You could try this:
If you give a /48 to each site, then assign the sites primary and backup firewalls. Aggregate the /48s into larger blocks by primary firewall. Aggregate the primary firewall bocks into larger backup firewall aggregates. Advertise the firewall-specific aggregates and the less specific backup-firewall set aggregates. Owen On Jul 16, 2012, at 7:04 PM, Lee wrote: > On 7/15/12, John Levine <jo...@iecc.com> wrote: >>> I feel like I should be able to do something really nice with an >>> absurdly large address space. But lack of imagination or whatever.. I >>> haven't come up with anything that really appeals to me. >> >> Use a fresh IP for every HTTP request, email message, and IM. Just think of >> how well you can do error management. > > hrmm... nope, can't think of a single thing. Then again, I'm on the > routing & switching team at work, so things like HTTP requests, email > messages, and IM are just different types of user traffic that needs > to be routed to me. > > Recall the message I was responding to: > >>>> There is a HUGE difference between IPv4 and IPv6 thinking. We've all >>>> been living in an austerity regime for so long that we've completely >>>> forgotten how to leave parsimony behind. Even those of us who worked >>>> at companies that were summarily handed a Class B when we mumbled >>>> something about "internal subnetting" have a really hard time >>>> remembering how to act when we suddenly don't have to answer for every >>>> single host address and can design a network to conserve other things >>>> (like our brain cells). > > I read it as design a network >>addressing scheme<< to conserve other > things & was hoping someone could share new ways of looking at it. I > feel like I'm stuck in "IPv4 think" with an addressing plan that's > basically > > Each site gets a /48. Even the ones with less than 200 people. > Each subnet is assigned a /64 except for loopbacks & p2p subnets. > First 256 subnets in each /48 are reserved for things like loopback > addresses, p2p links, switch management subnets, etc. > High order 4 bits of the site address are used for the subnet type. > So a /52 tells you the site and if it's users, printers, servers, IP > phones, or whatever. > > Which is *boring*. Nothing novel, no breaking out of "IPv4 think" > aside from massively wasting address space. Which brings me back > around to my original request for suggestions. What's the new way of > looking at designing a network addressing scheme? > > Regards, > Lee
