly configuring
reachability, whereas in the overlapping interface subnet scenario,
one is creating ambiguity as to where a portion of the network
resides...
I'm trying to figure out when this would be a beneficial configuration
(and something that should not throw an error)?
Is this an artifact of allowing for overlapping addresses across
virtual routers?
Thanks again,
~Aaron
More information about the juniper-nsp
mailing list