Just wanted to follow up on a post that submitted a few months back.
I ended up doing it, because I couldn't really see a reason not to. So I wanted to get something visible out there in case anybody else has a similar question in the future.
Now, I want to clarify a few things that people brought up in the last thread.
1) I did this to ease automation. Basically to create a unique host portion of the address. So, essentially the same idea as EUI-64. Why not just use EUI-64? Well, because I would have had to program the command to assign an EUI-64 address and segment prefix anyway, and putting the logic in there to create a unique static address with a bit of meaning encoded in it was just a tiny bit more work. And also the addresses are shorter, not that that matters much.
2) I didn't mess with subnet length or anything like that. The only portion of the address I used was the host portion. All subnets stayed /64s.
3) I didn't do this as some weird way of getting around using meaningful DNS. I still have the addresses in DNS and I rely on DNS for virtually everything.
4) I only did this for network devices. Hosts and servers still use SLAAC.
I ended up encoding the information into the last field of the host portion of the address instead of the first one like I had initially planned. What I got out of this is simply a way of automating IP assignment for network devices without having to make arbitrary decisions like which device takes the first address on a point-to-point segment. It also avoids the issue of having to keep track of incrementing numbers for things like access switches.
We use a naming scheme like [site_code][zone][device_type][number] for our network devices. Zone describes whether it's internal, external, transport, WAN-facing, etc. Device type is basically rtr, sw, or fw. So I picked a hex digit for each zone type and another hex digit for each device type and then kept the number as the final two digits of the last hextet. So a device like sfo3wrtr02 (WAN router #2 at a site called SFO3) would get an address like 2001:db8:3::2302. Another device, zrh1isw14 (internal switch #14 at a site called ZRH1), would get an address like 2001:db8:2a::1214. The zone mappings I used are pretty much arbitrary, but the device types are 2 and 3 for layer two and layer three devices, respectively. You could use whatever fits with your naming scheme though.
So anyway, it seems to work just fine, and I have the added (very marginal) benefit of knowing what sort of device it is in the (rare) situations where I only have an IP address to work with. It's also kind of nice that every interface of a single device has the same last hextet.
No comments:
Post a Comment